Evaluation of means of registration of references to information subject to protection
Means for registering calls to information subject to protection are a fairly effective measure that also requires quality assessment: the execution of the registration program (whether all calls are registered, with what attributes), the likelihood of it being bypassed by an intruder, the possibility of covert shutdown, operating time, reliability.
However, the registration of events with delayed detection, rather, serves for preventive purposes and the subsequent analysis of the past situation, in connection with which it is advisable to consider this measure as mandatory, but still backup, that is, duplicating other protection measures.
Evaluation of the effectiveness of information security management tools in a complex of information processing automation tools
Information security management tools in the complex of information processing automation tools are not indicated in the list of protection tools for possible unauthorized access channels, but they perform this function, being an important part of those listed in Table. 1 means of protection. The department provides the functions of control, detection and blocking of unauthorized access, as well as the uninterrupted operation of hardware, software and organizational protection tools, statistics and forecasting of events. All these parameters are taken into account when assessing the strength of individual protection means of a complex of information processing automation tools. As a result, the assessment of the effectiveness of protection controls can be carried out only from a qualitative point of view for the implementation of protection as a single mechanism – an information protection system in the technical sense of solving the problem: control technology, the composition of hardware and software controls and organizational measures, the presence of centralization of control and protection management.
Assessment of the degree of centralization of control and management of protection involves an assessment of the degree of coverage of individual protection means by means of control and management. This parameter determines the probability of bypassing protective barriers by an intruder, established by an expert. In critical systems, all barriers should be under centralized control. Evaluation of the effectiveness of information security controls should be given a separate metric.
Such an assessment is necessary to determine the degree of approximation of the obtained values of the protection strength to the real ones. The more automated means of protection, the less expert assessments, the more reliable the results of assessments, and the higher the guarantees of the effectiveness of protection.