SIMULATION OF INFORMATION SECURITY RISKS OF AVAILABILITY OF PROJECT DOCUMENTS BASED ON FUZZY LOGIC

Abstract

The widespread use of computer technology, its rapid development and use in almost all areas of human activity requires constant updating of information security issues. The activities of many enterprises in the field of IT, construction, and other areas are of a project nature and therefore further research on information security management of projects is relevant. Appearance of changes and the current state of the project results at certain points of time describe the documents that accompany it. In this paper, the information structure of the project is considered as a set of specific documents. During the life cycle of each project document, which includes the creation, transfer, preservation and transformation, there are generally threats to its confidentiality, integrity, accessibility and authenticity. This paper develops a method for assessing the risks of violation of the availability of project documents in solving information security problems. A formal description of many project documents in the form of a generalized hierarchical structure is presented, the connection of documents with the operations performed on them and information systems used during these operations is formalized. Given the incompleteness and dimension of the data, the based on fuzzy logic model was developed to assess the risk of document accessibility. Approaches to the assessment of the damage from the violation of the availability of the project document and the method of calculating the overall assessment of the risk of violation of the documents availability are proposed. The results presented in this paper can be used in decision-making processes regarding information security of projects in organizations that have project activities. The approaches proposed in this paper can serve as a basis for the creation of specialized information technologies to automate the calculation of project risk assessments.