Формализация модели информационной безопасности предприятия в виде многокритериальной задачи линейного программирования
Работая с нашим сайтом, вы даете свое согласие на использование файлов cookie. Это необходимо для нормального функционирования сайта, показа целевой рекламы и анализа трафика. Статистика использования сайта отправляется в «Яндекс» и «Google»
Научный журнал Моделирование, оптимизация и информационные технологииThe scientific journal Modeling, Optimization and Information Technology
Online media
issn 2310-6018

Formalization of the enterprise information security model in the multicriteria linear programming problem form

idBazilevskiy M.P., Nasedkin P.N. 

UDC 519.852.3
DOI: 10.26102/2310-6018/2023.42.3.021

  • Abstract
  • List of references
  • About authors

Previously, the authors proposed a methodology for assessing the functional efficiency of the software and technical solutions (STS) subsystem of an information security complex system (ISCS) of an enterprise. Using it makes it possible to evaluate not only the overall efficiency of the ISCS STS subsystem, but also the efficiency of its components, such as subsystems and their functions. In this article, based on the proposed methodology, an optimization model of enterprise information security is formulated in the form of a multicriteria linear programming problem. Its target functions are the efficiency estimations of all possible components of the ISCS STS subsystem. The variables are the expected estimates of the auditors after modernizing the ISCS and the costs that provide the corresponding estimates. The solution to this problem gives an answer to the question of how to distribute the available amount of funds in such a way as to maximize not only the efficiency of the ISCS STS subsystem, but also the efficiency of all its components. The proposed multi-criteria problem is reduced to a single-criteria problem, in which, instead of maximizing all efficiency criteria, the minimum of them is maximized. A problem is also proposed, the solution to which gives an answer to the question of what minimum costs are necessary to ensure a given level of efficiency of the ISCS STS subsystem and all its components.

1. Nasedkin P.N., Bazilevskii M.P. Methodology for assessing the level of security of software and hardware solutions of an integrated system for protecting information of an enterprise. Sovremennaya nauka: aktual'nye problemy teorii i praktiki. Seriya: Estestvennye i tekhnicheskie nauki = Modern Science: actual problems of theory & practice. Natural and technical sciences. 2023;3:87–93. DOI: 10.37882/2223–2966.2023.03.27. (In Russ.).

2. Kuznetsov A.V., Sakovich V.A., Kholod N.I. Higher Mathematics: Mathematical Programming. Minsk, Vysheishaya shkola; 1994. 286 p. (In Russ.).

3. Ivanchenko P.Yu., Katsuro D.A., Medvedev A.V., Trusov A.N. Mathematical modeling information and economic security of small and medium business. Fundamental'nye issledovaniya = Fundamental research. 2013;10-13:2860–2863. (In Russ.).

4. Medvedev A.V. Optimization mathematical information security model. Sbornik izbrannykh statei Vserossiiskoi (natsional'noi) nauchno-prakticheskoi konferentsii «Nauchnye issledovaniya v sovremennom mire. Teoriya i praktika», July 10-13 2021, Saint Petersburg. Saint Petersburg, GNII Natsrazvitie; 2021. p. 66–68. (In Russ.).

5. Zikratov I.A., Odegov S.V., Smirnykh A.V. Information security risks optimization in cloudy services on the basis of linear programming. Nauchno-tekhnicheskii vestnik informatsionnykh tekhnologii, mekhaniki i optiki = Scientific and technical journal of information technologies, mechanics and optics. 2013;83(1):141–144. (In Russ.).

6. Klimenko I.S., Kukharova T.V. The solution of the problem information security management by dynamic programming. Sbornik statei XVI Mezhdunarodnoi zaochnoi estestvennonauchnoi konferentsii «TEKhNOKONGRESS», October 30 2017, Kemerovo. Kemerovo, Kemerovo Puplishing House; 2017. p. 26–29. (In Russ.).

7. Sizov V.A., Drozhkin A.A. Modeling economy of information security of business entity based on simplex-method. Vestnik Rossiiskogo ekonomicheskogo universiteta im. G.V. Plekhanova = Vestnik of the Plekhanov Russian University of Economics. 2021;18(1):173–178. (In Russ.).

8. Klyaus T.K., Gatchin Yu.A. Mathematical model for information security system effectiveness evaluation against advanced persistent threat attacks. Sbornik statei XXIII mezhdunarodnoi nauchnoi konferentsii “Volnovaya elektronika i infokommunikatsionnye sistemy”, June 01–05 2020, Saint Petersburg. Saint Petersburg, Saint Petersburg State University of Aerospace Instrumentation; 2020. p. 250–260. (In Russ.).

9. Kasatkin P.A., Kirenberg A.G., Medvedev A.V., Prokopenko E.V. A mathematical model of organization’s information and economic security. Ekonomika i upravlenie = Economics and Innovation management. 2023;24(1):85–92. DOI: 10.26730/2587-5574-2023-1-85-92. (In Russ.).

10. Noskov S.I. Technologies for modeling objects with unstable operation and data veracity. Irkutsk, RITs GP Oblinformpechat'; 1996. 320 p. (In Russ.).

Bazilevskiy Mikhail Pavlovich
Candidate of Technical Sciences, Associate Professor
Email: mik2178@yandex.ru

ORCID |

Irkutsk State Transport University

Irkutsk, the Russian Federation

Nasedkin Pavel Nikolaevich

Email: nasedkin_pn@irgups.ru

Irkutsk State Transport University

Irkutsk, the Russian Federation

Keywords: information security, assessment of the information security efficiency, object of influence, optimization model, linear programming

For citation: Bazilevskiy M.P., Nasedkin P.N. Formalization of the enterprise information security model in the multicriteria linear programming problem form. Modeling, Optimization and Information Technology. 2023;11(3). URL: https://moitvivt.ru/ru/journal/pdf?id=1431 DOI: 10.26102/2310-6018/2023.42.3.021 (In Russ).

249

Full text in PDF

Received 25.07.2023

Revised 28.08.2023

Accepted 15.09.2023

Published 30.09.2023