<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">bsuir</journal-id><journal-title-group><journal-title xml:lang="ru">Доклады БГУИР</journal-title><trans-title-group xml:lang="en"><trans-title>Doklady BGUIR</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">1729-7648</issn><issn pub-type="epub">2708-0382</issn><publisher><publisher-name>БГУИР</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.35596/1729-7648-2019-124-6-12-20</article-id><article-id custom-type="elpub" pub-id-type="custom">bsuir-1188</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>ЭЛЕКТРОНИКА, РАДИОФИЗИКА, РАДИОТЕХНИКА, ИНФОРМАТИКА</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="en"><subject>ELECTRONICS, RADIOPHYSICS, RADIOENGINEERING, INFORMATICS</subject></subj-group></article-categories><title-group><article-title>КОНЦЕПТУАЛЬНЫЕ ОСНОВЫ АНАЛИЗА МОДЕЛЕЙ ИНФОРМАЦИОННОЙ БЕЗОПАСНОСТИ ОБЛАЧНЫХ СИСТЕМ КЛАССА «ИНФРАСТРУКТУРА КАК УСЛУГА»</article-title><trans-title-group xml:lang="en"><trans-title>CONCEPTUAL FRAMEWORK OF ANALYSIS OF INFORMATION SECURITY MODELS OF CLOUD SYSTEMS OF THE CLASS «INFRASTRUCTURE AS A SERVICE»</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Олизарович</surname><given-names>Е. В.</given-names></name><name name-style="western" xml:lang="en"><surname>Olizarovich</surname><given-names>E. V.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Кандидат технических наук, доцент, начальник Информационно-аналитического центра</p><p>230023, г. Гродно, ул. Ожешко, 22  </p></bio><bio xml:lang="en"><p>PhD, associate professor, head of the Information and Analytical Center</p><p>230023, Grodno, Ozheshko str., 22  </p></bio><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Бражук</surname><given-names>А. И.</given-names></name><name name-style="western" xml:lang="en"><surname>Brazhuk</surname><given-names>A. I.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Бражук Андрей Иосифович, ведущий инженер-программист Информационно-аналитического центра </p><p>230023, г. Гродно, ул. Ожешко, 22  </p></bio><bio xml:lang="en"><p>Brazhuk Andrei Iosifovich , senior software engineer of the Information and Analytical Center</p><p>230023, Grodno, Ozheshko str., 22  </p></bio><email xlink:type="simple">brazhuk@grsu.by</email><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>Гродненский государственный университет имени Янки Купалы</institution></aff><aff xml:lang="en"><institution>Grodno State University named after Yanka Kupala</institution></aff></aff-alternatives><pub-date pub-type="collection"><year>2019</year></pub-date><pub-date pub-type="epub"><day>02</day><month>10</month><year>2019</year></pub-date><volume>0</volume><issue>6</issue><fpage>12</fpage><lpage>19</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Олизарович Е.В., Бражук А.И., 2019</copyright-statement><copyright-year>2019</copyright-year><copyright-holder xml:lang="ru">Олизарович Е.В., Бражук А.И.</copyright-holder><copyright-holder xml:lang="en">Olizarovich E.V., Brazhuk A.I.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://doklady.bsuir.by/jour/article/view/1188">https://doklady.bsuir.by/jour/article/view/1188</self-uri><abstract><p>Описан основанный на ролевом подходе процесс синтеза моделей информационной безопасности облачных компьютерных систем на основе прикладных моделей системы и угроз; результатом является модель защиты, выраженная, например, в рекомендациях по улучшению информационной безопасности или содержащая элементы конфигурации средств защиты. Предложена архитектура системы анализа моделей информационной безопасности облачных компьютерных систем, которая включает подсистему анализа и моделирования, базу знаний и подсистему интеграции с внешними источниками знаний. Система является ориентированной на модели (детальные, высокоуровневые, прикладные, синтезируемые) и предполагает автоматическую обработку знаний в сфере управления уязвимостями и настройки программного обеспечения. Предложен подход к решению задачи построения иерархий моделей архитектур и моделей угроз, реализующий комбинированный анализ функций и компонентов.  </p></abstract><trans-abstract xml:lang="en"><p>A process based on the role approach for the synthesis of information security models of cloud computing systems based on applied system and threat models is described; the result is a security model, expressed, for example, in recommendations for improving information security or containing elements of the security configuration. The architecture of the system for analyzing models of information security of cloud computing systems is proposed. It includes a subsystem of analysis and modeling, a knowledge base and a subsystem of integration with external sources of knowledge. The system is model-oriented (detailed, high-level, applied, synthesized) and involves automatic processing of knowledge in the field of vulnerability management and software configuration. It is proposed an approach to solve the problem of constructing hierarchies of architectures models and threat models, realizing a combined analysis of functions and components.  </p></trans-abstract><kwd-group xml:lang="ru"><kwd>облачные компьютерные системы</kwd><kwd>инфраструктура как услуга</kwd><kwd>модель информационной безопасности</kwd></kwd-group><kwd-group xml:lang="en"><kwd>cloud computing systems</kwd><kwd>Infrastructure as a Service</kwd><kwd>IaaS</kwd><kwd>information security model</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Листопад Н.И., Олизарович Е.В., Бражук А.И. Практические аспекты внедрения облачных технологий в учреждении образования // Информатизация образования. 2014. № 2 (74). С. 55–65.</mixed-citation><mixed-citation xml:lang="en">Listopad N.I., Olizarovich E.V., Brazhuk A.I. Prakticheskie aspekty vnedrenija oblachnyh tehnologij v uchrezhdenii obrazovanija // Informatizacija obrazovanija. 2014. № 2 (74). S. 55–65. (in Russ.)</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">ГОСТ Р 57100-2016/ISO/IEC/IEEE 42010:2011. Системная и программная инженерия. Описание архитектуры.</mixed-citation><mixed-citation xml:lang="en">GOST R 57100-2016/ISO/IEC/IEEE 42010:2011. Sistemnaja i programmnaja inzhenerija. Opisanie arhitektury. (in Russ.)</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">СТБ 34.101.1-2014. Информационные технологии и безопасность. Критерии оценки безопасности информационных технологий. Ч. 1. Введение и общая модель.</mixed-citation><mixed-citation xml:lang="en">STB 34.101.1-2014. Informacionnye tehnologii i bezopasnost'. Kriterii ocenki bezopasnosti informacionnyh tehnologij. Ch. 1. Vvedenie i obshhaja model'. (in Russ.)</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Toward a unified ontology of cloud computing. / L. Youseff [et al.] // Grid Computing Environments Workshop. 2008. P. 1–10.</mixed-citation><mixed-citation xml:lang="en">Toward a unified ontology of cloud computing. / L. Youseff [et al.] // Grid Computing Environments Workshop. 2008. P. 1–10.</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Moscato F., Di Martino B., Aversa R. Enabling model driven engineering of cloud services by using mosaic ontology //Scalable Computing: Practice and Experience. 2011. Vol. 13. №. 1. P. 29–44.</mixed-citation><mixed-citation xml:lang="en">Moscato F., Di Martino B., Aversa R. Enabling model driven engineering of cloud services by using mosaic ontology //Scalable Computing: Practice and Experience. 2011. Vol. 13. №. 1. P. 29–44.</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Intercloud architecture for interoperability and integration / Y. Demchenko [et al.] // Cloud Computing Technology and Science. 2012. P. 666–674.</mixed-citation><mixed-citation xml:lang="en">Intercloud architecture for interoperability and integration / Y. Demchenko [et al.] // Cloud Computing Technology and Science. 2012. P. 666–674.</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Dukaric R., Juric M. Towards a unified taxonomy and architecture of cloud frameworks // Future Generation Computer Systems. 2013. Т. 29. №. 5. P. 1196–1210.</mixed-citation><mixed-citation xml:lang="en">Dukaric R., Juric M. Towards a unified taxonomy and architecture of cloud frameworks // Future Generation Computer Systems. 2013. T. 29. №. 5. P. 1196–1210.</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">SEcure Cloud computing for CRitical infrastructure IT [Electronic resource]. URL: https://www.seccrit.eu/. (date of access: 20.04.2018).</mixed-citation><mixed-citation xml:lang="en">SEcure Cloud computing for CRitical infrastructure IT [Electronic resource]. URL: https://www.seccrit.eu/. (date of access: 20.04.2018).</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">Scandariato R., Wuyts K., Joosen W. A descriptive study of Microsoft’s threat modeling technique // Requirements Engineering. 2015. Т. 20, №. 2. P. 163–180.</mixed-citation><mixed-citation xml:lang="en">Scandariato R., Wuyts K., Joosen W. A descriptive study of Microsoft’s threat modeling technique // Requirements Engineering. 2015. T. 20, №. 2. P. 163–180.</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">A semantic-web approach for modeling computing infrastructures / M. Ghijsen [et al.] // Computers &amp; Electrical Engineering. 2013. № 39 (8). P. 2553–2565.</mixed-citation><mixed-citation xml:lang="en">A semantic-web approach for modeling computing infrastructures / M. Ghijsen [et al.] // Computers &amp; Electrical Engineering. 2013. № 39 (8). P. 2553–2565.</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Common Information Model [Electronic resource]. / DMTF. URL: https://www.dmtf.org/standards/cim (date of access: 20.04.2018).</mixed-citation><mixed-citation xml:lang="en">Common Information Model [Electronic resource]. / DMTF. URL: https://www.dmtf.org/standards/cim (date of access: 20.04.2018).</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Управление программным обеспечением и архитектура отказоустойчивого IaaS-облака на основе универсальных узлов. / Ю.И. Воротницкий [и др.] // Электроника ИНФО. 2013. № 9. С. 21–24.</mixed-citation><mixed-citation xml:lang="en">Upravlenie programmnym obespecheniem i arhitektura otkazoustojchivogo IaaS-oblaka na osnove universal'nyh uzlov. / Ju.I. Vorotnickij [i dr.] // Jelektronika INFO. 2013. № 9. S. 21–24. (in Russ.)</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Cloud Computing Risk Assessment [Electronic resource]. / ENISA, 2009. URL: https://www.enisa.europa.eu/publications/cloud-computing-risk-assessment/at_download/fullReport (date of access: 20.04.2018).</mixed-citation><mixed-citation xml:lang="en">Cloud Computing Risk Assessment [Electronic resource]. / ENISA, 2009. URL: https://www.enisa.europa.eu/publications/cloud-computing-risk-assessment/at_download/fullReport (date of access: 20.04.2018).</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Saripalli P., Walters B. Quirc: A quantitative impact and risk assessment framework for cloud security // 2010 IEEE 3rd International Conference on Cloud Computing. 2010. P. 280–288.</mixed-citation><mixed-citation xml:lang="en">Saripalli P., Walters B. Quirc: A quantitative impact and risk assessment framework for cloud security // 2010 IEEE 3rd International Conference on Cloud Computing. 2010. P. 280–288.</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Takahashi T., Kadobayashi Y. Reference ontology for cybersecurity operational information // The Computer Journal. 2014. Vol. 58, № 10. P. 2297–2312.</mixed-citation><mixed-citation xml:lang="en">Takahashi T., Kadobayashi Y. Reference ontology for cybersecurity operational information // The Computer Journal. 2014. Vol. 58, № 10. P. 2297–2312.</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">Security Content Automation Protocol [Electronic resource] / NIST. URL: https://csrc.nist.gov/projects/security-content-automation-protocol (date of access: 20.04.2018).</mixed-citation><mixed-citation xml:lang="en">Security Content Automation Protocol [Electronic resource] / NIST. URL: https://csrc.nist.gov/projects/security-content-automation-protocol (date of access: 20.04.2018).</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
