Combination of context-role and perimeter protection paradigms for modelling the security of information systems

A possibility of using the Hybrid Modelling for the estimation of information systems ability for preventing the unauthorized access has been analyzed. Proposed approach combines two paradigms of information security – context-role and perimeter protection. AnyLogic was used as a platform for develo...

Full description

Saved in:
Bibliographic Details
Main Authors: Tun, Hein, Lupin, Sergey, Gureev, Aleksandr
Format: Conference Proceeding
Language:English
Subjects:
Computer simulation
Cybersecurity
Information systems
Modelling
Security management
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:A possibility of using the Hybrid Modelling for the estimation of information systems ability for preventing the unauthorized access has been analyzed. Proposed approach combines two paradigms of information security – context-role and perimeter protection. AnyLogic was used as a platform for development and simulation the experimental model. AnyLogic allows us to use agent based and discrete event methods for formalization the processes in information systems security. According to the context-role model the permissions of agents are determined by their position in administrative hierarchy. In our approach the access rights of agents depend also from their position in protected environment. Article shows the structure of Anylogic model and set of data which provide the various behaviors of agents and the functionality of perimeter’s protection. Simulation experiments confirmed the usability of hybrid models for estimation the level of information security. The set of agents’ parameters allows determining the wide range of their activities and investigating the reaction of security system to their behavior.
ISSN:0094-243X
1551-7616
DOI:10.1063/1.4965366