MATHEMATICAL MODEL OF ASSESSMENT OF RISK UNAUTHORIZED ACCESS TO INFORMATION BY USERS OF INFORMATION AND TELECOMMUNICATION SYSTEM

The article is devoted to the solution of the actual scientific and practical task – to develop a mathematical model for assessing the risk of unauthorized access to information by users of the information and telecommunication system. Interpretations of such concepts are given: unauthorized access to information, risk and risk assessment used in the course of internal threat research. The characteristics of the user of the information and telecommunication system that affect the value of the probability of unauthorized access to information are determined. It is shown that taking into account the theoretical and practical knowledge of the user of the information and telecommunication system about the characteristics of the physical environment, the computing system, the processed information, which he can use to deliberately violate the rules of demarcation in order to gain unauthorized access to information, will provide a more accurate assessment of this risk. A verification of the adequacy of the developed mathematical model of risk assessment of unauthorized access to information by users of information and telecommunication system with the help of special software is carried out. It is established that the users who have the most experience and experience with information and telecommunication systems (not only in the institution under consideration), the highest level of access to information with restricted access of the institution (organization), occupy responsible positions and are undisciplined are the most likely internal threat of unauthorized access to information. It is the use of a mathematical model for assessing the risk of unauthorized access to information by users of the information and telecommunication system that will improve the comprehensive information protection system of the corresponding information and telecommunication system.