Integrated Safety Mechanisms Based on Security Risks Minimization for the Distributed Computer Systems

Full Text (PDF, 326KB), PP.21-28

Views: 0 Downloads: 0

Author(s)

Vadym Mukhin 1,* Artem Volokyta 1

1. Department of Computer Systems of National Technical University of Ukraine “KPI”, Kiev, Ukraine

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2013.02.03

Received: 12 Jun. 2012 / Revised: 11 Oct. 2012 / Accepted: 20 Dec. 2012 / Published: 8 Feb. 2013

Index Terms

Distributed computer systems, safety model, security risks minimization

Abstract

Today, there are known the basic principles of decision-making on the safety control of distributed computer systems in the face of uncertainty and risk. However, in this area there are no practical methods for the quantitative risk analysis and assessment, taking into account the dynamic changes of security threats, which is typical for distributed computer systems.
In this paper is suggested an approach to assesment and minimization of the security risks, which allows to reduce the potential losses due to the realization of threats, to analyze the dynamics of intrusions into computer systems and to select the effective security tools.
As a result, there is designed the structure of the tools for risk minimization in the distributed computer systems and are formalized the main functions of this structure. Also, in the paper is suggested the assessment of risk factors of the security threats and the probability of the threats realization, which are based on their division into appropriate groups. The proposed tools for security risk minimization allow effectively identify, classify and analyze threats to the security of the distributed computing systems.

Cite This Paper

Vadym Mukhin, Artem Volokyta,"Integrated Safety Mechanisms Based on Security Risks Minimization for the Distributed Computer Systems", International Journal of Computer Network and Information Security(IJCNIS), vol.5, no.2, pp.21-28, 2013. DOI: 10.5815/ijcnis.2013.02.03

Reference

[1]N.Nagaratnam, P. Janson, J. Dayka, A. Nadalin, F. Siebenlist, V. Welch, I. Foster, S. Tuecke, The Security Architecture for Open Grid Services: IBM Corporation, 2003.
[2]Risk Taxonomy, Open Group Publication, January 2009 www.opengroup.org/onlinepubs/9699919899/toc.pdf
[3]Information technology – Security techniques – Information security risk management, ISO/IEC27005:2007, Geneva, Switzerland, 2007
[4]P. Mell and T. Grance, Effectively and Securely Using the Cloud Computing Paradigm (v0.25), NIST Publication, 2009, http://csrc.nist.gov/ groups/SNS/ cloud-computing/index.html.
[5]M. Hentea, "Enhancing information security risk management with a fuzzy model", Proc. of 19th International Conference on Computer Application in Industry and Engineering. Las Vegas, USA, 2006. – pp. 132 – 139.
[6]R.Tassabehji, Information security threats. Encyc-lopedia of multimedia technology and networking. IDEA Group Reference. Hershey, Pennsylvania, 2005. – pp. 404 – 410.
[7]I. Foster, C.Kesselman, G. Tsudik, S. Tuecke, "A Security Architecture for Computational Grids", Proc. of 5-th ACM Conference on Computer and Communications Security Conference, 1998.
[8]I. Foster, C. Kesselman, J. Nick, S. Tuecke, "The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration", 2002.
[9]A. Chakrabarti, Grid Computing Security: Springer, 2007.
[10]E. Maiwald, Fundamentals of network security. McGraw-Hill. Technology Education, New York, 2004.
[11]M. Hentea, Information security management. Encyclopedia of multimedia technology and net-working. IDEA Group Reference. Hershey, Pennsylvania, 2005. – pp. 390 – 395.