articles
|
№ 3(87)
06 june 2020 year
Rubric: Data protection Authors: Zarubin A., Denisov D., Haritonov S., Smirnov M. |
The rapid development of information technologies, the introduction of new cloud services, and the transfer of employees to remote work necessitate the adequate development of data leak Prevention (DLP) systems. The purpose of this article is to determine factors that affect this process and identify main trends in the development of DLP systems in the Russian Federation. To do this, we analyze statistics on information leaks, explore the prospects for implementing new features of DLP systems based on modern information technologies (BigData, IOT, artificial intelligence and machine learning), and consider ways and means of integrating DLP within complex information security systems (SSI) in accordance with the requirements of the main regulatory and methodological documents of the Russian Federation in the fi of information security. To solve these problems, methods of analysis, synthesis, system analysis, formalization, comparison and analogy are used. Import substitution, digitalization of the economy, ensuring the security of critical information infrastructure, as well as the need to control automated systems, communications and users in distributed work in the context of a pandemic that has caused requirements to restrict personal contacts are considered as the main drivers of development for both information security and information technologies. As a result of the analysis, the most priority areas for the development of automated systems for monitoring information flows were identified: analytics, data visualization, system integration, behavioral analysis of threats to information security. Continue... |
|---|---|
| Implementation of the infrastructure of modern organizations based on information technology plays an important role in the formation and development of complex management structures. The various tasks that organizations face require continuous and constant growth of quantitative indicators of the eff eness of these organizations as part of the daily tasks of forming and modernizing new activity models. The signifi of this leads to the need to analyze further possible ways to develop the information infrastructure, which is reduced to separate, allocated computer nodes. Information circuits of modern organizations include a large number of computer nodes. These computer nodes are vulnerable to unauthorized attacks. Such attacks lead to deterioration of their basic nodal characteristics. Deterioration aff the economic performance of organizations. The aim of the work is to develop an analytical model of a computer node and to formulate an optimization problem based on it to adjust the node parameters. An approach based on analytical modeling is considered. The approach allows you to adjust the parameters of the computer node. This adjustment can compensate for incoming unauthorized intrusions. The approach is based on the use of queuing systems. A multichannel queuing system with buff is considered. On the basis of its analytical model the optimization problem is constructed. The solution of the optimization problem with the use of known methods allows to obtain the required parameters of the computer node. Their installation is a necessary adjustment to compensate for incoming unauthorized intrusions. The resulting approach allows to control the computer node when changing the input fl w of applications. The performance value determined by the formulas obtained in the article is the optimal performance value of the computer node. This value can be set by the node management tools on it, depending on the intensity values obtained from the node monitoring subsystems. Continue... | |
|
№ 3(87)
06 june 2020 year
Rubric: Models and Methods Authors: Gavrilova T., D., Kubelskiy M., Kudryavtsev |
Modern organizations are forced to operate in a dynamically changing external environment with a high degree of uncertainty, which causes diffi in developing an enterprise strategy. Since most of supporting methods for strategy formulation, created as part of strategic management, have a rigid prescribed structure, they cannot be adapted to make strategic decisions in an environment where the amount of information and relationships that must be considered for effective management has increased many times compared with time when these methods were created. The main purpose of this study is to expand the supporting toolkit for strategy formulation through models and methods generated in such disciplines as knowledge engineering, artificial intelligence, operations research and enterprise modeling. The article considers the process of strategy formulation from the point of view of strategic problem solving and strategic decision-making, which can be considered as working with knowledge - capturing, structuring, transmitting and using them. In the course of the study, an integrative literature review was used, which made it possible to identify a number of models and methods potentially applicable for strategy formulation, and a new formal-logical classification of models and methods depending on the degree of their formalization was developed. The proposed classification allows to identify three main groups of models and methods: informal, semiformal and formal, and it can serve as a conceptual basis for building a methodology for choosing tools for supporting the enterprise strategy formulation and the development of information systems. Continue... |
| He smart-contract is the main document on the basis of which the functions of the blockchain management system are performed. Ensuring the security of business processes initiated by smart-contracts determines the success of the system and eff e business management, therefore, the research topic is relevant. Working in this area requires high competence in the fi of modern information technologies. They must have a good understanding of the specifi s of working with smart contracts, know modern blockchain systems, navigate security issues, and be able to apply their knowledge in practice. Therefore, the research topic is quite relevant. The purpose of this article is to provide an overview of secure technologies for applying smart contracts, as well as the process of developing smart contracts. The authors were tasked with investigating all vulnerabilities associated with the use of smart-contracts and develop recommendations for developing students‘ competencies in the field of smart contract development. As a result of the study, measures for the safe use of smart contracts in Blockchain management systems were identified, and a laboratory workshop on modeling the process of developing smart contracts was developed. This laboratory workshop is aimed at developing students‘ professional skills in the field of blockchain and smart contracts, which are in demand in today’s digital society. It can be used for conducting laboratory classes in the disciplines of Information systems and technologies, Applied Informatics and Business Informatics. This approach can be used by developers of distributed registry systems to effectively launch and implement projects. Continue... | |
|
№ 4(88)
01 september 2020 year
Rubric: Performance management Authors: Bulygina O. V., Emelyanov A., Yashin Y. |
In the past five years, the problems of import substitution began to arise in the industrial sectors of various countries: in Russia, China, Belarus and others. The main reasons are political decisions at the state level in importing countries, which are expressed in the form of sanctions, as well as unfair competition from manufacturing companies, supported at the state level in these countries. Therefore, in consumer countries, technical and trade-economic measures are being developed to ensure their economic security. Appropriate research and development in these countries has become very relevant. The article discusses the solution to the project risk management risk in import substitution case of purchased products using modern methods of system analysis and operations research. In projects, as a rule, two main types of import substitution are considered: improved and radical. Dozens of import substitution options are being studied, which are grouped into three types: A – replacement of imports by imports from another country that does not support sanctions; B – development of our own product that completely replaces the imported one, and the release of this product at the country’s enterprises; C – development of a new system, which includes this product, if a 100-percent analogue cannot be purchased in a third country or produced domestically. Option A may be the simplest, and option C may become complex or the most difficult and expensive from viewpoint of material and time resources. The authors propose new solutions to the problem of choosing options for import substitution, based on establishing “fair” priorities for the options being implemented using hybrid models and a special information management system. Continue... |
| The task of creating a software system designed to control devices Internet of Things (IoT) cyberphysical systems (CPS) of smart buildings, industries or urban environment is considered. An architectural approach to software design based on using typical solutions – structural and behavioral patterns - is proposed. Adaptation of templates to the subject area of CPS leads to the emergence of new methods of rapid creation of software services, including open source, with high stability, interoperability and modifiability. The software developed with the use of patterns can be used as a prototype of control system of «smart» offi - room with integrated subsystems: climate control, fi safety and leak control, lighting control, multimedia control, access control, interaction with clients, automation of rental processes, etc. The implementation of interaction between the server and the IoT controller through non-standard formats determines the application of the «Interpreter» pattern. Data transfer between components with packet caching and access control is proposed to be implemented using the «Proxy» pattern, and «Observer» is proposed to be used as a stable means of scripting management. Interpretation of design templates of system architectures for IoT devices management in CPS buildings suggested in the study allows to create new or modify existing software services quickly. Thus, for example, the proposed architecture can be used to create modules for data collection and transmission, as well as equipment management by scenario in a large number of users and personalized configurations. The research is carried out within the framework of the priority science development direction of the Perm branch of the National Research University Higher School of Economics «Research of control methods in cyber-physical systems». Continue... |
