Basic q-analysis of MCQA for Information Security System



Abstract Views
210

Downloads
221

Citations

Share

##plugins.themes.bootstrap3.article.sidebar##

Submitted Sep 20, 2019
Published Oct 6, 2019
10.24018/ejece.2019.3.5.131

Abstract viewed = 210 times

Table of Contents

##plugins.themes.bootstrap3.article.main##

Article explores application methods for systems structural analysis to use in study of security in information systems, which is based on variants of general attack scenarios, features of cybersecurity culture, q-analysis, which is part of MCQA . General security system analysis usually is based on different factors, which include  technical means, human-related mistakes in different ways and respond to security incidents. Q-analysis presents the basic principles of constructing model of information security systems elements connectivity on the example of two sets: set of threats and sets of security measures for information security and calculated numerical values. Elements of the two sets of are interconnected and form the basis of a system for ensuring their security. These calculations can be used to further determine overall formal assessment of security of the organization.

Keywords: Q-analysis; information attack scenarios; information security culture; information threats; MCQA

Downloads

Download data is not yet available.

References

  1. ??????? ?.?. ???? ???????? i??????i???i? ?? ?????????? ?????i? ??????? i???????i???? ??-??????i? , ?????? i???????i?., ?1 (50), 2011, c.42?47.
     Google Scholar
  2. Dhillon G. Managing information system security/ Dhillon G., London: Macmillan, 1997, pp 137-172.
     Google Scholar
  3. Helokunnas T. Information security culture in a value net. In: Engineering Management Conference, IEMC?03 on Managing Technologically Driven Organizations: The Human Side of Innovation and Change, New York: IEEE Press, 2003, pp. 190?194.
     Google Scholar
  4. Mitnick K.D. The art of deception: controlling the human element of security, Wiley Publishing, 2002, p. 3.
     Google Scholar
  5. Potiy A. V. The prerequisites of information security culture development and an approach to complex evaluation of its level, ??????????????? ? ??????????? ???????, ? 5, 2012, p. 72?77.
     Google Scholar
  6. Siponen M.T. Five dimensions of information security awareness, Computers and Society, 2001, pp 24 -29
     Google Scholar
  7. Van Niekerk J.F. Information security culture: A management perspective, Computers & Security, 2010, p.478.
     Google Scholar
  8. 2014 Data Breach Investigation Report, Verizon Enterprise Solutions, 2013
     Google Scholar
  9. 2015 Data Breach Investigation Report, Verizon Enterprise Solutions, 2014
     Google Scholar
  10. 2016 Data Breach Investigation Report, Verizon Enterprise Solutions, 2015
     Google Scholar
  11. 2017 Data Breach Investigation Report, Verizon Enterprise Solutions, 2016
     Google Scholar
  12. L. Duckstein, S.A, Nobe / European Journal of Operational Research, 103 (1997) , 411-425
     Google Scholar
  13. ????? ?.?. ?????????????? ????????????; ?????????????? ? ???????????????? ?????? ?????? ??????????. ????. ??????? ??? ?????.-?: ??????? ?????-???????, 2004, 280?.
     Google Scholar
  14. ???????? ?.?. ??????? ?? ?????????????-????????????? ??????. ??????????: ????, ??????, ??????. ?.: ???. ????, 2001.
     Google Scholar
  15. ????? ?.?. ??????????? ?????????? ????????????. ?.: "?????? ???", 2002.
     Google Scholar
  16. ?????????? ?.?. ? ??. ?????????????? ???????????? ???????????. ?.: "?????? ? ?", 2004.
     Google Scholar
  17. ???????? ?.?., ??????? ?.?. ?????? ?.?. ????????????? ? ?????? ??????. IDEF-??????????: ?????????, 2006.
     Google Scholar
  18. Cyber Security Culture in organisations, ENISA, 2017
     Google Scholar