Zybin S. Methodology of informational and analytical support of information processing systems for decision-making under conditions of risk and uncertainty

The thesis is devoted to solving the actual scientific and applied problem of developing a methodology of improving the efficiency of the information processing system by providing information and analytical support for its formation processes. The methodology consists in developing the theory of decision support and developing a structure, methodology and mathematical model for supporting decision-making processes taking into account constraints and uncertainty, as well as assessing the effectiveness of the system's operation. The support decision-making approach proposes in the thesis. This approach can be used for the formation of complex information security programs, taking into account the threats and risks. Under the threat, we understand a condition of the environment, impacts the efficiency of the task. Complex goal-oriented program is executed in this environment. Risk is defined as a result of a random event that is caused by the influence of external relative factors. The event is a situation arises that affects the execution program. Threat models and risks have been proposed. The methodology to determine the full sequence of all decision support to optimize and finding the best options in solving problems of a different class and character. However, at each stage, appropriate mathematical and heuristic methods and rules are used to determine the effective organization of the whole decision support algorithm. The stages of decision support technology taking into account threats and risks are developed and presented. These stages are based on the method of goal-oriented dynamic estimation for the complex task. Stages of the goal-oriented dynamic estimation method include the following steps: the stage of goals constructing the hierarchy; the stage of input it into of threats and risks models. On this basis, the following evaluation tasks are being solved. The problem of the relative efficiency for directions of the implementation, taking into account threats and risks is being solved. The problem of tasks relative effectiveness that set by a multitude of threats and risks is solved. The task of using counteraction means to threats and risks is solved. These tasks are solved under the condition is formed for a given time interval. The above-proposed algorithm to solve this problem taking into account the threats and risks was considered. The author proposes to use the method for evaluating the effectiveness of the decisions and risk analysis of information security. The proposed method of risk analysis allows to determine the efficiency of the already taken or planned decisions. In addition, the value of probability of threat implementation depends on the level of echelonment for security and protection. The method does not take into account the effectiveness of blocking the means of countering threats. In addition, there are no means of determining the value of information resources. However, this method allows to evaluate the efficiency and correctness of generated solutions based on the results of prototype DSS testing. The task of resource distribution is to determine the set of optimal resources, which maximize the degree of the goal achievement. An algorithm of resource distribution between threats and risks and programs aimed at increasing information security is proposed. The algorithm of resource distribution is proposed, when the function of the project execution stage is a threshold function. In this case, the hierarchy of goals is linear.