A Model of Threats to the Confidentiality of Information Processed in Cyberspace Based on the Information Flows Model

A Model of Threats to the Confidentiality of Information Processed in Cyberspace Based on the Information Flows Model

This article covers one of the fundamental problems of information security—building a threat model. The article discusses a new method for identifying typical threats to information confidentiality based on the information flow model. The threat model is based on the description of the system. An i...

Full description

Saved in:
Bibliographic Details
Published in:Symmetry (Basel) Vol. 12; no. 11; p. 1840
Main Authors: S., Egoshin N., A., Konev A., A., Shelupanov A.
Format: Journal Article
Language:English
Published: MDPI AG 01-11-2020
Subjects:
confidentiality
information flow model
information security
threat model
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This article covers one of the fundamental problems of information security—building a threat model. The article discusses a new method for identifying typical threats to information confidentiality based on the information flow model. The threat model is based on the description of the system. An incorrect description of the system leads to the formation of an incorrect threat model. A review of the subject area revealed several approaches used to describe the system in terms of circulating information flows. Each of these approaches has its own pros and cons. The model of information flows proposed in this work reduces the description of any information system to an eight-digit alphabet. Analysis of the structure of the elementary information flow identified four typical threats to confidentiality, the Cartesian product of a set of threats and a set of streams is a complete model of typical threats to the confidentiality of information processed in cyberspace.
ISSN:2073-8994
2073-8994
DOI:10.3390/sym12111840