Adaptive Information Security Management Models in the Process of Developing a State Information System

Authors: Avsentiev O. S., Tomilova E. A.

Annotation: The article considers problematic issues of developing adaptive control models for information security in a state information system during the creation of its security system. These models aim to take into account changes in the representation formats of protected information, the dynamic conditions of its processing, and factors posing a threat of leakage through technical chan-nels. Descriptive models of the investigated processes have been developed. Feasibility of considering these changes and conditions is substantiated through an adaptive information security management system established on a centralized princi-ple, providing two-level control by reinforcing security measures in accordance with changes in the composition of the protected object, internal and external factors characterizing the dynamics of the system's operation, and approaches to address-ing problematic issues in assessing its effectiveness. To calcu-late performance evaluation metrics for information security management during the stages of creating a secure information system, considering the time factor and various logical control conditions, the application of composite Petri-Markov nets is proposed. Control cycle flowcharts for two levels has been developed, which are considered as the basis for constructing composite Petri-Markov net graphs.

Keywords: effectiveness of information security management, conditions and factors, information leakage threat, adaptive information security man-agement system, secure information system