Quarterly journal published in SPbPU
and edited by prof. Dmitry Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
  • 2024 year
  • 2023 year
  • 2022 year
  • 2021 year
  • 2020 year
  • 2019 year
  • 2018 year
  • 2017 year
  • 2016 year
  • 2015 year
  • 2014 year
  • 2013 year
  • 2012 year
  • 2011 year
    • № 1 2011
      • INFORMATION SECURITY ASPECTS

        Baranov V. A.

        The detection of observation process imbalance as a method of invasion identification

        Annotation:

        The model of demonstration of invasion of a computer system as a change of the parameters, which are being registered during the system monitoring, is considered in this article. It is supposed that these changes have statistical nature and they can be described using probability-theoretical model of sequence of observations imbalance. In the necessity to differ complicated hypothesizes, several ways of imbalance detection are suggested. In addition, their efficiency in the suggested probability-theoretical models is considered.

        Keywords:

        Invasion, observation process imbalance, probability-theoretic models.
        Pages 7-16

        Belim S. V., Bardichev V. U.

        Numerical characteristics of access to information in the extended model Take-Grant

        Annotation:

        This article describes a study of the possibility of the numerical characteristics of access to information based on access control lists using the model of Take-Grant. These characteristics allow to estimate correctly the probability of access. Since it is possible that it may be a channel of information leakage, but the likelihood of it is so small that the installation of some additional mechanisms of protection simply makes no sense.

        Keywords:

        Computer security, model of Take-Grant, access graph.
        Pages 17-23

        Devyanin P. N.

        Modeling of role access control in operating systems of Linux sets

        Annotation:

        This article represents role DP-model access control and information flows in operating systems of Linux sets which take into account some their essential features. The article focuses basic attention on formal description mechanism of mandatory integrity control, and also on conditions and results of application rules of transformation conditions. The article represents analysis of properties restrictions on role access control which invariantly concerning nonmonotonic rules of transformation conditions.

        Keywords:

        Computer security, operating system, DP-model.
        Pages 24-43

        Moskvin D. A.

        An approach to automation of the security settings in operating systems

        Annotation:

        The article presents a comprehensive approach to automation of security configuring at operating systems. This technique allows to implement a set of corporative security policy requirements in accordance with a usage profile of the configured system. As the result, assurance in sustainability of the performance, elimination of "human factor" influence, as well as speed up of the process of security setting up are reached using the suggested approach.

        Keywords:

        Security settings, security of operating systems, stability of security.
        Pages 44-49

        Semenova N. A.

        Compliance evaluation between information streams of the company and RBAC system

        Annotation:

        This paper describes a methodology of evaluation the level of compliance between company information streams and a RBAC system. Several criteria for redundant permissions detection and role assignment rules quality assessment are proposed.

        Keywords:

        RBAC system, role assignment rules, RBAC efficency evaluation.
        Pages 50-62
      • INFORMATION SECURITY APPLICATION

        Zavodtsev I. V., Gaynov A. E.

        Application of biometriko-cryptographic technologies for protection of the automated data processing systems

        Annotation:

        The feature of modern automated systems is a high concentration of information of limited distribution in these systems. This feature leads to conflict between users and information security systems. The application of biometrics-cryptographic technologies in the automated systems will solve the problem of access control to protected resources and meets user requirements and requirements for information protection.

        Keywords:

        Automated data processing system, the artificial neural network, Kohonen’s map, a means of highly reliable biometric authentication, access control tools.
        Pages 63-69

        Scheglov A. U., Ogolyuk A. A., Ilyin E. V.

        Practical implementation of the sufficiency information protection facility gears suite

        Annotation:

        This work describes the problem of providing sufficiency of the information protection facility gears suite, depending on its usage conditions. The revealed base principle allows to speak about sufficiency of information security gears suite, when developing high and multipurpose system facilities. Some problems of practical implementation of these gears are also discussed.

        Keywords:

        The mechanism of protection of the information, protection of independent computers, access control, device identification.
        Pages 70-73
      • TECHNICAL SOLUTION

        Andrushechkin U. N., Karetnikov V. V.

        Features of influence underlying surfaces on range of transfer of the correcting data

        Annotation:

        In the present study examined the transfer of correction information and the impact of underlying surfaces in the transmission range of differential corrections.

        Keywords:

        Control and correction station, underlying surface, attenuation function, field intensity.
        Pages 74-77

        Barschevsky E.

        Security of the ship automated systems

        Annotation:

        In article features of the approach to safety of the ship automated systems are considered. In article communication between safety of functioning of the automated systems with questions of optimization of the processes proceeding in difficult automated systems is underlined. Optimization is based on criteria of orthogonality and minimization.

        Keywords:

        Minimization bias, quasi-optimal plans, experimental design, polynomial model, security of automated systems.
        Pages 78-80

        Golubcov D. A., Sidorov K. G., Sikarev I. A.

        Interference immunity and influence of disturbances on working zone dimentions of river automatic identification systems

        Annotation:

        In this article algorithms of calculation and interference immunity of AIS under influence of mutual interference were examined, and also investigation of influence of concentrated on spectrum disturbances on the working zone dimentions of AIS was performed.

        Keywords:

        Interference immunity, automatic identification systems, spectrum of hindrances.
        Pages 81-86

        Yakovlev V., Korzhik V., Kovajkin Yu.

        Key sharing protocol for wireless local area networks based on the use of randomly excited antenna with variable diagram under the condition of multipath wave propagation. Part II. Description of key sharing system and optimization of its parameters

        Annotation:

        We describe a key sharing protocol based on a concept of smart randomly excited antenna and multipath wave propagation considered in the first part of this paper. Reliability, randomness and security of the key string shared by legal users depending on the correlation between legal and illegal signals are estimated. Both erasing of unreliable bits and error correction codes are used. Parameters of key sharing protocols are optimized in order to maximize the key rate. We conclude that appropriated choice of parameters allows provide all requirements even in the case of noiseless eavesdropping channel in contrast of all known previous protocols of the key distribution over noisy channels.

        Keywords:

        System of distribution of keys, optimization, wireless local networks, factor of correlation of signals.
        Pages 87-99
      • APPLIED CRYPTOGRAPHY

        Аristarkhov I. V.

        Key update planning in electronic document verification systems

        Annotation:

        We introduce key update planning models depending from character of adversary activities. The proposed formalization provides the possibility of finding the optimal timing for key update process aimed at minimization of the system idle time.

        Keywords:

        Electronic document verification system, key management, private key compromise, time cost, key update planning.
        Pages 100-104
    • № 2 2011
      • INFORMATION SECURITY APPLICATION

        Kalinin M., Konoplev A.

        Approach to providing the trusted executable environment for multiprotocol network devices

        Annotation:

        The paper reviews the main problems encountered in the organizing of preparing the trusted executable environment for multiprotocol network devices. Also the approach to solve this problem is presented.

        Keywords:

        Information security, trusted environment, network, multiprotocol devices.
        Pages 7-11

        Kalinin M., Markov Y.

        Verification of security policies requirements in Grid-systems

        Annotation:

        The paper raises the problem of IT-security control in Grid-systems. Comparison of security-relevant mechanisms implemented in BOINC, Gridbus, Globus Toolkit, UNICORE, and gLite is presented. That allows us to figure out common approaches applied to realize security in well-known Grid-systems. As the result, formal model of Grid access control and universal method of automated security verification in Grid-systems have been suggested.

        Keywords:

        Access control, grid, model, security, security policy, state, verification.
        Pages 12-21
      • NETWORK AND TELECOMMUNICATION SECURITY

        Kort S. S., Shumov A. V.

        Automatical recognition of network protocols and network packets payload type based on n-gramm analyses

        Annotation:

        This article is devoted to the task of network traffic classification and application of this task to solution of network security problems. Payload is presented in this work as n-gram and on this basis we can talk about network protocol and content recognition and anomaly detection.

        Keywords:

        Network protocol application level, intrusion detection system, pattern recognition, anomaly detection.
        Pages 22-32

        Platonov V. V., Semenov P. O.

        Forming feature space for detecting network attack

        Annotation:

        The possibility of usage dimension reduction techniques to generate a list of most significant parameters for detecting network attacks is analyzed. In this paper is proposed the model of intrusion detection system with modular architecture, which allows classifying packets by different support vector machines.

        Keywords:

        Intrusion detection system, support vector machine, dimension reduction, principal component analysis.
        Pages 33-39

        Platonov V. V., Yushkevitch I. A.

        Hibrid model of intrusion detection system based on lexicographic method

        Annotation:

        The article describes hybrid intrusion detection model. For traffic classification on network and transport layers it is offered to use support vector machine (SVM). Lexicographic methods of application level protocols analysis possibility reseached.

        Keywords:

        Intrusion detection systems, support vector machines, lexicographic methods.
        Pages 40-46

        Yakovlev V., Levin I.

        Simulation of the combined method for tracing the sources of DDOS-attacks

        Annotation:

        In [1], the authors proposed a method of protection against DDOS-attacks which combines attack detection techniques on the hosts and tracing the sources of attacks using the network routers. Tracing of the attack sources is implemented by reconstructing the packets’ route from the source of the attack to the victim. This paper presents the simulation results of this method. To construct the network topology graph models were used: a tree graph with the victim at the root and the random Euclidean graph. We tested the effectiveness of the method for tracing DDoS-attack sources using these models when the number of attackers did not exceed 500. To test the effectiveness of the method in a large-scale network with hundreds of autonomous systems, thousands of users and tens of thousands of attackers we performed the simulation using OMNet. The results of the simulation allowed to obtain more detailed information about the functioning of the method including the process of normalization of legitimate traffic by detecting and blocking attackers using this method.

        Keywords:

        DDoS-attacks, traceback, simulation, Euclidian graph.
        Pages 47-61
      • APPLIED CRYPTOGRAPHY

        Artamonov A. V., Vasilev P. N., Makhovenko E. B.

        Consistent membership revocation in the BBS group signature scheme

        Annotation:

        The article suggests a new way for providing the capability of the signatory authority revocation from some group member from a specific time point in the BBS group signature scheme. Security of this mechanism is based on the adding new trusted party into the group signature scheme. This new subject is in charge of the time reference of keys and signatures, as well as of the other subjects synchronization in revocation procedure.

        Keywords:

        Group signature, BBS group signature scheme, extended dynamic ED-BBS scheme, membership revocation, time manager.
        Pages 62-75

        Alexander Rostovtsev, Alexey Bogdanov and Mikhail Mikhaylov

        Method of secure evaluation of polynomial in untrusted medium using ring homomorphisms

        Annotation:

        Method of secure evaluation of polynomial y = F(x1, …, xk) over some rings on untrusted computer is proposed. Two models of untrusted computer are considered: passive and active.

        Keywords:

        Secure computation, ring homomorphism, public key encryption.
        Pages 76-85
      • TECHNICAL SOLUTION

        Golubcov D. A., Sikarev I. A., Sidorov K. G.

        Noise stability of the adaptive automated identification systems at influence of mutual hindrances

        Annotation:

        In article the method of construction and algorithms of functionally steady adaptive automated identification systems are considered at influence of mutual hindrances.

        Keywords:

        Mutual hindrances, identification systems.
        Pages 86-90

        Pshenitsyn K. V., Sikarev I. A., Mulganov S. V., Sidorov R. G.

        Search of the phasemodulated signal in the presence of multiplicative noise

        Annotation:

        The article proposes two ways to automate the signal reception for better management of information and algorithmic support of the CDMA Globalstar satellite system in the presence of multiplicative noise to improve the efficiency of AIS in the TMS on inland waterways.

        Keywords:

        CDMA, Globalstar.
        Pages 91-94
    • № 3 2011
      • INFORMATION SECURITY ASPECTS

        Babash A. V.

        Using approximate models of the automaton in the task of determining the initial state and input word automaton on the output word

        Annotation:

        The formulas for the parameters of methods for determining the state and the input word automaton, based on the preliminary construction of his entourage of models.

        Keywords:

        The automatic machine, entrance sequence, condition, the total method, the approached model, labor input.
        Pages 7-12

        Zgurskiy A. S., Korbainova E. V.

        Definition of level of vulnerability and estimation of influence of property of safety of the active on data-processing centre activity

        Annotation:

        This article represents the algorithm for appraisal information assets requirements in the security properties. Influence of safety property on data center activity is estimated.

        Keywords:

        Security, credit institution, security property, information security, data center.
        Pages 13-16

        Maluk A. A.

        Methodological basis for the information security theory

        Annotation:

        Questions of the of information security theory’s methodological basis formation are considered. Necessity of using for this purpose of a wide range of non-formal heuristic methods based on productive human thinking additionally to the classic system theory is stressed. A classification of the informal methods forming the basis of the informal system theory is given.

        Keywords:

        Information security, information security theory, system theory, informal system theory, system approach, system analysis.
        Pages 17-23
      • SECURE OPERATING SYSTEMS AND TRUSTED ENVIRONMENT

        Kornev А. А.

        Operating system for constructing specialized trusted information processing systems

        Annotation:

        The paper describes the problem of building an operating system for specialized trusted information processing system development. Trusted treatment implies the absence of the possibility of unauthorized information output to the external environment, the so-called "leakage" of information, through any input-output channels. The concept and practical implementation of the system with a minimal kernel as a basic component of the information processing system is described.

        Keywords:

        Operating system, information security, trusted information processing.
        Pages 24-29
      • NETWORK AND TELECOMMUNICATION SECURITY

        Ageev S. A., Sherstjuk Y. M., Saenko I. B., Polubelova O. V.

        Conceptual basics of automation control of protected multi-service networks

        Annotation:

        Conceptual basics of automation control of protected multi-service networks (PMN) are discussed. The conceptual management model of PMN and basic functional tasks are considered. The framework of mathematical modeling functional control tasks for PMN is given.

        Keywords:

        Protected multi-service network, telematic network services, automation control, TMN model.
        Pages 30-39
      • ASPECTS OF INFORMATION SECURITY

        Kotenko I. V., Stepashkin M. V., Doynikova E. V.

        Protection analysis of information systems taking into account social engineering attacks

        Annotation:

        The paper suggests an attack trees based approach to protection analysis of information systems which extends approach suggested by the authors earlier. The main difference is in introducing of different conceptions, models and frameworks related to social engineering attacks. The approach is intended for use in perspective protection analysis systems.

        Keywords:

        Analysis, protection, social engineering attacks.
        Pages 40-57
      • SPECIAL IT

        Аristarkhov I. V.

        About some threat of information safety in electronic documents verification subsystem of the general use information system

        Annotation:

        Protection electronic document in specialized information system of the general use is realized by means of integrated electronic documents verification subsystems, using electronic signature and public key infrastructure. In article is considered some of the threats of the operating the facilities electronic signature, directed on compromising of the key electronic signature. As one of the organizing measures of the reluctance specified threat is offered building efficient strategy determinations duration of the keys.

        Keywords:

        Electronic documents verification subsystem, certification authority, registration authority, request processing, public key certificate.
        Pages 58-63

        Zhuravlev V. M.

        Topological structure of coverage of trunked radio communication system on inner water way

        Annotation:

        InThe task of optimization of range and size of the shore or base radio station zones is considered using stochastic models of information channels taking into account radio wave propagation, changing of obstructing relief between shore station and receiver of the ship, movement of ship station relating to shore one.

        Keywords:

        Inner water ways, automatic vessel traffic service, trunked radio stations, obstructing relief, probability of error, coverage, receiver sensivity, corporative river information system, river information services (RIS), obstructing relief, Rayleigh distribution.
        Pages 64-72

        Rudyih S. V., Sikarev I. A., Sidorov K. G.

        Synthesis of functionally stable coherent automated information systems

        Annotation:

        This article describes the algorithms and structural schemes of adaptive coherent AIS, including the structure of "base station transponder, correspondent for the opposite and orthogonal binary signals.

        Keywords:

        Inner water ways, automatic vessel traffic service, interburst interference, coverage, transmitter power, probability of error.
        Pages 73-76
      • APPLIED CRYPTOGRAPHY

        Azhmuhamedov I. M., Kolesova N. A.

        Method of forming key information from image files

        Annotation:

        The technique of development and storage of key sequences with use of graphic files, and also a technique of selection of images approaching for this purpose are offered and pro.

        Keywords:

        Key sequence, the image, sequence of random numbers, RGB-channels of image.
        Pages 77-80
      • SOFTWARE SECURITY

        Voycekhovsky S. V., Khomonenko A. D.

        Revealing of harmful program influences on the basis of the fuzzy conclusion

        Annotation:

        The approach of revealing of harmful program influences on the automated systems on the basis of an fuzzy conclusion of decisions by means of algorithm of Mamdani is offered. Rules of the fuzzy conclusion are proved. Algorithm realization in system of support of decision-making is described.

        Keywords:

        Harmful program influences, indistinct conclusion, system of support of decision-making.
        Pages 81-91
    • № 4 2011
      • INFORMATION SECURITY APPLICATION

        Zegzhda D. P., Karetnikov A. V.

        Cloud computing security. Problems and prospect

        Annotation:

        This article observes different aspects of cloud computing security. It also does basic treats analysis for clouds. Approaches and specificity of providing security for cloud computing considered.

        Keywords:

        Cloud computing, distributed computing security, hypervisor security, virtualization.
        Pages 7-15

        Khomonenko A. D., Bubnov V. P., Krasnov S. A., Eremin A. S.

        Model of functioning of system of the automatic rubrication of documents in the non-stationary mode

        Annotation:

        Application of model of single-channel non-stationary system of service for an estimation of efficiency of work of client-server system of an automatic rubrication of documents in system of electronic document circulation of HIGH SCHOOL is considered. In model the assumption about exponential distributions of intervals of time between the moments of receipt of inquiries and durations their service is used. The model allows to consider non-stationary character of process of receipt and service of demands for the decision of problems in client-server system of an automatic rubrication.

        Keywords:

        Automatic categorization, electronic document management system (dms)-dependent system, the exponential distribution.
        Pages 16-23
      • NETWORK AND TELECOMMUNICATION SECURITY

        Baranov V. A.

        Estimation of the moment of intrusion using statistical methods

        Annotation:

        Several types of statistics, which are used for a posteriori estimation of the moment of imbalance of an observation process, are considered in this article as the models of influence of intrusion into a computer system on the parameters of the events, which are observed. Also the possibility of construction of an effective statistical procedure of estimation of the intrusion moment, while the difference in observation parameters of the system before the imbalance and after it is little, is estimated. The results of a posteriori statistical estimation of the moment of intrusion for the array of data, which has been gathered from the working system while it was being infected by a virus, are described.

        Keywords:

        Posteriori estimation, the intrusion moment, infected by a virus.
        Pages 24-31

        Kort S. S., Rudina E. A.

        Approach to the analysis of client-server interaction based on declarative description of networking protocol

        Annotation:

        The paper considers the approach to the identification of network protocols on the basis of variably-signature analysis.

        Keywords:

        Variably-signature analysis, network protocols, client-server interaction.
        Pages 32-40

        Khomonenko A. D., Voycekhovsky S. V.

        Specification of the fuzzy conclusion on the basis of the Mamdani algorithm in system of detection of intrusions

        Annotation:

        The approach to increase of accuracy of an fuzzy conclusion of decisions by means of algorithm of Mamdani in systems of detection of intrusions is offered. At the heart of the approach estimation of degree of uncertainty (размытости) terms of linguistic variables and their updating by means of linguistic modifiers lies.

        Keywords:

        Fuzzy conclusion of decisions, the linguistic modifier, linguistic variables.
        Pages 41-48
      • APPLIED CRYPTOGRAPHY

        Vetrov U. V., Zavyalov S. V.

        Influence of JPEG-conversion on a noise stability of symbols (messages) reception which embedded in digital video images

        Annotation:

        Influence of JPEG-conversion on a noise stability of symbols (messages) reception which embedded in digital video images is considered. Dependence of error probability on compression ratio at information embedding at level of factors DCT has threshold character.

        Keywords:

        Steganography, JPEG, error probability, digital images, pseudorandom sequence, DCT.
        Pages 49-55
      • ASPECTS OF INFORMATION SECURITY

        Zgurskiy A. S., Korbainova E. V.

        Evaluation of information assets requirements degree in the security properties for data centre in a credit institution

        Annotation:

        This article represents definition of requirements degree of information assets for data centre in credit institution. Criteria of an estimation are considered, the basic directions of responsibility come to light.

        Keywords:

        Security, credit institution, security property, information security, data centre.
        Pages 56-60
      • SPECIAL IT

        Rudyih S. V., Sikarev I. A. Sidorov K. G.

        Algorithms are functionally stable incoherent automated identification systems

        Annotation:

        The purpose of this article is to synthesize a device with an external (on the line "base station-transponder") and internal (only in the structure of the transponder) "rings" adjustment with complex effects of noise and focusing on spectrum interference.

        Keywords:

        Inner water ways, automatic vessel traffic service, interburst interference, coverage, transmitter power, probability of error.
        Pages 61-65

        Rudih S. D., Volkova T. A., Tihonenko A. M.

        Discrete-manipulated signals with linear frequency modulation in automated identification systems in inner water ways

        Annotation:

        The focus of the study is to analyze the main temporal, spectral, correlation, and other features and opportunities to apply complex discrete-manipulated signals (DMS) with linear frequency modulation in river automated identification systems (AIS).

        Keywords:

        Discrete-manipulated signals (DMS), signals with linear modulation, mutual interference, automated identification systems (AIS), coefficient of mutual difference (CMD).
        Pages 66-69
  • 2010 year
  • 2009 year
  • 2008 year
  • 2007 year
  • 2006 year
  • 2005 year
  • 2004 year
  • 2003 year
  • 2002 year
  • 2001 year
  • 2000 year
  • 1999 year