Оптимизация процесса управления рисками информационной и функциональной безопасности многофункциональных информационных систем при электромагнитных воздействиях
The paper discusses the main stages of solving problems of optimal organization of the system of risk management information and functional safety of multifunctional information systems (IFB IIA) on the basis of the principle of guaranteed result. The results of the decision of problems of modeling of the structure of the threats, indexing and optimization of the risk management system of IFB.
Implementation of IT and program projects seems to be very complicated and taught process, associated with many uncertainties and risks. Sure, this does not mean the rejection of such projects, supposed the more responsibility for the decision making process of new information technologies implementation. To manage various problems which face project managers, it makes sense to use special risk management software. The functionality of modern risk management systems allows identifying risk occurrence, conducting scenario modeling, take the more appropriate managing decisions based on scenario analysis and mathematical calculations. All these functionality will support project manager to optimize his business activities in accordance to risk management practices and ensure better coordination and balance inside the project team. Currently there available a wide range of project management software, but it is reasonable to conduct some analysis in terms of applicability to specific IT projects. The author will review the most appropriate software solutions for the risk management in IT area, conduct competitive analysis and provide some recommendations on software selection.
The monograph is devoted to the development of research methodology of threats, vulnerabilities and risks in information security in organizations. Substantiated mathematical apparatus of research: axiomatization of Boolean , which as most adequately describes the processes of mental activity in the construction of expert system model of information security in the organization and eliminates various types of heuristics that are typical of artificial intelligence languages . Methodology contains descriptive ( verbal ) and math ( formalized ) components . The technique developed formalized description of threats, vulnerabilities and risks of information protection systems and synthesis of relations between them allows you to fully analyze and document requirements related to information security in the organization, avoiding the cost of excessive security measures possible in the subjective assessment of the risks to assist in planning and implementation of protection at all stages of the life cycle of information systems, ensure that work in the shortest possible time, provide a justification for the choice of countermeasures to evaluate the effectiveness of countermeasures to compare their various options. The monograph provides examples of using methods for cal factor calculations , ensuring correct the validity of decisions of experts in information security in organizations. For managers and specialists units for the protection of information.
Narrative functions very greatly and are studied in a wide interdisciplinary spectrum. However, one of the functions of the narrative have not yet been studied in detail and therefore deserves a special attention. This is an alarm function: narratives can not only reconstruct past events, but they can also warn on the possible danger, predict the future events and simulate the reactions of recipients. In theoretical narratology, this function is perceived with caution: narrative is usually considered as a form referring to the past. At the same time, the applied research shows that narratives could be actively involved in the practices of predicting the future. This mechanism is largely based on the collective memory. The article deals on the problem of narrative representation of risk and its relation to collective memory.
The possibility of using the category of "value community" in the study of risk is analyzed. On the example of the "psychophysical numbing" studies we try to show the possible contribution of sociology based on utilizing the resources of functionalism and of "folk sociology" approach.
The present article contains a description of new method of royalty calculation based on analysis of risk decrease generated by franchisor's intellectual assets transmitted to franchises.
The article discusses the productivity of using the naïve theories of communities in the study of the social aspects of risk. We identify existing and future research directions. We also discuss the question of what aspects of risk and risk perception can potentially depend upon naïve perceptions of the communities. A brief description of the main approaches to the study of lay theories communities is also given.
A model for organizing cargo transportation between two node stations connected by a railway line which contains a certain number of intermediate stations is considered. The movement of cargo is in one direction. Such a situation may occur, for example, if one of the node stations is located in a region which produce raw material for manufacturing industry located in another region, and there is another node station. The organization of freight traﬃc is performed by means of a number of technologies. These technologies determine the rules for taking on cargo at the initial node station, the rules of interaction between neighboring stations, as well as the rule of distribution of cargo to the ﬁnal node stations. The process of cargo transportation is followed by the set rule of control. For such a model, one must determine possible modes of cargo transportation and describe their properties. This model is described by a ﬁnite-dimensional system of diﬀerential equations with nonlocal linear restrictions. The class of the solution satisfying nonlocal linear restrictions is extremely narrow. It results in the need for the “correct” extension of solutions of a system of diﬀerential equations to a class of quasi-solutions having the distinctive feature of gaps in a countable number of points. It was possible numerically using the Runge–Kutta method of the fourth order to build these quasi-solutions and determine their rate of growth. Let us note that in the technical plan the main complexity consisted in obtaining quasi-solutions satisfying the nonlocal linear restrictions. Furthermore, we investigated the dependence of quasi-solutions and, in particular, sizes of gaps (jumps) of solutions on a number of parameters of the model characterizing a rule of control, technologies for transportation of cargo and intensity of giving of cargo on a node station.
Event logs collected by modern information and technical systems usually contain enough data for automated process models discovery. A variety of algorithms was developed for process models discovery, conformance checking, log to model alignment, comparison of process models, etc., nevertheless a quick analysis of ad-hoc selected parts of a journal still have not get a full-fledged implementation. This paper describes an ROLAP-based method of multidimensional event logs storage for process mining. The result of the analysis of the journal is visualized as directed graph representing the union of all possible event sequences, ranked by their occurrence probability. Our implementation allows the analyst to discover process models for sublogs defined by ad-hoc selection of criteria and value of occurrence probability
Existing approaches suggest that IT strategy should be a reflection of business strategy. However, actually organisations do not often follow business strategy even if it is formally declared. In these conditions, IT strategy can be viewed not as a plan, but as an organisational shared view on the role of information systems. This approach generally reflects only a top-down perspective of IT strategy. So, it can be supplemented by a strategic behaviour pattern (i.e., more or less standard response to a changes that is formed as result of previous experience) to implement bottom-up approach. Two components that can help to establish effective reaction regarding new initiatives in IT are proposed here: model of IT-related decision making, and efficiency measurement metric to estimate maturity of business processes and appropriate IT. Usage of proposed tools is demonstrated in practical cases.
This volume presents new results in the study and optimization of information transmission models in telecommunication networks using different approaches, mainly based on theiries of queueing systems and queueing networks .
The paper provides a number of proposed draft operational guidelines for technology measurement and includes a number of tentative technology definitions to be used for statistical purposes, principles for identification and classification of potentially growing technology areas, suggestions on the survey strategies and indicators. These are the key components of an internationally harmonized framework for collecting and interpreting technology data that would need to be further developed through a broader consultation process. A summary of definitions of technology already available in OECD manuals and the stocktaking results are provided in the Annex section.