employee
Moscow, Moscow, Russian Federation
employee
Moscow, Moscow, Russian Federation
employee
Moscow, Moscow, Russian Federation
VAC 05.22.08 Управление процессами перевозок
VAC 05.25.05 Информационные системы и процессы
UDK 62 Инженерное дело. Техника в целом. Транспорт
GRNTI 20.15 Организация информационной деятельности
GRNTI 73.01 Общие вопросы транспорта
The purpose of the scientific work is to build a scheme for the interaction of modules of an automated system for integrated protection of strategically important resources of an enterprise, in particular, a transportation industry enterprise. To ensure a high efficiency of the presented system, efficient allocation between the modules is necessary for the protection functions. Within the framework of this task, the article presents sets of functions for each security module. The outstanding feature of the work is the proposed scheme of optimal interaction of the modules of the automated system of integrated protection of strategically important resources of the enterprise. The article considers the mechanism of isolation of "affected" resources (and modules) of the main automated control systems of a transportation enterprise, consisting of the sequential execution of the functions of forming "affected zones and quarantine", the function of redirecting datastream. The paper presents a structural diagram of the interaction of modules of an automated system for integrated protection of strategically important enterprise resources, sets of functions for each module are formed, a scheme for ensuring isolation of "affected" resources is presented, the main difficulties of implementing an automated system are described, in particular, the features of its implementation at the transportation industry enterprise connected with the client-server architecture of the main AS, a number of additional organizational and technical measures for protecting strategically important enterprise resources are proposed.
automation, information security, information protection, resources
1. Virvilis, N. Trusted Computing vs. Advanced Persistent Threats: Can a defender win this game? / N. Virvilis, D. Gritzalis, T. Apostolopoulos // 2013 IEEE 10th International Conference on Ubiquitous Intelligence and Computing and 2013 IEEE 10th International Conference on Autonomic and Trusted Computing., - 2013. - P. 396 403. - DOI:https://doi.org/10.1109/UIC-ATC.2013.80.
2. Chen, P. A Study on Advanced Persistent Threats / P. Chen, L. Desmet, C. Huygens // Communications and Multimedia Security. - 2014. - P. 63-72. - DOI:https://doi.org/10.1007/978-3-662-44885-4_5.
3. Kuznecova, N. M. Reshenie zadachi avtomatizacii processov zaschity strategicheski vazhnyh resursov predpriyatiya ot kompleksnyh kiber-atak na osnove analiza taktik zloumyshlennikov / N. M. Kuznecova, T. V. Karlova, A. Yu. Bekmeshov // Vestnik Bryanskogo gosudarstvennogo tehnicheskogo universiteta. - 2020. - № 7(92). - C. 48-53. - DOI:https://doi.org/10.30987/1999-8775-2020-7-48-53.
4. Methods Dedicated to Fight Against Complex Information Security Theats on Automated Factories Systems / T. V. Karlova, N. M. Kuznetsova, S. A. Sheptunov, A. Y. Bekmeshov // 2016 IEEE Conference on Quality Management, Transport and Information Security, Information Technologies (IT&MQ&IS). - 2016. - P. 23-27. - DOI:https://doi.org/10.1109/ITMQIS.2016.7751927.
5. Federal'nyy zakon «O bezopasnosti kriticheskoy informacionnoy infrastruktury Rossiyskoy Federacii» ot 26.07.2017 № 187 FZ. - URL: http://www.consultant.ru/documents/cons_doc_LAW_220885 (data obrascheniya: 12.03.2021).
6. GOST R ISO/MEK 15408-1-2012 Informacionnaya tehnologiya (IT). Metody i sredstva obespecheniya bezopasnosti. Kriterii ocenki bezopasnosti informacionnyh tehnologiy. Chast' 1. Vvedenie i obschaya model' = Information technology. Security techniques. Evaluation criteria for IT security. Part 1. Introduction and general model: nac. standart Rossiyskoy Federacii : izd. ofic. : utv. i vved. v deystvie Prikazom Feder. agenstva po tehn. regulirovaniyu i metrologii ot 15 noyabrya 2012 g. № 814-st. : vved. vzamen GOST R ISO/MEK 15408-1-2008 : data vved. 2013-12-01 / podg. Obschestvom s ogranichennoy otvetstvennost'yu «Centr bezopasnosti informacii» (OOO «CBI»), Federal'nym avtonomnym uchrezhdeniem «Gosudarstvennyy nauchno-issledovatel'skiy ispytatel'nyy institut problem tehnicheskoy zaschity informacii Federal'noy sluzhby po tehnicheskomu i eksportnomu kontrolyu» (FAU «GNIII PTZI FSTEK Rossii»), Federal'nym gosudarstvennym unitarnym predpriyatiem «Situacionno-krizisnyy Centr Federal'nogo agenstva po atomnoy energii» (FGUP «SKC Rosatoma») : Standartinform, 2014.
7. Advanced social engineering attacks / K. Krombholz, N. Hobel, et al. // Journal of Information Security and Applications. - 2015. - June. - P. 113-122. -DOI:https://doi.org/10.1016/j.jisa.2014.09.005.
8. ATT&CK Matrix for Enterprise. - URL: https://attacks.mitre.org (data obrascheniya: 12.03.2021). - Rezhim dostupa: dlya zaregistrir. pol'zovateley. - Tekst. : elektronnyy.
9. Kim, Y. Involvers’ Behavior-based Modeling in Cyber Targeted Attack / Y. Kim, I. Kim // Eighth International Conference on Emerging Security Information, Systems and Technologies. - 2014. - P. 132-137. - ISBN 978-1-61208-376-6.
10. Markov, A. S. Organizacionno-tehnicheskie problemy zaschity ot celevyh vredonosnyh programm tipa StuxNet / A. S. Markov, A. A. Fadin // Voprosy kiberbezopasnosti. - 2013. - № 1(1). - S. 28-36.
