Military academy of communication corps (Krasnodar branch office)
Author list of organization
List of articles written by the authors of the organization
-
MATHEMATICAL SOFTWARE FOR DETECTING CONFIDENTIAL DATA IN ELECTRONIC DOCUMENTS
DescriptionIn the article, we develop the software for process of confidential data detection based on the knowledge bases technology. The algorithm of detection of confidential data in the electronic documents transferred outbound of protected information system, due to application of linguistic technologies of the thorough text analysis is presented. The estimation of computing complexity of the developed algorithm is made up. The developed data structures and algorithm are realized in the programming language C++. Results of the experiments, confirmed workability of the developed algorithm are presented. The performed experimental researches of the developed algorithm have shown its practical applicability. The estimation of quality of confidential data detection is made up. The obtained estimations of detection quality have shown, that the developed structures of data and algorithm provide more effective and qualitative solution of problems of the confidential information detection in electronic documents, at due to application of knowledge bases technology where the subject domain of the analyzed information is considered. Distinctive feature of the developed algorithm of confidential data detection is the use of rapid access to hashed concept ontographs simultaneous implementation of knowledge base rules, which allows raising indicators of completeness and accuracy of detection. A scope of application of the developed software is the protection frames of the information intended for revealing of an information transfer containing data of confidential character in electronic documents outbound of protected information system with violation of security policy
-
DEVELOPMENT OF INTELLECTUAL SYSTEM PREVENTING LEAKAGE OF PROTECTED INFORMATION USING KNOWLEDGE BASES
DescriptionThe article deals with the problem of increasing the efficiency of the control and prevention of leakage of confidential information circulating within the organization, and in cooperation with the information networks of general use through the development of intelligent system of pragmatic identification of confidential information. The main purpose of this system is to develop early detection, prevention and localization (minimization) of the risks associated with violation of the order of processing, storage and transmission of confidential information. The article presents an approach to the organization of the knowledge base of intelligent system of pragmatic identification of information of a confidential nature, using two models of knowledge representation. We have defined a subject field to meet the challenges of which the intelligent system was meant for. The article describes the ontological model of knowledge representation used for formal representation of domain concepts in the knowledge base. It presents an indicator of exactness of meaning reference to a concept of domain meaning. The article describes a confidence index for each rule from the rule base that characterizes the measure of the likelihood of a conclusion when a rule implemented. It presents a general structure of the rules base, conditions of execution of each rule of conclusion. To accelerate the work of intelligent system a parallel search for the rules in the knowledge base is to be applied. In conclusion, the algorithm of parallel search is described
-
PRESENTATION OF MANDATORY POLICY OF ACCESS CONTROL VIA THE HARRISONRUSSO-WILLIAM’S MODEL
DescriptionThe accepted model of the access control is realized with the monitor of safety in the protected automated information system. Models of safety are considered, as a rule, as a system which is a single whole and has the uniform monitor of safety. Nevertheless, the architecture of the real automated information systems and processes of their functioning can be characterized by distribution. The distributed automated information system consists more than of one local segment representing isolated set of subjects and objects of access. In the distributed system local segments can be realized both on the basis of discretionary, and on the basis of mandatory models of safety (i.e. to be diverse). One of directions of a safety in this case is realization of the general monitor of the safety providing the uniform (coordinated) policy of access control. For safe interaction of patchwork systems it’s necessary to bring them to a single model. Hence, while the integration of information systems the problem of their interaction becomes persistent. Thus in the systems processing the information of a various level of confidentiality, it is necessary to realize mandatory access control. In given clause the mandatory policy of the safety presented by classical model of Bell-LaPadula, is described by the elements of classical model of Harrison-Russo-William. Using the mechanisms of change of a matrix access the opportunity of assignment and change of confidentiality marks is described and the observance of safe practices within the limits of mandatory access control is analyzed. The safety of application of the given approach has been proved. The perspective direction of research has been defined
-
Description
In this article we consider the usage of HRU access matrix changing system allowing for information security system which makes mandatory access control in case of information security analysis by using an automatic classification of formalized documents in the system of electronic document management
-
Description
In the article, we present the mathematical model of referring documents entering the automated system to the spheres of users responsibility. The possibility of application of mathematical apparatus of final predicates algebra as a basic means of model description is proved
-
DEVELOPING A COUNTERMEASURES TO USING COVERT CHANNELS IN PACKET-SWITCHED NETWORKS
DescriptionIn the given article a model which allows defining general characteristics of covert channels in packet-switched networks as well as countermeasures to covert channels developed on the basis of the model in question are presented
-
Description
The problem of acquisition of computer attacks is considered. It is demonstrated that it is a solution of combinatorial problems, and their solution is bound to fork of solving processes, with search of alternatives that grows fast at thickening of system of regularities. Such search is foregone, but it can be reduced to the reasonable magnitude, allowing solving problems of acquisition of computer attacks. Application of inductive forecasting of statuses will allow to inoculate knowledge base in an automatic mode, to shape the new rules and to delete the old ones
-
Description
The article presents different types of electronic docu-ments allowing to create the unique searching-for-information thesaurus
-
Description
In the given article the mathematical representation analysis of documental reference model of the automated system in the information areas of the actor’s liability is made, which allows to make a conclusion of discretionary access control
-
AUTOMATIC CLASSIFICATION OF FORMAL DOCUMENTS IN ELECTRONIC DOCUMENT MANAGEMENT SYSTEM
DescriptionThis article presents a method for automatic classification of electronic documents, based on the analysis of document metadata with using the final predicates algebra