THE EFFICIENCY ESTIMATE METHOD FOR FORMATION OF COMPLEX SECURITY INFORMATION PROGRAMS
This paper proposes a method for constructing a hierarchy of the complex program to ensure information security (SPEIS) taking into account the threats and risks. Methods for determining the quantitative indicators of relative effectiveness, taking into account threats and risks, were described. The stages of decision support technology taking into account threats and risks are developed and presented. These stages are based on the method of goal-oriented dynamic estimation for the complex program to ensure information security. Stages of the goal-oriented dynamic estimation method include the following steps: the stage of goals constructing the hierarchy for the complex program to ensure information security (SPEIS); the stage of input it into of threats and risks models. On this basis the following evaluation tasks are being solved. The problem of the relative efficiency for directions of the implementation of SPEIS, taking into account threats and risks is being solved. The problem of programs (tasks) relative effectiveness that set by a multitude of threats and risks is solved. The task of using counteraction means to threats and risks is solved. These tasks are solved under the condition that the SPEIS is formed for a given time interval. It is shown that the basis for them is the problem of estimating the relative effectiveness that a given set for SPEIS problems. The above-proposed algorithm to solve this problem taking into account the threats and risks was considered. This technology can be used for complicated complex goal-oriented programs for various purposes.
Keywords: security program, decision making, protection system, DSS, decision support system, evaluation, simulating, judgement.