SEARCH
 

Search

 

Результаты поиска 1 - 5 из 5
Начало | Пред. | 1 | След. | Конец


Software evaluation tests for identifying competencies of personnel reserve with elements of information security

Tumbinskaya M.V. PhD of Technical Sciences., Senior Lecturer of department "Information Security Systems", FGBOU VPO the Kazan National Research Technical University named after AN Tupolev ( tumbinskaya@inbox.ru )

Safiullina A.M. Senior Lecturer of department "Financial Management", Chow WEI the Institute of Economics, Management and Law ( safiullina@ieml.ru )

Journal: National Interests: Priorities and Security, #35, 2012

In the article the method of estimation of knowledge and detection of competences of a personnel reserve of the enterprise which distinctive feature is the expanded scale of gradation which allow to receive an authentic assessment of knowledge is offered, competences, to individualize human resource management are revealed. Algorithms of support the decision-making important for increase of reliability of an assessment of knowledge and level of competence of a personnel reserve are described. The special man-machine program tools of estimation of the test tasks, realized on the basis of the offered algorithms of support of decision-making are presented.


A generic algorithm of dissemination of targeted information in social networks

Tumbinskaya M.V. Kazan National Research Technical University n.a. A.N. Tupolev – KAI, Kazan, Republic of Tatarstan, Russian Federation ( tumbinskaya@inbox.ru )

Journal: National Interests: Priorities and Security, #3, 2017

Importance Social networks provide massive information about users, the so called open data mining. The social network users voluntarily disclose their personal information to abusers, mentioning their work, education, interests through pages and groups, which they join, and notes they make there. Thus important data become available for abusers who organize network attacks against users through targeted information.
Objectives The research overviews current issues of information security in social networks, especially the protection of targeted information aimed at preserving the integrity of confidential information.
Methods The research relies upon the algorithm used to disseminate targeted information throughout social networks, determines its parameters, which, if varied, would help specify various scenarios of attacks. The article sets forth threats to information security in social networks and proposes protection methods.
Results If scenarios are specified and detailed, they will allow for counteraction measures. The method of protection from targeted information disseminated throughout social networks allows to devise anti-targeted information model and implement special-purpose software to integrate it into social systems of social networks.
Conclusions and Relevance The article evaluates whether the anti-targeted information methods are effectively applied. The proposed solutions will allow countering data mining through modern protection methods and tools and guidelines for integrity of information resources.


Organizational support to IT infrastructure management in the information security system of an enterprise

Tumbinskaya M.V. Kazan National Research Technical University named after A.N. Tupolev - Kazan Aviation Institute, Kazan, Russian Federation ( tumbinskaya@inbox.ru )

Journal: National Interests: Priorities and Security, #1, 2015

At present, the issue of information security management of an enterprise is extremely relevant. Its relevance is determined by aggravating problems of information security in the conditions of intensive improvement of data protection technologies and tools. It is proved by increased number of violations in the field of information protection and growing seriousness of their consequences. Globally, the total annual number of violations increases by more than 100%. In Russia, the number of reported crimes in the sphere of information security increases several times every year. The statistics shows that if a commercial organization leaks important internal information, it becomes a bankrupt in 60% of cases. Thus, there are factors and parameters that determine the need for a balanced approach to the indicated problem: the growing number of data-related threats and risks, inadequate information security of existing corporate information systems. The modern market dictates the need to ensure security and protection of commercial information and sensitive data. Protection of information resources at modern enterprises is one of the main areas, which requires a continuous analysis of the quality of resources, tools, security methods, as well as their prompt update and improvement. The article analyses the challenges to information integrity in corporate information systems, and information resources of modern enterprises. The author offers formalization of information security system optimization of an enterprise. The paper defines organizational management parameters of the IT infrastructure in the data security system of an enterprise, describes the information-processing procedure and decision-making while managing IT infrastructure within the information security system. The author describes a model of "personnel resource" influence on IT infrastructure management in the system of data protection of an enterprise and offers recommendations to minimize human resource risks and threats.


Analysis of the protection of the LTE-A security system from the targeted exposure of DoS attack

Kormil'tsev N.V. Kazan National Technical Research Technical University named after A.N. Tupolev – KAI (KNRTU-KAI), Kazan, Republic of Tatarstan, Russian Federation ( kormiltcev@hotmail.com )

Uvarov A.D. Kazan National Technical Research Technical University named after A.N. Tupolev – KAI (KNRTU-KAI), Kazan, Republic of Tatarstan, Russian Federation ( obg-96@mail.ru )

Khamatnurov I.I. Kazan National Technical Research Technical University named after A.N. Tupolev – KAI (KNRTU-KAI), Kazan, Republic of Tatarstan, Russian Federation ( Ildarka96@mail.ru )

Tumbinskaya M.V. Kazan National Technical Research Technical University named after A.N. Tupolev – KAI (KNRTU-KAI), Kazan, Republic of Tatarstan, Russian Federation ( tumbinskaya@inbox.ru )

Journal: National Interests: Priorities and Security, #2, 2019

Subject The article analyzes to what extent the LTE Advanced networks are protected from the DoS attacks.
Objectives The research attempts to detect and analyze vulnerable loops in the LTE security system, which is a modern means of communication. However, it is often exposed to some malpractices, such as DoS attacks.
Methods The research discusses the specifics of Network Attached Storage access to Evolved UMTS Terrestrial Radio Access Network (E-UTRAN). We also describe two instances of the protocol being exposed to DoS attack through the Tracking Area Update procedure (TAU).
Results We conducted an analysis of some exposures as part of E-UTRAN and TAU procedures and figured out what disrupted the service of TRACKINGAREAUPDATEREJECT warning system.
Conclusions and Relevance Although LTE-A standard provides for some mechanisms to enhance the security of mobile communication, we actually detected an unprotected transfer of messages to launch DoS attacks. We also proved deficiencies in the network security system. The drawbacks can be eliminated with the system recovery timer, which disconnects mobile stations from the networks and notifies TAU procedure is denied throughout a protracted period of time. Afterwards mobile stations regain access to the network without disturbing other users.


Information support when ensuring the security of internet-banking

Tumbinskaya M.V. Kazan National Research Technical University named after A.N. Tupolev - KAI, Kazan, Republic of Tatarstan, Russian Federation ( tumbinskaya@inbox.ru )

Journal: National Interests: Priorities and Security, #15, 2015

Importance Currently, most banking institutions use information systems of Internet banking or distance banking. It is simple and convenient for both banks and their customers, though not always safe.
     Objectives Information security in Internet banking is relevant and vital since fraudulent and malicious activities (cyber-attacks) of cybercriminals (hackers) become more frequent. In reality, cybercrimes are committed more often than statistics indicates. Banking institutions are reluctant to disclose information about successful cyber-attacks cybercriminals performed. The article addresses issues of data protection in information systems of online banking and pursues preserving the integrity and confidentiality of information.
     Methods The research shapes a generalized structure of an information system of Internet banking, which reflects modular architecture of the system, links between users and control loop. I also propose a model of the information system of Internet banking, which, if used, will allow minimizing cyber-attacks, enhancing and improving a comprehensive information security system in economic and social organizations, increasing the efficiency of the protected information system of Internet banking, choosing an adequate strategy for developing Internet banking.
     Results The Internet banking system model will allow evaluating the system protection level, which is ensured by supporting the decision-making process in a poorly structured domain with heterogeneous characteristics. I propose a set-theoretical model to support decision-making in managing information security of information systems of Internet banking that allows accumulating analytical information on ongoing cybercriminals' threats, providing automated support to the process of making decisions on suppression of cyber-attacks, setting safeguards for confidential information, facilitating the elaboration of control actions. The article describes a semantic general scheme for stealing confidential information from information systems of Internet banking, presents a formalized model of a cybercriminal featuring personal parameters and scenarios for stealing confidential information from information systems of Internet banking. The cybercriminal model relies on common images and prototypes of cybercriminals, which will enable to detect a probable offender in the information system of Internet banking.
     Conclusions and Relevance The proposed solutions will facilitate reinforcing information security of the information system of Internet banking, increasing the effectiveness and quality of managerial decisions on confidential information protection.


Результаты поиска 1 - 5 из 5
Начало | Пред. | 1 | След. | Конец


Отсортировано по релевантности | Сортировать по дате