Object-oriented model of a formal description of an information and communication system
DOI:
https://doi.org/10.30837/rt.2022.2.209.11Keywords:
information and communication system, formal description technique, UML, communication networksAbstract
The purpose of the article is to study algorithms for the formal description of information and communication systems. The article discusses the main provisions on the formal representation of objects of information and communication systems. It is noted that the main environments of the information and communication system that are subject to a formal description are: physical environment, computing system environment, user environment, information environment. These components of the information and communication system are considered in detail, analyzed and documented in an informal form (in the form of text). There is a need for a mechanism for a unified description of a system that includes all environments. Such a description will be unambiguously formalized with well-defined mathematical concepts. The mechanism of a single formal description or the technique of a formal description will be unambiguous in understanding and serve as a control description when developing an information security policy in an information and communication system. An algorithm for the formal description of the information and communication system is proposed. In this algorithm, it is proposed to focus on the types and interaction of objects with each other. In such a scheme, attention is focused on such concepts as the object, the characteristics of the object, and the type of interaction with the object. Further consideration of the created block diagrams (graphs) is proposed to explore the possibilities of using this model to simulate cyber-attacks. Since each element contains fields that connect it to other elements, and each attack has an "entry point" using graph theory, it is possible to traverse the graph to determine the possible horizontal propagation paths of a cyber-attack.
References
НД ТЗІ 2.5-004.99. Критерії оцінки захищеності інформації в комп’ютерних системах від несанкціонованого доступу.
Закон України «Про захист інформації в інформаційно-комунікаційних системах».
НД ТЗІ 2.7-010-09. Методичні вказівки з оцінювання рівня гарантій коректності реалізації функціональних послуг безпеки в засобах захисту інформації від несанкціонованого доступу.
Гвоздьов Р.Ю., Олійников Р.В. Метод та методика формального проєктування комплексної системи захисту інформації в інформаційно-телекомунікаційних системах // Радіотехніка. 2020. Вип. 203. С. 91-96.
Поддубний В.О., Сєвєрінов О., Пустомельник О. Менеджмент вразливостей як складова частина політики безпеки ІТС. Системи управління, навігації та зв’язку. Збірник наукових праць. Полтава : ПНТУ, 2020. Т. 4 (62). С. 55-58.
Poddubnyi V., Severinov O. Vulnerability management using a formalized description // Радіотехніка. 2020. Вип. 203. С. 121–125.
Downloads
Published
How to Cite
Issue
Section
License
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
