# Американский Научный Журнал METHOD OF THE STUDY OF PRIVACY PROTECTION IN INFORMATION SYSTEMS

Abstract. The article presents an analysis of the problem of investigating the security of confidential
information, formulates a goal, principles, and provides a multi-level research scheme, the content of work at each
level (problem, concept, system, and detail). The description of single-level and multilevel models for analysis
and synthesis of confidential information protection subsystem. The article describes the conditions for selecting
an effective concept for building a subsystem for information confidentiality protection based on sufficient result
and minimizing costs principles. Practical considerations for the application of the method of justification of
requirements to the subsystem of protection of confidentiality, conclusions, and directions for further research. Скачать в формате PDF

American Scientific Journal № ( 32) / 2019 47

ФИЗИКО -МАТЕМАТИЧЕСКИ Е

METHOD OF THE STUDY OF PRIVACY PROTECTIO N IN INFORMATION SYS TEMS

Voevodin V.A.

Candid ate of technical Sciences, associate Professor,

National Research University of Electronic Technology Z elenograd , Moscow, Russia

Abstract . The article presents an analysis of the problem o f investigating the security of confidential

information, formulates a goal, principles, and provides a multi -level research scheme, the content of work at each

level (problem, concept, system, and detail). The description of single -level and mult ilevel mo dels for analysis

and synthesis of confidential information protection subsystem. The article describes the conditions for selecting

an effective concept for building a subsystem for information confidentiality protection based on sufficient resul t

and min imizing costs principles. Practical considerations for the application of the method of justification of

requirements to the subsystem of protection of confidentiality, conclusions, and directions for further research.

Keywords : security system , confiden tiality, system of information protection, privacy protection subsystem.

Introduction

The need for research on the protection of

information confidentiality (IC)) occurs at all stages of

the information system life cycle (IS).

The urgency of the p roblem is determined

primarily by the fact that the effectiveness of decisions

depends largely on the completeness and reliability of

the data obtained at the IC study stage.

The requirement to ensure the reliability and

completeness of the data, when perf orming th e IC

study, is one of the key points to effectively build the

information protection subsystem (SPP) and

information protection management in the

corresponding information system (IS) as a whole. The

nature and content of the stages of the IS life cycle ar e

given in [6, 3], these stages are typical for SPP. The

basic concepts, models and methods for developing

similar solutions are given in [1, 2, 6, 7, 8, 9].

The General theoretical provisions for the

synthesis of complex hierarchical (multilevel) systems

is given in [9, 10, 11].

Based on the study of the material given in [3, 4,

5, 6, 7, 8, 9], it can be argued that the IC study at each

stage of the IS life cycle is expedient to spend in

accordance with the general scheme of multilevel

analysis and synthes is shown in figure 1.

THE PURPOSE OF THE RESEARCH IS THE

INFORMATION CONFIDEN TIALITY PROTECTION

Studies on the information confidentiality

protection are ca rried out in order:

The formulation of the problem as of the IC

provision, establishing its causes, relationship to other

problems (for example, ensuring the availability,

integrity, etc.), to understand its nature, relevance,

solvability.

Identification a nd modelling of the situation, in

which this problem has arisen or may arise.

The formulation of the problem situation, the

definition of completeness, reliability or adequacy of

the information about a problem situation.

Formation and analysis of multiple alternative

goals, the achievement of which will solve the problem

of ensuring that CI, justificati on of selection rules work

from many acceptable alternatives.

Research ways to implement the working

alternatives and the definition of significant limitati ons

that affect the choice of means and methods of a goal

achievement, the decomposition of complex goals on

private.

Justification of the necessary resources.

Fig. 1. The scheme of the study the confidentiality of information

Detail

ed

System

Engineeri

Concept

ual

Proble

m

Tec hnical solutions

Conceptual solution

System engineering solutions

Formulation of the problem

48 American Scientific Journal № ( 32) / 20 19

The purpose of the CI study at the problem level

[9, 11]:

To determine whether there is the problem of

protecting CI, its causes, relationship to other problems,

to assess the relevance, solvab ility, and the urgency of

a solution.

To identify and describe the situation in which

there is and can be a problem exists or may exist.

To formulate and define the problem situation the

heuristic and formal m ethods.

To determine the completeness and relia bility of

information about the problem situation for measures

to be taken in order to obtain the information missing.

To explore alternative goals, the achievement of

which solves the problem, and to choose one of them

as the main one.

To explore ways to achieve the goal, perform its

decomposition.

To choose the means to achieve the goal.

To formulate the General problem, statement the

information confidentiality stu dy.

The purpose of a problem situation conceptual

study:

To build an adequate model of the problem

situation, to plan the experiment with the model

constructed and to formulate conclusions on the

experiment results.

The allocation of privacy protection sub system in

the information protection system.

Substantiation of rational behavior of the pri vacy

protection subsystem.

To ensure the selection of the subsystem

functioning efficiency indicators on the life cycle

stages and descriptions of research results.

Assessment of conformity of the selected indicator

current values, the desired level and ju stify the selection

of the indicator measurement scale.

Conceptual modelling of confidentiality

subsystem functioning process in the information

system.

Decompositio n of the confidentiality study

purpose.

Definition of an external supplement for system -

tec hnical research .

The purpose of engineering research:

Statement of the task of system -technical research

regarding the problem of the information

confidentiality ens uring .

The formation of a complex system and technical

strategies of building a privacy pro tection subsystem

Analysis of engineering characteristics of the

privacy protection subsystem (SPP).

Assessment of structural and functional

redundancy.

To provide a choice of means and methods of

engineering modelling of processes of information

security (of the information security processes

engineering).

To justify the set of initial data, clarifying their

limitations and efficiency.

To ensure the processes of the confidentiality

protection system engineering.

The purpose of the CI detailed studies:

1. To ensure the work statement for the

Confidentiality of detailed research.

2. To specification, external additions resulted

from the Confidentiality engineering rese arch.

3. To ensure the selection of performance

indicators and sustainable solution criteri on for SPP

elements construction.

The procedure for the development of solutions to

protect information confidentiality.

When formulating the general procedure for a

solution development aimed to ensure the information

confidentiality as well as for its fu rther improvement it

is necessary to follow the principles of complex

systems multi -level synthesis, specified in [1, 2, 6, 10,

11], taking into account the information security

peculiarities:

The principle of decomposition is to split the

system into part s.

The principle of system modelling and the

processes of its functioning.

The principle of levels harmonization.

The pri nciple of external additions. The validation

of research results obtained at each level is carried out

using the models and methods lis ted above in the

hierarchy of systems.

The principle of the field -proven methodological

support. It is necessary for the research to use

experimentally tested models and methods to make

sure the model is adequate to the process researched

and to obtain rel iable results.

III. GENERAL CHARACTERISTI CS OF THE MODEL

The single layer model (method) allows

determining the relations hip between output and

internal variables under the given selection conditions

of the input variables at appropriate levels research

privacy.

y i =F i (u i, g i, i), (1)

where:

yi - is the output value characterizing the CI at the

i-th level of the study;

Fi is a model of the SPP at the i-th level of research

in the form of a certain set of techniques that allow ui,

gi, i to be displa yed in the value of yi or (and) to

calculate the value of yi;

ui - the values of the input variables that

characterize the external addition at the i-th level of the

study;

gi - the value of the internal variables

characterizing the SPP in the ISS at the i-th level of the

study;

i - a variant of internal variab les choice, which

corresponds to the option of constructing an SPP as part

of the ISS at the i-th level of the study.

Multilevel models (methods) allow determining

the connection between the i-th lev el choice parameters

and values of outcome variables of t he following (i+1)

level.

yi+1 =F i+1(ui+1, ui, g i+1, i, i+1), (2)

Where:

yi+1 is the value of the output variable

characterizing the CI at the (i + 1) -th level;

American Scientific Journal № ( 32) / 2019 49

Fi+1 - the model of the SPP as part of the ISS on

the (i+1) level of the research in the form of some

functional, the techniques allowing to display ( ui+1, u i,

gi+1, i, i+1)i in the value yi+1 or (and) calculate the

value of yi+1;

ui+1, u i - the values of the input variables that

represen t the outer complement at the i-th and (i+1) -th

levels of the investigation;

gi+1 - the values of the internal variables

characterizing the CI in the ISS at the (i+1) -th level of

the study;

i, i+1 - the values of the internal vari ables

characterizing the CI in i-th at the (i+1) -th level of the

study.

The criterion for selecting internal variables

defines the set of values of the internal variables

G*1G1, which satisfies the requirements imposed on

the output variables at the corre sponding level g1G1*.

The choice of criterion depends on the purpose.

For the criterion of the suitability of gig0 and a

scalar metric gi region G1* is poll interval [ g0, ).

For the optimality criterion gi→max the domain

degenerates to a point corresponding to the maximum

valu e of internal variables selection parameters and

given selection conditions i, i+1.

IV. GENERALIZED PROCEDURE OF MULTI -

LEVEL SYNTHESIS

Taking into account the accepted notation and the

above princi ples, we propose the following generalized

multi -level s ynthesis procedure, as well as how to use

it [11]:

formulation and decomposition of the objective

function;

choice of the list of input, internal and output

variables, private methods and methods of d ifferent

levels;

definition of the conditions for the se lection of

internal variables values showing an indirect influence

of the external environment;

to evaluate the possibility of integration with other

private methods;

the need to use multilevel algori thms as well as to

define constraints for variable value s;

the choice of efficiency criterion that determines

the order of selection effective concept engine protect

privacy.

The modelling of the process for application of the

confidentiality protection su bsystem is the part of the

information protection system as an element and

forecasting of the ranges of Y* Yi output variables

values, characterizing the subsystem development

concept and meeting system requirements and their

limitations i.

gi= F i (ui, yi,i) Gi*, (3)

where

Fi (ui, yi,i) - a function that allows calculating the

value of the CI indicator at the i-th level;

G1* G1 - the selection criterion in accordance

with the accepted preference. If Y1*Y1, then it is

necessary to clarify the concept of constructing the SPP

as part of the ISS, to adjust t he accepted constraints 1

and repeat the definition of Y1*;

Y* - the required value of the CI indicator, which

is specified by the IS as an external addition;

Yi - the value of the CI indicator in the choice of

the i-th alternative to constructing the SP P as part of the

ISS;

If the set Y1* satisfying the condition Y*Y1 is

empty, Y1* =, then the assertion about the non -

feasibility of the ISS development concept in terms of

providing CI with the specified requirements from the

IS side is accepted;

forecas ting the possibility of achieving the

required values of the output variables Y1*, using the

existing functional and physical structure of the ISS and

determining the need for its improvement.

For this purpose, using the inter -layer

dependencies F12 the re gion G2* of the required values

of g2 satisfying the condition:

y1=F 12 (g2, u1, u2, 1,2) Y1* , (4)

and the condition G2* G2 is verified. If G2* G2,

then it is necessary to return to the previous level, make

changes to the concept of the SPP developme nt as part

of the ISS, make corrections to the constraints, and

repeat the definition of the region Y1* and verify the

feasibility of g2.

The iterations are repeated until the condition

G2* G2, is fulfilled, after which a set of G2* values are

fixed and a transition to the next lower level occurs.

A similar procedure is repeated for each of the

levels until the required characteristics of the SPP in the

ISS are determined.

With a multi -level c onceptual study of the system,

the guiding principle is the prin ciple of minimum costs.

The sufficient results principle is realized in case

of selecting the sufficiency criterion and development

of models fan of SPP elements being a part of ISS and

a link between. This allows choosing a constructive

solution at each l evel of SPP concept development. In

accordance with the general task formulation it is

possible to write down the condition for choosing SPP

construction effective concept as a part of ISS.

In accordance with the general formulation, of the

problem, it is possible to write down the condition for

choosing an effective concept of SPP constructing as

part of the ISS:

(5)

where gm is the predicted increment in the

effective index of the SPP as part of the ISS.

In the event that feasible assumptions on

monotonicity increasing function С(y) and gm(y),

the solution of the problem must be sought on the

borders of inequality gm(y) gm0 by sequentially

increasing the values of the relevant variables.

In this case, a rational sequence of leve ls (stages)

improvement of ISS will be determined using the

followin g ratios: ( )

( ) ( ) ( )

С у

g у g y g y y g

y Y

m m m mo

→

= +

min,

, , , ,

,

, 0 0

50 American Scientific Journal № ( 32) / 20 19

y1=0, C 1 (0) =0, gm1(0) =0,

y2=0, C 2 (y2) =0, gm2(y2)>0,

y3=0, C 3 (y3) =0, gm3(y3) = ,

y4=0, C 4 (y4)> C 3 (y3), gm4(y4) = ,

........................................ .......................................

yn=0, C n (yn)> C 3 (yn-1), gmn(yn)=. (6)

In accordance with the above relations:

at the first level, the compliance of the

characteristics of the existing SPP in th e ISS with the

requirements imposed by t he IS is checked;

on the second one only those characteristics that

do not require additional resources are improved;

at the third one and subsequent levels, the

characteristics are improved using external resources.

Moreover, the distribution of changes i n internal

variables and resources is carried out in such a way as

to ensure the same increment in the performance

indicators gm(yk)=, k=3,4, ..., n increase in the

increment of costs when moving to the next level , i. е.

С(yk) > C( yk-1), k=4, 5, ...,n.

The solution ends at the i-th level when the

condition is fulfilled:

(7)

This approach to the justification of the concept of

the design and development of the SPP (SPP design and

development concept) as part of the ISS will ensure

minimum or near -minimum costs for building and

further ISS improvement in terms of providing the

required level of CI.

Indeed if the process ends at levels 1 and 2, and

the solution is found at the third and subsequent levels,

then the costs of С(y)=0 will be minimal compared to

another sequence of levels providing the same

increment of a performance indicator.

We can distinguish the following generalized

levels of ISS improvement [6]: initial, organizational,

additional resources.

Level of SPP concept de velopment as a part of

ISS:

source: g m(y0,) gm0, y 1=y 0, C 1=0; (8)

organizational: gm(y2,) gm 0, y2=y 0, C 1=0 ; (9)

additional resources: C(y3)→min или

С(y3)C0, (10)

CONCLUSION

Thus for an empiric study of the information

sensitivity processes and practi cal application of the

results received it is necessary to follow the multilevel

synthesis of complex systems, adapted to features of

construction of personal data protection subsystem.

The results are accepted for implement ation as

part of a project to de velop an educational and

methodological complex for organizing a practical

audit. This project has been applied at the National

Research University of Electronic Technology [12].

This article presents the general strategy of the

empiric study. In fact the transition from models (1),

(2), (3), (4), (5), (6), (7), (8). (9), (10) to model of a

specific operation, i.e. the construction of a

mathematical or other formal model is very complex

and time -consuming. This is particularl y evident when

the target of res earch is under the design, development,

application or re -engineering the author keeps working

on these tasks.

Confirmation

The work is done in the framework of the task of

justification of the annual budget on information

security of the Department "Infor mation "Information

security".

References

ISO/IEC 27001:2005 Information technology —

Security techniques — Information security

management systems — Requirements (IDT).

ISO/IEC 27001:2013 Information technology —

Security t echniques — Information security

management systems — Requirements (IDT).

Volkova V. N., Voronkov V. A. and Denisov A.A.

System theory and systems analysis methods in

management and communication. − M.: Radio and

communication. − 1983.

Romanov V. N. The te chnique of the analysis of

compl ex systems. − SPb.: SZTU 2011.

Ovchinnikov V. A. The graphs in problems of

analysis and synthesis of structures of difficult systems

/ V. A. Ovchinnikov. − M.: MGTU N. E. Bauman,

2014.

Larin A. A. Theoretical bases of manage ment. Part

I. Processes, systems and control. M.: RVSN, 1998.

Mesarovic, M. D. Macko and Y. Takahara. Theory

of Hierarchical Multilevel Systems. Academic Press,

New York and London, 1970. pp. 4 -34, 34 -63.

Khokhlachov E. N. The theoretical foundations of

management. Part 2. Analysis and synthesis of control

systems. – M.: RVSN, 1996.

G. J. Klir, Architecture of Systems Problem

Solving. Springer Science+Business Media New York,

1985, pp. 1 -29, 175 -293, 417 -468.

Utkin L.V. Risk analysis and decision making

with incomplete information. SPb.: Science 2007, 404

p.

Reliability and efficiency in technique. Reference

guide in 10 volumes: vol. 3. The effectiveness of

technical systems./ Under the General editorship of V.

V. Utkin, Y. V. Kryuchkova. M.: Mechanical

eng ineering, 1988.

Associate Profes sor Voevodin V.A., Igoshin V.V.,

Makoveev K.D. and Makhaylovskaya A.S. About

APCS public key infrastructure unauthorized access

information security audit program. – M.: Processing of

the international Conference REDS -2018 R adio -

electronic devices and syst ems for information and

communication technologies, 2018. pp. 318 -322. ( ) ( )

( ) ( )

g y g y g g

g y g y g g

m i m mi m i

j

m j m mi m i

j

, , ,

, , .

= +

= +

=

− =

−

0 0

1

1 0 0

1

1

ФИЗИКО -МАТЕМАТИЧЕСКИ Е

METHOD OF THE STUDY OF PRIVACY PROTECTIO N IN INFORMATION SYS TEMS

Voevodin V.A.

Candid ate of technical Sciences, associate Professor,

National Research University of Electronic Technology Z elenograd , Moscow, Russia

Abstract . The article presents an analysis of the problem o f investigating the security of confidential

information, formulates a goal, principles, and provides a multi -level research scheme, the content of work at each

level (problem, concept, system, and detail). The description of single -level and mult ilevel mo dels for analysis

and synthesis of confidential information protection subsystem. The article describes the conditions for selecting

an effective concept for building a subsystem for information confidentiality protection based on sufficient resul t

and min imizing costs principles. Practical considerations for the application of the method of justification of

requirements to the subsystem of protection of confidentiality, conclusions, and directions for further research.

Keywords : security system , confiden tiality, system of information protection, privacy protection subsystem.

Introduction

The need for research on the protection of

information confidentiality (IC)) occurs at all stages of

the information system life cycle (IS).

The urgency of the p roblem is determined

primarily by the fact that the effectiveness of decisions

depends largely on the completeness and reliability of

the data obtained at the IC study stage.

The requirement to ensure the reliability and

completeness of the data, when perf orming th e IC

study, is one of the key points to effectively build the

information protection subsystem (SPP) and

information protection management in the

corresponding information system (IS) as a whole. The

nature and content of the stages of the IS life cycle ar e

given in [6, 3], these stages are typical for SPP. The

basic concepts, models and methods for developing

similar solutions are given in [1, 2, 6, 7, 8, 9].

The General theoretical provisions for the

synthesis of complex hierarchical (multilevel) systems

is given in [9, 10, 11].

Based on the study of the material given in [3, 4,

5, 6, 7, 8, 9], it can be argued that the IC study at each

stage of the IS life cycle is expedient to spend in

accordance with the general scheme of multilevel

analysis and synthes is shown in figure 1.

THE PURPOSE OF THE RESEARCH IS THE

INFORMATION CONFIDEN TIALITY PROTECTION

Studies on the information confidentiality

protection are ca rried out in order:

The formulation of the problem as of the IC

provision, establishing its causes, relationship to other

problems (for example, ensuring the availability,

integrity, etc.), to understand its nature, relevance,

solvability.

Identification a nd modelling of the situation, in

which this problem has arisen or may arise.

The formulation of the problem situation, the

definition of completeness, reliability or adequacy of

the information about a problem situation.

Formation and analysis of multiple alternative

goals, the achievement of which will solve the problem

of ensuring that CI, justificati on of selection rules work

from many acceptable alternatives.

Research ways to implement the working

alternatives and the definition of significant limitati ons

that affect the choice of means and methods of a goal

achievement, the decomposition of complex goals on

private.

Justification of the necessary resources.

Fig. 1. The scheme of the study the confidentiality of information

Detail

ed

System

Engineeri

Concept

ual

Proble

m

Tec hnical solutions

Conceptual solution

System engineering solutions

Formulation of the problem

48 American Scientific Journal № ( 32) / 20 19

The purpose of the CI study at the problem level

[9, 11]:

To determine whether there is the problem of

protecting CI, its causes, relationship to other problems,

to assess the relevance, solvab ility, and the urgency of

a solution.

To identify and describe the situation in which

there is and can be a problem exists or may exist.

To formulate and define the problem situation the

heuristic and formal m ethods.

To determine the completeness and relia bility of

information about the problem situation for measures

to be taken in order to obtain the information missing.

To explore alternative goals, the achievement of

which solves the problem, and to choose one of them

as the main one.

To explore ways to achieve the goal, perform its

decomposition.

To choose the means to achieve the goal.

To formulate the General problem, statement the

information confidentiality stu dy.

The purpose of a problem situation conceptual

study:

To build an adequate model of the problem

situation, to plan the experiment with the model

constructed and to formulate conclusions on the

experiment results.

The allocation of privacy protection sub system in

the information protection system.

Substantiation of rational behavior of the pri vacy

protection subsystem.

To ensure the selection of the subsystem

functioning efficiency indicators on the life cycle

stages and descriptions of research results.

Assessment of conformity of the selected indicator

current values, the desired level and ju stify the selection

of the indicator measurement scale.

Conceptual modelling of confidentiality

subsystem functioning process in the information

system.

Decompositio n of the confidentiality study

purpose.

Definition of an external supplement for system -

tec hnical research .

The purpose of engineering research:

Statement of the task of system -technical research

regarding the problem of the information

confidentiality ens uring .

The formation of a complex system and technical

strategies of building a privacy pro tection subsystem

Analysis of engineering characteristics of the

privacy protection subsystem (SPP).

Assessment of structural and functional

redundancy.

To provide a choice of means and methods of

engineering modelling of processes of information

security (of the information security processes

engineering).

To justify the set of initial data, clarifying their

limitations and efficiency.

To ensure the processes of the confidentiality

protection system engineering.

The purpose of the CI detailed studies:

1. To ensure the work statement for the

Confidentiality of detailed research.

2. To specification, external additions resulted

from the Confidentiality engineering rese arch.

3. To ensure the selection of performance

indicators and sustainable solution criteri on for SPP

elements construction.

The procedure for the development of solutions to

protect information confidentiality.

When formulating the general procedure for a

solution development aimed to ensure the information

confidentiality as well as for its fu rther improvement it

is necessary to follow the principles of complex

systems multi -level synthesis, specified in [1, 2, 6, 10,

11], taking into account the information security

peculiarities:

The principle of decomposition is to split the

system into part s.

The principle of system modelling and the

processes of its functioning.

The principle of levels harmonization.

The pri nciple of external additions. The validation

of research results obtained at each level is carried out

using the models and methods lis ted above in the

hierarchy of systems.

The principle of the field -proven methodological

support. It is necessary for the research to use

experimentally tested models and methods to make

sure the model is adequate to the process researched

and to obtain rel iable results.

III. GENERAL CHARACTERISTI CS OF THE MODEL

The single layer model (method) allows

determining the relations hip between output and

internal variables under the given selection conditions

of the input variables at appropriate levels research

privacy.

y i =F i (u i, g i, i), (1)

where:

yi - is the output value characterizing the CI at the

i-th level of the study;

Fi is a model of the SPP at the i-th level of research

in the form of a certain set of techniques that allow ui,

gi, i to be displa yed in the value of yi or (and) to

calculate the value of yi;

ui - the values of the input variables that

characterize the external addition at the i-th level of the

study;

gi - the value of the internal variables

characterizing the SPP in the ISS at the i-th level of the

study;

i - a variant of internal variab les choice, which

corresponds to the option of constructing an SPP as part

of the ISS at the i-th level of the study.

Multilevel models (methods) allow determining

the connection between the i-th lev el choice parameters

and values of outcome variables of t he following (i+1)

level.

yi+1 =F i+1(ui+1, ui, g i+1, i, i+1), (2)

Where:

yi+1 is the value of the output variable

characterizing the CI at the (i + 1) -th level;

American Scientific Journal № ( 32) / 2019 49

Fi+1 - the model of the SPP as part of the ISS on

the (i+1) level of the research in the form of some

functional, the techniques allowing to display ( ui+1, u i,

gi+1, i, i+1)i in the value yi+1 or (and) calculate the

value of yi+1;

ui+1, u i - the values of the input variables that

represen t the outer complement at the i-th and (i+1) -th

levels of the investigation;

gi+1 - the values of the internal variables

characterizing the CI in the ISS at the (i+1) -th level of

the study;

i, i+1 - the values of the internal vari ables

characterizing the CI in i-th at the (i+1) -th level of the

study.

The criterion for selecting internal variables

defines the set of values of the internal variables

G*1G1, which satisfies the requirements imposed on

the output variables at the corre sponding level g1G1*.

The choice of criterion depends on the purpose.

For the criterion of the suitability of gig0 and a

scalar metric gi region G1* is poll interval [ g0, ).

For the optimality criterion gi→max the domain

degenerates to a point corresponding to the maximum

valu e of internal variables selection parameters and

given selection conditions i, i+1.

IV. GENERALIZED PROCEDURE OF MULTI -

LEVEL SYNTHESIS

Taking into account the accepted notation and the

above princi ples, we propose the following generalized

multi -level s ynthesis procedure, as well as how to use

it [11]:

formulation and decomposition of the objective

function;

choice of the list of input, internal and output

variables, private methods and methods of d ifferent

levels;

definition of the conditions for the se lection of

internal variables values showing an indirect influence

of the external environment;

to evaluate the possibility of integration with other

private methods;

the need to use multilevel algori thms as well as to

define constraints for variable value s;

the choice of efficiency criterion that determines

the order of selection effective concept engine protect

privacy.

The modelling of the process for application of the

confidentiality protection su bsystem is the part of the

information protection system as an element and

forecasting of the ranges of Y* Yi output variables

values, characterizing the subsystem development

concept and meeting system requirements and their

limitations i.

gi= F i (ui, yi,i) Gi*, (3)

where

Fi (ui, yi,i) - a function that allows calculating the

value of the CI indicator at the i-th level;

G1* G1 - the selection criterion in accordance

with the accepted preference. If Y1*Y1, then it is

necessary to clarify the concept of constructing the SPP

as part of the ISS, to adjust t he accepted constraints 1

and repeat the definition of Y1*;

Y* - the required value of the CI indicator, which

is specified by the IS as an external addition;

Yi - the value of the CI indicator in the choice of

the i-th alternative to constructing the SP P as part of the

ISS;

If the set Y1* satisfying the condition Y*Y1 is

empty, Y1* =, then the assertion about the non -

feasibility of the ISS development concept in terms of

providing CI with the specified requirements from the

IS side is accepted;

forecas ting the possibility of achieving the

required values of the output variables Y1*, using the

existing functional and physical structure of the ISS and

determining the need for its improvement.

For this purpose, using the inter -layer

dependencies F12 the re gion G2* of the required values

of g2 satisfying the condition:

y1=F 12 (g2, u1, u2, 1,2) Y1* , (4)

and the condition G2* G2 is verified. If G2* G2,

then it is necessary to return to the previous level, make

changes to the concept of the SPP developme nt as part

of the ISS, make corrections to the constraints, and

repeat the definition of the region Y1* and verify the

feasibility of g2.

The iterations are repeated until the condition

G2* G2, is fulfilled, after which a set of G2* values are

fixed and a transition to the next lower level occurs.

A similar procedure is repeated for each of the

levels until the required characteristics of the SPP in the

ISS are determined.

With a multi -level c onceptual study of the system,

the guiding principle is the prin ciple of minimum costs.

The sufficient results principle is realized in case

of selecting the sufficiency criterion and development

of models fan of SPP elements being a part of ISS and

a link between. This allows choosing a constructive

solution at each l evel of SPP concept development. In

accordance with the general task formulation it is

possible to write down the condition for choosing SPP

construction effective concept as a part of ISS.

In accordance with the general formulation, of the

problem, it is possible to write down the condition for

choosing an effective concept of SPP constructing as

part of the ISS:

(5)

where gm is the predicted increment in the

effective index of the SPP as part of the ISS.

In the event that feasible assumptions on

monotonicity increasing function С(y) and gm(y),

the solution of the problem must be sought on the

borders of inequality gm(y) gm0 by sequentially

increasing the values of the relevant variables.

In this case, a rational sequence of leve ls (stages)

improvement of ISS will be determined using the

followin g ratios: ( )

( ) ( ) ( )

С у

g у g y g y y g

y Y

m m m mo

→

= +

min,

, , , ,

,

, 0 0

50 American Scientific Journal № ( 32) / 20 19

y1=0, C 1 (0) =0, gm1(0) =0,

y2=0, C 2 (y2) =0, gm2(y2)>0,

y3=0, C 3 (y3) =0, gm3(y3) = ,

y4=0, C 4 (y4)> C 3 (y3), gm4(y4) = ,

........................................ .......................................

yn=0, C n (yn)> C 3 (yn-1), gmn(yn)=. (6)

In accordance with the above relations:

at the first level, the compliance of the

characteristics of the existing SPP in th e ISS with the

requirements imposed by t he IS is checked;

on the second one only those characteristics that

do not require additional resources are improved;

at the third one and subsequent levels, the

characteristics are improved using external resources.

Moreover, the distribution of changes i n internal

variables and resources is carried out in such a way as

to ensure the same increment in the performance

indicators gm(yk)=, k=3,4, ..., n increase in the

increment of costs when moving to the next level , i. е.

С(yk) > C( yk-1), k=4, 5, ...,n.

The solution ends at the i-th level when the

condition is fulfilled:

(7)

This approach to the justification of the concept of

the design and development of the SPP (SPP design and

development concept) as part of the ISS will ensure

minimum or near -minimum costs for building and

further ISS improvement in terms of providing the

required level of CI.

Indeed if the process ends at levels 1 and 2, and

the solution is found at the third and subsequent levels,

then the costs of С(y)=0 will be minimal compared to

another sequence of levels providing the same

increment of a performance indicator.

We can distinguish the following generalized

levels of ISS improvement [6]: initial, organizational,

additional resources.

Level of SPP concept de velopment as a part of

ISS:

source: g m(y0,) gm0, y 1=y 0, C 1=0; (8)

organizational: gm(y2,) gm 0, y2=y 0, C 1=0 ; (9)

additional resources: C(y3)→min или

С(y3)C0, (10)

CONCLUSION

Thus for an empiric study of the information

sensitivity processes and practi cal application of the

results received it is necessary to follow the multilevel

synthesis of complex systems, adapted to features of

construction of personal data protection subsystem.

The results are accepted for implement ation as

part of a project to de velop an educational and

methodological complex for organizing a practical

audit. This project has been applied at the National

Research University of Electronic Technology [12].

This article presents the general strategy of the

empiric study. In fact the transition from models (1),

(2), (3), (4), (5), (6), (7), (8). (9), (10) to model of a

specific operation, i.e. the construction of a

mathematical or other formal model is very complex

and time -consuming. This is particularl y evident when

the target of res earch is under the design, development,

application or re -engineering the author keeps working

on these tasks.

Confirmation

The work is done in the framework of the task of

justification of the annual budget on information

security of the Department "Infor mation "Information

security".

References

ISO/IEC 27001:2005 Information technology —

Security techniques — Information security

management systems — Requirements (IDT).

ISO/IEC 27001:2013 Information technology —

Security t echniques — Information security

management systems — Requirements (IDT).

Volkova V. N., Voronkov V. A. and Denisov A.A.

System theory and systems analysis methods in

management and communication. − M.: Radio and

communication. − 1983.

Romanov V. N. The te chnique of the analysis of

compl ex systems. − SPb.: SZTU 2011.

Ovchinnikov V. A. The graphs in problems of

analysis and synthesis of structures of difficult systems

/ V. A. Ovchinnikov. − M.: MGTU N. E. Bauman,

2014.

Larin A. A. Theoretical bases of manage ment. Part

I. Processes, systems and control. M.: RVSN, 1998.

Mesarovic, M. D. Macko and Y. Takahara. Theory

of Hierarchical Multilevel Systems. Academic Press,

New York and London, 1970. pp. 4 -34, 34 -63.

Khokhlachov E. N. The theoretical foundations of

management. Part 2. Analysis and synthesis of control

systems. – M.: RVSN, 1996.

G. J. Klir, Architecture of Systems Problem

Solving. Springer Science+Business Media New York,

1985, pp. 1 -29, 175 -293, 417 -468.

Utkin L.V. Risk analysis and decision making

with incomplete information. SPb.: Science 2007, 404

p.

Reliability and efficiency in technique. Reference

guide in 10 volumes: vol. 3. The effectiveness of

technical systems./ Under the General editorship of V.

V. Utkin, Y. V. Kryuchkova. M.: Mechanical

eng ineering, 1988.

Associate Profes sor Voevodin V.A., Igoshin V.V.,

Makoveev K.D. and Makhaylovskaya A.S. About

APCS public key infrastructure unauthorized access

information security audit program. – M.: Processing of

the international Conference REDS -2018 R adio -

electronic devices and syst ems for information and

communication technologies, 2018. pp. 318 -322. ( ) ( )

( ) ( )

g y g y g g

g y g y g g

m i m mi m i

j

m j m mi m i

j

, , ,

, , .

= +

= +

=

− =

−

0 0

1

1 0 0

1

1