Abstract:
Developed description of informative models of the component of complex “informative system – personnel”, which is under threat of socioengineering attack is being presented in this paper. Informative model of user, users group, controlling areas, information objects (system of documents), hardware-software maintenance and information system itself are considered. Specified informative models are included into the base for analyzing protection of informative system under the threat of socioengineering attacks. Hierarchy of these models allows to describe scene (context), in which socioengineering attack developes, to touch possible attacks (trees of attacks), and, on the base of gained results, study possible approaches to estimation the degree of protection of complex “information system – personnel” from socioengineering attack.