The Method of Color Formalization of the Level of Information Security Risk

V.M. Zvaritch, Dr. Sci. (Eng.)
Institute of Electrodynamics of the National Academy of Sciences of Ukraine
(56, Pobeda Av, Kyiv, 03680, Ukraine,
e-mail: Ця електронна адреса захищена від спам-ботів. Вам потрібно увімкнути JavaScript, щоб побачити її.)
A.V. Davydiuk, Post-graduate
G.E. Pukhov Institute for Modelling in Energy Engineering National Academy
of Sciences of Ukraine
(15, General Naumov Str., 03164, Kiev, Ukraine,
tel. 098 0487954, e-mail: Ця електронна адреса захищена від спам-ботів. Вам потрібно увімкнути JavaScript, щоб побачити її.)

Èlektron. model. 2018, 41(2):121-126
https://doi.org/10.15407/emodel.41.02.121

АНОТАЦІЯ

The method of color formalization of the level of information security risk is proposed. The mainThe method of color formalization of the level of information security risk is proposed. The maingoal of this method is reflecting of the overall risk to ensure the confidentiality, integrity andavailability of information in one color using the additive color RGB model. The approach to theformalized presentation of the level of information security risk consider the confidentiality, integrity,availability and observability of one color with help of four color CMYK. Auto-typing isalso considered.

КЛЮЧОВІ СЛОВА:

information security risk, risk map, rating scale, RGB, CMYK.

СПИСОК ЛІТЕРАТУРИ

1. International Organization for Standartization. (2013, October 01). ISO/IEC 27001. Information1. International Organization for Standartization. (2013, October 01). ISO/IEC 27001. Informationtechnology. Security techniques. Information security management systems. Requirements,available at: https://www.iso.org/standard/54534.html.
2. International Organization for Standartization. (2013, October 01). ISO/IEC 27002. Informationtechnology.Security techniques. Code of practice for information security controls,available at: https://www.iso.org/standard/54533.html.
3. International Organization for Standartization. (2011, June 10). ISO/IEC 27005. Informationtechnology.Security techniques. Information security risk management, availableat:https://www.iso.org/standard/56742.html.
4. International Organization for Standartization. (2018, Febr. 15). ISO 31000. Risk management.Guidelines, available at: https://www.iso.org/standard/65694.html.
5. International Organization for Standartization. (2009, November 27). IEC 31010. Risk management.5. International Organization for Standartization. (2009, November 27). IEC 31010. Risk management.Risk assessment techniques, available at: https://www.iso.org/standard/51073.html.
6. Badalova, A.G. and Panteleev, A.V. (2016), Risk management of the enterprise, Vuzovskaiaknika, Moscow, Russia.
7. Mokhor, V., Bakalynskyi, O. and Tsurkan, V. (2018), “Analysis of information security riskassessment representation methods”, Information Technology and Technology, Vol. 6, no. 1,DOI: https://doi.org/10.20535/2411-1031.2018.6.1.153189.
8. Petrenko, S.A. and Simonov, S.V. (2004), Information risk management. Cost-effective security,DMK Press, Moscow, Russia.
9. Vishniakov, I.D. and Radaev, N.N. (2007), General risk theory, Akademiia, Moscow, Russia.
10. Astakhov, A.M. (2010), The art of information risk management, DMK Press, Moscow,Russia.
11. Mokhor, V.V., Bakalinskiy, O.O. and Tsurkan, V.V. (2018), “Presentation of informationsecurity risk assessments by a risk map”, Information Technology and Security, pp. 94-100.
https://doi.org/10.20535/2411-1031.2018.6.2.153494
12. Mazurkevich, O.F. (2008), “Modern problems of television colorimetry”, Tsyfrovi tekhnolohiyi,no. 4, pp. 27-34.
13. Pevzner, B.M. (1998), Kachestvo tsvetnykh televizionnykh zobrazheniy [The quality of colortelevision images], Radio i svyaz, Moscow, Russia.
14. MacAdam, D. (1943), “Visual sensitivities to color differences in daylight”, Journal of theOptical Society of America, Vol. 32, pp. 247-274.
https://doi.org/10.1364/JOSA.32.000247
15. Brown, W. (1957), “Color Discrimination of twelve observers”, Journal of the Optical Societyof America, Vol. 47, pp. 137-143.
https://doi.org/10.1364/JOSA.47.000137
16. Wyszecki, G. and Stiles, W.S. (2000), Color Science, second edition, Wiley Classics LibraryEdition, USA.

ZVARICH Valerii Mykolayovych, Doctor of sciences (engineering), leading scientific worker of theInstitute of Electrodynamics of the National Academy of Sciences of Ukraine, graduated from the NationalTechnical University of Ukraine Kiev Polytechnic Institute in 1982. Sphere of scientific research:modeling of information signals with the use of statistical approach, development of computersystems of vibrodiagnostics, cybersecurity in energy.

DAVYDIUK Andriy Viktorovych, post-graduate, G.E. Pukhov Institute for Modelling in Energy EngineeringNational Academy of Sciences of Ukraine, graduated from the National Technical Universityof Ukraine Kiev Polytechnic Institute in 2018. Sphere of scientific research: cybersecurity, risk theoryand cybersecurity risk management.

Повний текст: PDF