Skip to main content
SpringerLink
Log in

Development of an Information Security Management Model for Enterprise Automated Systems

  • Conference paper
  • First Online:
Advanced Information Networking and Applications (AINA 2020)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1151))

  • 2062 Accesses

Abstract

This article proposes an information security management system (ISMS) model for automated data processing systems of critical applications (ADPS-CAs). The model allows users to carry out an assessment of the risk level for information security (IS) purposes and provides support for decision-making related to countering unauthorized access to the information circulating in an ADPS-CA. Further, this article analyzes the effect of a control parameter on the probability of launching an information integrity monitoring service (IMS) during a procedure that launches a typical ADPS-CA and its IS subsystem. The results present system quality indicators for protecting information from unauthorized access. The simulation was performed in relation to automated workstations as part of the ADPS-CA of a large enterprise.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Sommestad, T., Karlzén, H., Hallberg, J.: A meta-analysis of studies on protection motivation theory and information security behaviour. IJISP 9, 26–46 (2015)

    Google Scholar 

  2. Woon, C.: Principles of secure information systems design. Comput. Secur. 91, 13–24 (2010)

    Google Scholar 

  3. Valenzuela, J., Wang, J., Bissinger, N.: Real-time intrusion detection in power system operations. IEEE Trans. Power Syst. 28, 1052–1062 (2013). https://doi.org/10.1109/TPWRS.2012.2224144

    Article  Google Scholar 

  4. Al-Jarrah, O., Arafat, A.: Network intrusion detection system using attack behavior classification. In: Information and Communication Systems (ICICS) 5th International Conference, pp. 1–6 (2014). https://doi.org/10.1109/iacs.2014.6841978

  5. Lakhno, V.: Creation of the adaptive cyber threat detection system on the basis of fuzzy feature clustering. East.-Eur. J. Enterp. Technol. 2, 18–25 (2016). https://doi.org/10.15587/1729-4061.2016.66015

    Article  Google Scholar 

  6. Ericsson, G.N.: Cyber security and power system communication-essential parts of a smart grid infrastructure. IEEE Trans. Power Deliv. 25, 1501–1507 (2010). https://doi.org/10.1109/TPWRD.2010.2046654

    Article  Google Scholar 

  7. Li-Yun, C., Zne–Jung, L.: Applying fuzzy expert system to information security risk assessment – a case study on an attendance system. In: 2013 International Conference on Fuzzy Theory and its Applications (iFUZZY), pp. 346–351 (2013). https://doi.org/10.1109/ifuzzy.2013.6825462

  8. Linda, O., Manic, M., Vollmer, T., Wright, J.: Fuzzy logic based anomaly detection for embedded network security cyber sensor. In: IEEE Symposium on Computational Intelligence in Cyber Security (CICS), pp. 202–209 (2011). https://doi.org/10.1109/cicybs.2011.5949392

  9. Atymtayeva, L., Kozhakhmet, K., Bortsova, G.: Building a knowledge base for expert system in information security. In: Cho, Y., Matson, E. (eds.) Soft Computing in Artificial Intelligence, vol. 270, pp. 57–76. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-05515-2_7

  10. Kanatov, M., Atymtayeva, L., Yagaliyeva, B.: Expert systems for information security management and audit. Implementation phase issues. In: 15th International Symposium on Soft Computing and Intelligent Systems (SCIS) Joint 7th International Conference on and Advanced Intelligent Systems (ISIS), pp. 896–900 (2014). https://doi.org/10.1109/scis-isis.2014.7044702

  11. Lakhno, V., Kazmirchuk, S., Kovalenko, Y., Myrutenko, L., Zhmurko, T.: Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features. East.-Eur. J. Enterp. Technol. 3(9), 30–38 (2016). https://doi.org/10.15587/1729-4061.2016.71769

    Article  Google Scholar 

  12. Ben-Asher, N., Gonzalez, C.: Effects of cyber security knowledge on attack detection. Comput. Hum. Behav. 48, 51–61 (2015). https://doi.org/10.1016/j.chb.2015.01.039

    Article  Google Scholar 

  13. Goztepe, K.: Designing fuzzy rule based expert system for cyber security. IJISS 1, 13–19 (2012)

    Google Scholar 

  14. Gamal, M.M., Hasan, B., Hegazy, A.F.: A security analysis framework powered by an expert system. IJCSS 4, 505–527 (2011)

    Google Scholar 

  15. Thai, M.T., Xuan, Y., Shin, I., Znati T.: On detection of malicious users using group testing techniques. In: 28th International Conference on Distributed Computing Systems (ICDCS), pp. 206–213 (2008). https://doi.org/10.1109/icdcs.2008.75

  16. Wood, C.C., Banks, W.W., Guarro, S.B., Garcia, A.A., Hampel, V.E., Sartorio, H.P.: Computer Security: A Comprehensive Controls Checklist. Wiley, New York (1987)

    Google Scholar 

  17. Lakhno, V.A., Petrov, O.S., Hrabariev, A.V., Ivanchenko, Y.V., Beketova, G.S.: Improving of information transport security under the conditions of destructive influence on the information-communication system. J. Theor. Appl. Inf. 89, 352–361 (2016)

    Google Scholar 

  18. Al Hadidi, M.M., Ibrahim, Y.K., Lakhno, V., Korchenko, A., Tereshchuk, A., Pereverzev, A.: Intelligent systems for monitoring and recognition of cyber attacks on information and communication systems of transport. IRECOS 11, 1167–1177 (2016)

    Article  Google Scholar 

  19. Lakhno, V., Petrov, A., Petrov, A.: Development of a support system for managing the cyber security of information and communication environment of transport. In: International Conference on Information Systems Architecture and Technology, pp. 113–127 (2017)

    Google Scholar 

  20. Akhmetov, B., Lakhno, V., Boiko, Y., Mishchenko, A.: Designing a decision support system for the weakly formalized problems in the provision of cyber security. East.-Eur. J. Enterp. Technol. 1, 4–15 (2017)

    Article  Google Scholar 

  21. Savola, R.M.: Towards a taxonomy for information security metrics. In: Proceedings of the 2007 ACM Workshop on Quality of Protection, pp. 28–30 (2007)

    Google Scholar 

  22. Rostami, M., Koushanfar, F., Karri, R.: A primer on hardware security: models, methods, and metrics. Proc. IEEE 2014(102), 1283–1295 (2014)

    Article  Google Scholar 

  23. Takahashi, T., Kadobayashi, Y., Fujiwara, H.: Ontological approach toward cyber security in cloud computing. In: Proceedings of the 3rd International Conference on Security of Information and Networks, pp. 100–109 (2010)

    Google Scholar 

  24. Ben-Asher, N., Gonzalez, C.: Effects of cyber security knowledge on attack detection. Comput. Hum. Behav. 48, 51–61 (2015)

    Article  Google Scholar 

  25. Zhekambayeva, M., Al Hadidi, M., Al-Azzeh, J.S., Akhmetov, B., Korchenko, O., Kazmirchuk, S.: Methods of risk assessment for information security management. IRECOS 11, 81–91 (2016)

    Article  Google Scholar 

  26. Lakhno, V., Malyukov, V., Parkhuts, L., Buriachok, V., Satzhanov, B., Tabylov, A.: Funding model for port information system cyber security facilities with incomplete hacker information available. J. Theor. Appl. Inf. 96, 4215–4225 (2018)

    Google Scholar 

  27. Petrov, O., Borowik, B., Karpinskyy, M., Korchenko, O., Lakhno, V.: Immune and Defensive Corporate Systems with Intellectual Identification of Threats. Śląska Oficyna Drukarska, Pszczyna (2016)

    Google Scholar 

  28. Akhmetov, B., Lakhno, V.: System of decision support in weakly formalized problems of transport cyber security ensuring. J. Theor. Appl. Inf. 96, 2184–2196 (2018)

    Google Scholar 

  29. Lakhno, V., Zaitsev, S., Tkach, Y., Petrenko, T.: Adaptive expert systems development for cyber attacks recognition in information educational systems on the basis of signs’ clustering. In: International Conference on Theory and Applications of Fuzzy Systems and Soft Computing, Advances in Intelligent Systems and Computing, vol. 754, pp. 673–682 (2018). https://doi.org/10.1007/978-3-319-91008-6_66

  30. Rees, L.P., Deane, J.K., Rakes, T.R., Baker, W.H.: Decision support for cyber security risk planning. Decis. Support Syst. 51, 493–505 (2011). https://doi.org/10.1016/j.dss.2011.02.013

    Article  Google Scholar 

  31. Medhat, K., Ramadan, R.A., Talkhan, I.: Security in mission critical communication systems. In: Multimedia Services and Applications in Mission Critical Communication Systems, vol. 270 (2017). https://doi.org/10.4018/978-1-5225-2113-6.ch012

  32. Nugraha, Y., Brown, I., Sastrosubroto, A.S.: An adaptive wideband delphi method to study state cyber-defence requirements. IEEE Trans. Emerg. Top. Comput. 4, 47–59 (2016). https://doi.org/10.1109/TETC.2015.2389661

    Article  Google Scholar 

  33. Beketova, G.S., Akhmetov, B.S., Korchenko, A.G., Lakhno, A.V.: Optimization backup model for critical important information systems. Bull. Nat. Acad. Sci. Repub. Kaz. 5, 37–44 (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. E-Commerce Department, College of Administrative and Financial Sciences, Saudi Electronic University, Riyadh, Saudi Arabia

    Thamer Alhussain

  2. Computer Science Department, Community College, King Saud University, Riyadh, Saudi Arabia

    Ahmad Ali AlZubi & Osama AlFarraj

  3. Computer Science Department, College of Science and Arts, Qassim University, Qassim, Saudi Arabia

    Salem Alkhalaf

  4. College of Informatics, Korea University, Seoul, Republic of South Korea

    Musab S. Alkhalaf

Authors
  1. Thamer Alhussain
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ahmad Ali AlZubi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Osama AlFarraj
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Salem Alkhalaf
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Musab S. Alkhalaf
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thamer Alhussain .

Editor information

Editors and Affiliations

  1. Department of Information and Communication Engineering, Faculty of Information Engineering, Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

  2. Department of Electrical Engineering and Information Technology, University of Naples “Frederico II”, Naples, Italy

    Flora Amato

  3. Department of Political Science, University of Campania “Luigi Vanvitelli”, Caserta, Italy

    Francesco Moscato

  4. Faculty of Business Administration, Rissho University, Tokyo, Japan

    Tomoya Enokido

  5. Department of Advanced Sciences, Faculty of Science and Engineering, Hosei University, Tokyo, Japan

    Makoto Takizawa

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alhussain, T., AlZubi, A.A., AlFarraj, O., Alkhalaf, S., Alkhalaf, M.S. (2020). Development of an Information Security Management Model for Enterprise Automated Systems. In: Barolli, L., Amato, F., Moscato, F., Enokido, T., Takizawa, M. (eds) Advanced Information Networking and Applications. AINA 2020. Advances in Intelligent Systems and Computing, vol 1151. Springer, Cham. https://doi.org/10.1007/978-3-030-44041-1_108

Download citation

Publish with us

Policies and ethics

Search

Navigation