Open AccessEvent-based Security Policy and Formal Model of Critical Information Infrastructures Protecting Mechanism
Author(s) -
S. D. Erokhin,
Andrey Petukhov,
Pavel Pilyugin
Publication year - 2019
Publication title -
trudy učebnyh zavedenij svâzi
Language(s) - English
Resource type - Journals
eISSN - 2712-8830
pISSN - 1813-324X
DOI - 10.31854/1813-324x-2019-5-4-99-105
Subject(s) - computer security , computer science , security information and event management , information security management , information security , critical infrastructure protection , computer security model , security policy , order (exchange) , security service , cloud computing security , critical infrastructure , business , cloud computing , finance , operating system
The article considers the possibilities of security management of critical information infrastructures. Approaches to the construction of policies not focused on a fixed list of threats are proposed. It substantiates the possibility of building a security policy based on security events monitoring. A formal description of security events and formal model of protection mechanisms based on monitoring security events is proposed. The features of this approach for the protection of critical information infrastructures in order to improve the quality of protection are considered.