CURRENT PROBLEMS OF THE CYBERNETIC SPACE SECURITY
Abstract
The article deals with the problems of information security in modern cyberspace. The problems arising from the use of an open Internet environment by hackers are analyzed, taking into account the introduction of such modern intelligent technologies as “embedded systems”, “smart cities”, “big data”, expert systems and decision-making support systems, as well as intelligent infrastructure management systems. The evolution of the international regulatory framework defining information security principles is considered. Prerequisites for the emergence and implementation of information concepts such as cyberspace and cybersecurity, as well as related concepts, have been analyzed and described in terms of information security. An analysis of the structure of the ISO / IEC 27032: 2012 standard is given, in which the formal definition of the new terminology is presented and the main subjects of information relations responsible for security are identified. Based on the analysis, it was shown that the reasons for the complexity of creating modern information protection systems are the increasing complexity of software and hardware of modern telecommunications systems and a significant expansion of the range of information services provided to users in the Internet environment. It is noted that the emergence of intelligent automation technology requires finding a new set of protection functions and means to ensure its security. The problems in the existing national regulatory framework governing the issues of information security are identified, and the conclusion is drawn on the need to improve it. It justifies the need to search for a new, more advanced protection model and methodology for assessing threats and information security, as well as tools for building protection systems that are adequate to modern threats.
Downloads
| Abstract views: 301 | PDF Downloads: 61 |
References
Diagnosis and Fault Tolerant Control / M. Blanke, M. Kinnaert, J. Lunze, M. Staroswiecki. – Berlin: Springer-Verlag, 2003.
Trusted Computer System Evaluation Criteria. US Department of Defense 5200.28-STD, 1993.
Federal Criteria for Information Technology Security. National Institute of Standards and Technology & National Security Agency. Version 1,0 December 1992.
Information Technology Security Evaluation Criteria. Harmonized Criteria of France-Germany-Netherlands-United Kingdom. – Department of Trade and Industry, London, 1991.
Canadian Trusted Computer Product Eval-uation Criteria, Version 3.0, Canadian System Security Centre, Communications Security Establishment, Government of Canada, January 1993.
DSTU ISO/IEC 15408-1:2017 Informatsiini tekhnolohii. Metody zakhystu. Kryterii otsinky. Chastyna 1. Vstup ta zahalna model [Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 1: Introduction and general model] (ISO/IEC 15408-1:2009, IDT).
ISO/IEC 27032:2012 Information technology – Security techniques ‒ Guidelines for Cybersecurity. – 2012-07.
Edward A. Lee. Past, Present and Future of Cyber-Physical Systems: A Focus on Models. 2015 Feb 26. [Electronic resource] / Portal: https://www.ncbi.nlm.nih.gov/ – Access mode www/ URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4435108/
Rodger Lea. Smart Cities: An Overview of the Technology Trends Driving Smart Cities. March 2017. – 16 С. [Electronic resource] / Portal : https://www.ieee.org/ – Access mode www/ URL: https://www.ieee.org/content/dam/ieee-org/ieee-web/pdf/ieee-smart-cities-trend-paper-2017.pdf
DSTU ISO/IEC 18045:2015 Informatsiini tekhnolohii. Metody zakhystu. Metodolohiia otsiniuvannia bezpeky IT [Information technology − Security techniques − Methodology for IT security evaluation] (ISO/IEC 18045:2008, IDT).
Zakon Ukrainy Pro osnovni zasady zabezpechennia kiberbezpeky Ukrainy : Vidomosti Verkhovnoi Rady (VVR) [On the basic principles of ensuring cybersecurity Ukraine], 2017, № 45, ст.403 [Electronic resource] / Portal: rada.gov.ua. – Access mode www/ URL: http://zakon.rada.gov.ua/laws/show/2163-19, 8.07.2018.
A Cyber Year In Review. Dec, 2018. [Electronic resource] / Portal: https:// www.nccgroup.trust/ ‒ Access mode www/ URL: https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2018/december/a-cyber-year-in-review/?style=Cyber+Security
