S. S. Agafyin
Lightweight Version of GOST 28147-89 Keywords: Lightweight cryptography, RFID, GOST, KTANTAN.
In this paper author describes the possibility of using the cryptographic algorithm GOST 28147-89 in such resource-constraint devices like passive RFID-tags.
A. V. Arkhangelskaya
Closed Classes of Boolean Functions Problems Solving Keywords: Boolean functions, closed classes, typical tasks.
The purpose of the article was to describe typical tasks concerned with closed classes of Boolean functions and to design the technique to solve them. This topic is useful for information security students. The main feature of the work is to examine the overview of the problem that allows working on the universal deciding algorithm.
G. V. Babenko
Kohonen’s Self-Organizing Maps as the Instrument of Detection the Deviations in TCP/IP Traffic Flow
Keywords: self-organizing maps, the gradient, key characteristics.
The paper discusses issues of network traffic analysis based on functional Kohonen’ self-organizing map. Using the information received from the sensors of the system and especially structured, methods of analysis using Kohonen’ self-organizing maps were adapted, as well as a special algorithm for visualiza-tion of the results of analysis using a color gradient were applied.
A. A. Balaev, T. A. Kondratyeva
Methods of Certification tests PLC-Networks in Compliance Safety Information Keywords: PLC – Power Line Communications.
The aim of this research was description of the methodology of the audit plc-network to meet the require-ments of information security. The technique is based on the provisions of the guidance docurequire-ments and model FSTEC Russia test object methods of information on safety information.
V. M. Barbashov, V. G. Ivanenko
Criteria-Based Membership Function Method Usage for IC Safe Functioning Keywords:IC, fuzzy automat, EMP
This paper present criteria-based membership function method, on the basis of fuzzy Brauer automat model, on functional logic level for IC safe functioning over EMP. This method distinguishes from usual methods because there is IC durability from EMP (mode of operation, functional state and circuit design) dependence accounting in an explicit form possibility in IC functional logic models.
A. N. Besedin
Provision of Information Security Communication Systems as Automated Systems in Pro-tected Performance
Keywords: communication system, automated system, information security.
On the basis of comparative analysis the legitimacy of representation of the communication system as an automated system is proved. The possibility of applying a set of information security norms and require-ments to communication systems within the framework of existing legislation is considered.
A. B. Vavrenyuk, V. V. Makarov, V. S. Trofimova, I. V. Chugunkov Security of Electronic Payment Systems Based on Digital Money
Keywords: electronic payment system, digital denomination, scheme of a blind digital signature, digital payment system.
Electronic payment systems based on digital money are evaluated in terms of information protection. Mecha-nisms of protection of interests of bank-emitter, buyer and seller are described. Course of life of a digital denomination is resulted: transactions of removal from the account, purchase and transfer into the account.
A. A. Varfolomeev, K. G. Kogos, A. M. Koreneva, V. M. Fomichev
On the Complexity of Implementation Some Cryptanalysis Methods by Distributed Computing Keywords: block cipher, distributed computing, Hellman key search, meet-in-the-middle attack, method of optimization, sequential key search.
The subject of the research is an investigation on the distributed computing efficiency in the analysis of cryptographic systems by different key search methods: meet-in-the-middle, sequential key search and Hellman method. The leading results of the research are presented in the paper.
A. N. Veligura, D. S. Simonenkova
On the Task of Formulating the Problem of Composition of the Multiprocessor Schedule Minimizing the Run Time
Keywords: block cipher, the problem of integer linear programming (ILP), processors elements, multiprocessor scheduling problem.
The subject of the research is to investigate the possibility of assessing the run-time realization of the pipeline crypto algorithm AES on the multiprocessors system by the Discrete Optimization Methods.
A. N. Golubinskiy, S. V. Dvoryankin
Method of the Comparative Analysis of Portraits Acoustocardiogram for Detection of Cardiovascular Diseases
Keywords: acoustocardiogram, cardiovascular diseases, wavelet analysis, continuous wavelet transform, mathematical model, measure of distinguishability.
The analysis method of acoustocardiogram for detection of cardiovascular diseases at use of continuous wavelet transform is developed. The mathematical model of a cardiosignal is offered. The comparative analysis of wavelet-spectrums of cardiosignals for different states of cardiovascular system is realized: at the normal sinus rhythm and at the sinus tachycardia. The measure of distinguishability with respect to
P. A. Demin
Implementation Issues of the Information Security Management Systems Based on the Standards Keywords: information security management system, process modeling approach.
Implementation specificity of the information security management system based on international and Russian standards is described. The review of some issues of the process modeling approach’s use in information security management is presented.
V. K. Dzhogan, A. P. Kurylo
Protection of Information Resources of Computer Systems as a System of Performance Data Protection
Keywords: information security, computer systems, efficiency.
System solutions of actual problems of information security of computer systems is achieved by a com-prehensive analysis of existing approaches to the protection of computer information. The interrelated set of methods and means of implementing these approaches is a mechanism to ensure the security of the information in these systems. The fact that computer systems are characterized by many non-trivial properties is the question of their research to the number of complex both scientifically and practically.
V. K. Dzhogan, A. P. Kurylo, N. S. Shimon
Features of the Synthesis of Performance SecurityInformation in Computer Systems
Keywords: protection of information, synthesis, efficiency.
Synthesis of a scorecard is a gradual process of composition, since the set of elements that reflect the original, systematized their condition, and, through a series of intermediates, linking them in a single bound to the structure ends with one element that reflects the purpose of the system. The hierarchical structure of the system performance of information security in computer systems is a structure with regard to “one to many”. The article reflects the extent of information security tools capabilities influence at the security of information resources of computer systems (from indirect – Class 1, to direct – Class 4).
D. V. Domashova, E. O. Samoshina
Optimal Strategy of the System, Providing Economic Security of a Commercial Bank
Keywords: economic security, model of the system providing economic security, protection strategy.
Economic security common model of the commercial bank is described in this paper. The process of building a cost-effective security strategy is determined, taking into account the costs of its implementation. Security class is determined with the requirements to the economic security functions of the commercial bank.
A. V. Dubovitskaya, P. V. Smirnov
Russian Cryptographic Algorithms in the Identity Management Systems
Keywords: claim-based authentication, identity management, identity provider, SAML, single sign-on, service provider.
The subject of the research is to implement Russian cryptographic algorithms in the IdM-systems. The research centers on the study of the claim-based authentication protocols and the existing IdM-systems and on the development of an authentication module for Russian cryptographic algorithms.
B. N. Epifantsev, A. E. Sulavko, R. V. Borisov, P. S. Lozhnikov
Complex System of Identification of the Person by Dynamics of Subconscious Movements Keywords: biometric identification, processing of signals, the decision-making methods, identified images, dynamic biometric signs.
The problem considered in the article consists in development and supports of reliability of system of biometric identification of users of the computer. Importance of the problem follows from the fact that the developed system should correspond to the requirements shown now by the market. The original contribution to a subject consists in the offered methods of processing of the analogue signals, the up-graded methods of decision-making and implementation of the given complex.
S. I. Zhurin
Insider: Main Characteristics and Complexity Opposition Keywords: complexity opposition of insider threat.
More and more incidents with e-money theft, cracking information systems with the participation of the facility’s staff named insiders have been happening lately. They have permissions, knowledge, which are enough to make an information crime. In the article the description of insiders and complexity approach by opposition them are given.
S. V. Zapechnikov
The Control of Information Security Indicators for Information Resources in Distributed Com-puting Environment Bases on the Reservation Strategies with Fractional Redundancy Rate Keywords: distributed computing environment, information resources, information resources man-agement strategies.
A way to increase security of information resources in distributed computing environments is to use some information resources management strategies. The goal of paper is to analyze the ways how to control the security indicators for information resources in distributed computing environments using the reservation strategies with fractional redundancy rate.
I. I. Zenzin
Information Security Risk Management in the Automated System Keywords: risk management, information security, international standard.
The urgency of researches in the field of working out of new techniques of risk management of information security in the automated systems is described. The short review of some of existing modern international standards in the field of risk management of information security in the automated systems is presented.
M. M. Koptenkov
Categorization of Information is the First Step to Enterprise Information Security Keyword:information security, categorization of information, confidentiality, integrity and avail-ability of information.
This article reveals the necessity and importance of information categorizing in the area of information security systems development. This paper describes an information categorizing method based on the
This method allows us to classify information on the degree of its value to the organization and most effectively implement an access control system.
A. M. Koreneva
Graph-Theoretical Approach on Determining the Matrix of Essential Dependence Exponent Value
Keywords: block cipher, graphs and matrices of essential dependence, mixing properties of mappings.
The subject of the research is to develop an algorithm in terms of graph-theoretical approach, estimate the mixing properties of cryptographic transformations such as iterative symmetric block ciphers and obtain an exponent value for DES matrix of essential dependence.
А. B. Kostina, N. G. Miloslavskaya, А. I. Tolstoy
Information Security Management Aspects in Curriculum for Training in the Field of Infor-mation Security
Keywords: information security management, education.
The requirements for training in the field of information security (IS) in terms of IS management aspects are defined. A regulatory framework is selected. A list of themes’ blocks to study the basic approaches to IS management systems development is formed. The recommendations for development and imple-mentation of the relevant disciplines’ curricula are given.
M. V. Kuzin
PCI DSS: Security Standard and Security in Fact Keywords: payment cards, security, fraud, PCI DSS.
The article focuses on Payment Card Industry Data Security Standard (PCI DSS) requirements and practices, especially it’s issues and disadvantages to achieve the main goal – security of payment cards infrastructure.
D. A. Larin
About the Soviet Cryptographs Contribution on the Victory by Moscow Keywords: cipher, the Soviet cryptanalysts, battle of Moscow.
On December 5, 2011, we mark the 70th anniversary of the first great defeat on the fascist Germany during the Soviet troops’ counter-offensive of Moscow, which has become the first step towards to the Victory Day. This article deals with the Soviet cryptanalysts’ activity of deciphering Germany and Japan codes and placing at the Soviet leadership disposal the significant information in military and political spheres. This information played the key-role of the victory in the battle of Moscow.
D. N. Makrushin
The Concept of Data Collection and Processing System for Audit according to the PCI DSS
Keywords: payment card industry data security standard, qualified security assessor, audit, data collection and processing system, autimatization.
The objects of the research are verification procedures meet the requirements of the standard of the documents supporting the information security standard in the payment card industry (PCI DSS).
A. A. Malyuk
Entropy Approach to Modeling Information Security Systems and Processes
Keywords: information security, information security processes’ modeling, utility function of information protection system, information protection system’s entropy.
One possible approach to modeling the information security processes through the use of physical anal-ogy with the second thermodynamics law is discussed. This approach allows to present an information protection system as a system with maximum utility and to obtain an optimal solution for developing its protection on the basis of maximizing its entropy.
A. V. Mamaev
The Hardware and Software Implementation ofLow-Frequency Active Channel Signals in an Information Leakage Detection and Prevention Systems
Keywords: hardware and software solution, low frequency active channel, insider, ILDP system, network power.
This article discusses a new way of developing a special channel for the alarms, through computer’s
power supply network,to solve the problemof protection fromremoval ofthe temporarycontrol over the victim’smachine,usinginformation leakage detection and prevention systems.
D. M. Mikhaylov, A. A. Pikhtulov
A Mathematical Model of the Spread of Bluetooth-Viruses
Keywords: Bluetooth, mathematical model, mobile devices vulnerabilities, mobile device attack, mobile virus.
The analysis of the functioning and the spread of viruses that exploit Bluetooth technology’s vulner-abilities is presented in the article. Considering these studies the mathematical model of the spread of Bluetooth-virus for mobile phones was created. This model can be used as a base for developing effective security measures against virus attacks on mobile devices.
V. A. Minaev
Theorem on the Complete Set of Primes
Keywords: information security, theorem, algorithm, prime numbers.
In the article the theorem on the complete set of primes is proved, the description of linear algorithm of all prime numbers finding is given.
A. V. Moiseev, A. A. Stankevichus, Y. M. Tumanov
Distributed Computations Environment Protection Using Artificial Immune Systems Keywords: distributed computations, artificial immune systems, immune memory, information protection.
In this article the authors describe possibility of artificial immune systems applying for distributed com-putations environment protection from definite types of malicious impacts.
N. S. Morozova
The problems of Endpoint DLP systems
Keywords: data loss prevention, data leak prevention, DLP, endpoint DLP, device control, func-tions of endpoint DLP, content analysis.
The problems of DLP systems (Data Loss Prevention) concerning implementation and usage are dis-cussed in the article. Special attention is given to Endpoint DLP fundamentals, security of data copied from/to user’s workstations, portable devices and external data storages. Auxiliary functions are also taken into account while choosing and deploying such systems.
M. R. Mukhtarov
Applying IPFIX Protocol for Detection of Distributed Denial of Service Attacks against Cloud Infrastructure
Keywords: cloud computing, Cloud Infrastructure, Distributed Denial of Service, network security, IPFIX protocol.
The way of monitoring deviations in network traffic behavior inside “Cloud Infrastructure” using IPFIX protocol is suggested in the paper. The proposed algorithm is applied for registration of “Distributed Denial of Service” attacks against “Cloud Infrastructure”.
V. M. Nichiporchouk
Web-Services Development in Secure Way for Highload Systems Keywords: security of web-service, high load, scalability, information security.
This paper describes approach to design of web-services in secure, high load and fault tolerant implementation for mass message processing. The multicomponent architecture of web-service with possibility for high security zone is provided as well as scalability evaluation of the architecture.
V. R. Petrov
Need an Information Security in Access Control System? Keywords: access control system, information security.
The purpose of this paper is the general problems of information security in access control system. The field of using is the in project of reconstruction Physical protection system.
M. Y. Senatorov, R. B. Syatkovskiy
The Comparative Analysis of Methods Characteristics of a Monitoring of Integrity of Global Navigation Satellite Systems
Keywords: GLONASS, integrity, security.
The main methods of monitoring the integrity of the Global Navigation Satellite Systems (GNSS) are considered. A comparative analysis of the characteristics of GNSS integrity controlling methods is conducted. A perspective method of integrity monitoring, potentially able of providing the basic needs of radio navigation information consumer groups, is proposed.
A. I. Terentyev
Latent Componentry of the System Complex Security. Definition and Classification Key words: latent componentry.
The article is devoted to some definitions and the classification of the latent componentry of the system complex security.
M. K. Yanchich
Information Risk Management Based on the MEHARI Methodology Keywords: information risks assessment, risk management, risk management methodology.
The article describes the process of information risk management based on the MEHARI methodology created by the French society CLUSIF.
