Shaban M. Decision support models for expertise of information security systems

The dissertation is devoted to the decision of an actual scientific and applied problem of creation of models of decision support for examinations of systems of technical protection of the information which will provide reduction of time and errors at drawing up of documents of the state examination of complex information protection system. In accordance with the requirements of the legislation of Ukraine to ensure the confidentiality, accessibility, integrity and observability of this information in each automated system must create a comprehensive system of information protection. The state examination of the complex information protection system in information and telecommunication systems is carried out in order to determine the compliance of the integrated information protection system with the technical tasks, requirements of normative documents on information protection, to determine the possibility of putting the integrated information protection system into operation. Based on the results of the work, a group of documents is formed which is the program and methods of examination of the complex information protection system; list of tests; special opinion of the expert; test report; certificate of conformity and expert opinion. The paper analyzes the existing decision support systems. The models have been analized which has allowed automating the process of identification of the functional protection profile. The developed model of parameters for identification of functional protection profiles in computer systems which due to theoretical and multiple representation of certain sets of criteria of information security, their elements and corresponding levels will formally form the necessary set of values for realization of process of functional protection profiles identification in computer systems. The actual scientific and applied problem of automation of the process of examinations of complex information protection systems and detection of discrepancies in the formation of functional protection profiles is solved in the work. In the dissertation work the analysis of existing models, methods and means of decision support is carried out. It was found that the existing models, methods and tools do not meet the requirements for decision support systems that could be used in conducting state examinations of integrated information security systems. A decomposition model of representation of semantic constants and variables was developed which allowed to form basic templates of source documents. model of parameters which allowed to formally form the necessary set of values for the implementation of the process of identification of the functional profile of protection in computer systems. The method of identification of the functional protection profile, which allowed to implement the process of generating the functional protection profile and verification of its requirements for protection functions (security services) and guarantees. A structural model of the decision support system is proposed which allowed to automate the process of compiling source documents according to their templates. Algorithmic and software have been developed which allowed to automate the process of examination of the complex system of information protection and detection of inconsistencies in the formation of the functional profile of protection. The conducted experimental researches of software application, introduction and successful practical use of the specified developments have confirmed reliability of theoretical hypotheses and conclusions of dissertation work.