SQL representation of relational and probabilistic models of soñio-engineering attacks in problems of calculation of the aggregated estimates of information system’s personnel security taking into account scales of communications between users
Abstract:
Risk analysis of information security is now especially hot topic, owing to that that as insurance companies want to have probably more exact characteristics about the probable extent of damage and the necessary sum of insurance, and the company, wishing to insure the information risks, also want to understand, for what and as far as these or those sums are reasonably paid at the conclusion of the contract of insurance. Besides, any of the called parties doesn't want to lose own resources. Thus, it is necessary to learn to receive adequate, but at the same time the complex, aggregated estimates of security of information systems. The comprehensive analysis of security both program and technical component of system, and the personnel of such systems (their socio-technical component) is for this purpose necessary. The purpose of the present article is development and improvement of the task of the main relations considered before option in the "personnel information system-critical documents" complex at socio-engineering attack of the malefactor.