Estimation of financial costs for building of information protection system

Authors

  • Борис Евгеньевич Журиленко National Aviation University

DOI:

https://doi.org/10.18372/2410-7840.20.13424

Keywords:

technical information protection complex, probability of protection breaking, risks of losses from invested funding in defense, risks of total financial losses, protection effectiveness, single-level protection, multi-level protection

Abstract

In this paper, an attempt has been made to develop a methodology for estimating the financial costs of building a complex of technical information protection (CTIP) using known parameters. Such parameters can be: the likelihood of hacking protection, depending on the amount of funding invested in protection and possible financial losses without protection; risks of losses from invested funding in defense; risks of total financial losses and the effectiveness of the constructed protection. All CTEI assessments were conducted for the maximum values of the likelihood of hacking and the maximum risk of loss. In this paper, specific expressions are obtained for assessing the effectiveness of information protection, optimizing the risks of financial losses in the design, certification and evaluation of the working condition depending on financial investments in information protection and the risks of their losses. A theoretical definition of the effectiveness of protection through the risks of invested funding in defense and the risks of total financial losses are proposed. Coefficient the effectiveness of the protection of a single or single-tier protection will vary from zero (in the absence of funding for protection) to unity (with infinite funding for the construction of protection). The obtained expressions at the design stage will allow you to compare with each other and evaluate the chosen KTPDI before the process of its implementation. Experimental research data on the differences between the practical and theoretical parameters of the effectiveness of protection will allow to investigate and select the most optimal and effective protection. Expressions are given that make it possible to determine the actual effectiveness of security based on the experimental probability of hacking. Theoretically confirmed higher reliability of multi-level protection compared with single-level. It is shown that with the same financial costs for single-level and multi-level protection, the likelihood of hacking protection and risks financial loss of multi-level protection is much lower. Consequently, with the help of a multi-level protection system, you can create the required level of protection with lower financial costs. Thus, this work can be useful for assessing the effectiveness of information protection, optimizing the risks of financial losses in the design, certification and assessment of the working condition.

Author Biography

Борис Евгеньевич Журиленко, National Aviation University

Candidate of Physical and Mathematical Sciences, assistant professor of automation and energy management of the National Aviation University

References

Б. Журиленко, Н. Николаева, Н. Пелих, "Оптимальные финансовые затраты и основные критерии построения или модернизации комплекса технической защиты информации", Правове, нормативне та метрологічне забезпечення системи захисту інформації в Україні, Київ, КПІ НДЦ «Тезіс», Випуск 1 (22), С. 33-43, 2011.

В. Колемаев, Математическая экономика: учебник для вузов Колемаев В.А. М.: ЮНИТИ-ДАНА, 2002. 399 с.

А. Шапкин, Экономические и финансовые риски. Оценка, управление, портфель инвестиций, М.: Издательско-торговая корпорация «Данков и Ко», 2003. 544 с.

В. Кравченко, Є. Левченко, "Використання теорії нечітких множин для визначення втрат на захист інформації", Захист інформації, №1, С. 85-90, 2011.

В. Домарев, Безопасность информационных технологий. Системный подход, К.:ООО «ТИД «ДС», 2004. 992 с.

І. Сахарцева, О. Шляга, Ризики економічної діагностики підприємства, МОН. К.: Кондор, 2008, 380 с.

Андре Анго Математика для электро- и радиоинженеров, М.: Из-во «Наука», 1964, 772 с.

Downloads

Published

2018-12-21

How to Cite

Журиленко, Б. Е. (2018). Estimation of financial costs for building of information protection system. Ukrainian Information Security Research Journal, 20(4), 240–246. https://doi.org/10.18372/2410-7840.20.13424

Issue

Vol. 20 No. 4 (2018)

Section

Articles

License

The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal