Methodology and ontology of expert system for information security audit

Atymtayeva, Lyazzat; Bortsova, Gerda; Kozhakhmet, Kanat T.

doi:10.1109/scis-isis.2012.6505287

Cited by 9 publications

(2 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This security mechanism will provide organizational guidelines, standards and component analysis that leads to issuance of the recommendations. Consequently, the supposed metamode of the security standard recommendations could be created (Atymtayeva et al, 2012;Kozhakhmet et al, 2012;Atymtayeva et al, 2011).…”

Section: Security Mechanism Implementationmentioning

confidence: 99%

Assessing Information Security Vulnerabilities and Threats to Implementing Security Mechanism and Security Policy Audit

Afifi

2020

Journal of Computer Science

View full text Add to dashboard Cite

In spite of the massive investment of money, time and efforts an organization devotes to growth and enhancement with continuous improvements of a sound information security strategy, the human factor is ultimately and eventually the one behind the keyboard. As a result, human beings remain the most vulnerable and weakest entity in the information security chain. A negligent and irresponsible in-house employee can be a threat even to the most breath-tight secure environment, an organization built to keep intruders away from unauthorized access. Information security is considered to be one of the most necessary and crucial issues of the field, with the rapid changes in the information technology that takes place every day and with the business models chasing it and trying to catch up, recently and for a while, it has become one of the most interesting fields to technology and business communities.

show abstract

Section: Security Mechanism Implementationmentioning

confidence: 99%

Assessing Information Security Vulnerabilities and Threats to Implementing Security Mechanism and Security Policy Audit

Afifi

2020

Journal of Computer Science

View full text Add to dashboard Cite

show abstract

“…−internal offenders who have the right to access the controlled area, but do not have access to the organization's information system (partners, clients); −external offenders who do not have the right to physical access to the controlled area and to the organization's IP (hackers, criminal structures). At the stage of forming the threat model, data from the intruder's model is received at the input, and at the output, destructive actions are generated for each object for each intruder [6][7]. From all possible destructive actions, many threats to information security are formed -{Х}.…”

Section: Organization Of Internal Audit Of Information Security In Organizationsmentioning

confidence: 99%

Study the Methods of Internal Audit of Information Security in Organizations

Yakubgjanovna¹

2020

IJETER

View full text Add to dashboard Cite

This article presents a typical approach of security analysis, criteria for assessing security controls of a computer network and methods for assessing information security in organizations, taking into account the model for assessing information security processes. To organize an internal audit of information security in organizations, an approach is proposed for describing an object and forming a model of an intruder.

show abstract