Èlektron. model. 2018, 41(2):121-126
The method of color formalization of the level of information security risk is proposed. The mainThe method of color formalization of the level of information security risk is proposed. The maingoal of this method is reflecting of the overall risk to ensure the confidentiality, integrity andavailability of information in one color using the additive color RGB model. The approach to theformalized presentation of the level of information security risk consider the confidentiality, integrity,availability and observability of one color with help of four color CMYK. Auto-typing isalso considered.
information security risk, risk map, rating scale, RGB, CMYK.
2. International Organization for Standartization. (2013, October 01). ISO/IEC 27002. Informationtechnology.Security techniques. Code of practice for information security controls,available at: https://www.iso.org/standard/54533.html.
3. International Organization for Standartization. (2011, June 10). ISO/IEC 27005. Informationtechnology.Security techniques. Information security risk management, availableat:https://www.iso.org/standard/56742.html.
4. International Organization for Standartization. (2018, Febr. 15). ISO 31000. Risk management.Guidelines, available at: https://www.iso.org/standard/65694.html.
5. International Organization for Standartization. (2009, November 27). IEC 31010. Risk management.5. International Organization for Standartization. (2009, November 27). IEC 31010. Risk management.Risk assessment techniques, available at: https://www.iso.org/standard/51073.html.
6. Badalova, A.G. and Panteleev, A.V. (2016), Risk management of the enterprise, Vuzovskaiaknika, Moscow, Russia.
7. Mokhor, V., Bakalynskyi, O. and Tsurkan, V. (2018), “Analysis of information security riskassessment representation methods”, Information Technology and Technology, Vol. 6, no. 1,DOI: https://doi.org/10.20535/2411-1031.2018.6.1.153189.
8. Petrenko, S.A. and Simonov, S.V. (2004), Information risk management. Cost-effective security,DMK Press, Moscow, Russia.
9. Vishniakov, I.D. and Radaev, N.N. (2007), General risk theory, Akademiia, Moscow, Russia.
10. Astakhov, A.M. (2010), The art of information risk management, DMK Press, Moscow,Russia.
11. Mokhor, V.V., Bakalinskiy, O.O. and Tsurkan, V.V. (2018), “Presentation of informationsecurity risk assessments by a risk map”, Information Technology and Security, pp. 94-100.
12. Mazurkevich, O.F. (2008), “Modern problems of television colorimetry”, Tsyfrovi tekhnolohiyi,no. 4, pp. 27-34.
13. Pevzner, B.M. (1998), Kachestvo tsvetnykh televizionnykh zobrazheniy [The quality of colortelevision images], Radio i svyaz, Moscow, Russia.
14. MacAdam, D. (1943), “Visual sensitivities to color differences in daylight”, Journal of theOptical Society of America, Vol. 32, pp. 247-274.
15. Brown, W. (1957), “Color Discrimination of twelve observers”, Journal of the Optical Societyof America, Vol. 47, pp. 137-143.
16. Wyszecki, G. and Stiles, W.S. (2000), Color Science, second edition, Wiley Classics LibraryEdition, USA.
ZVARICH Valerii Mykolayovych, Doctor of sciences (engineering), leading scientific worker of theInstitute of Electrodynamics of the National Academy of Sciences of Ukraine, graduated from the NationalTechnical University of Ukraine Kiev Polytechnic Institute in 1982. Sphere of scientific research:modeling of information signals with the use of statistical approach, development of computersystems of vibrodiagnostics, cybersecurity in energy.
DAVYDIUK Andriy Viktorovych, post-graduate, G.E. Pukhov Institute for Modelling in Energy EngineeringNational Academy of Sciences of Ukraine, graduated from the National Technical Universityof Ukraine Kiev Polytechnic Institute in 2018. Sphere of scientific research: cybersecurity, risk theoryand cybersecurity risk management.