Data center authority distribution and cyber-defense modeling

Kropachev, A.; Zuev, D.

Data Center authority distribution and cyber-defense measures development was analyzed. It was shown that paradigm of openness and information sharing as a cultural norm significantly enlarges number data loss vectors. Analysis demonstrated that on physical level main trend of irresponsible information sharing is exponential growth of the information recording density which was caused by reduction in data storage price. It led to network channel capacity growth and decentralization of information systems in order to organize effective communication infrastructure. It was proposed to divide data loss vectors into groups of people-based vulnerabilities, process-based vulnerabilities and technology-based vulnerabilities. Data loss prevention strategies should be based on data classification methodology. In this work there were used two classification schemes: one of them divides confidential data into categories of customer data, employees' data, transaction data, corporate data. Other one analyzes data loss threat in concordance to the states in the data lifecycle as data at rest, data in motion and data in use. It was mentioned that use of Data Center services significantly increases efficiency of IT infrastructure and data loss prevention strategy implies that for stored confidential data has to be used virtual server that provides a guaranteed part of the Data Center server resources. It was considered that data loss prevention strategy includes stages of data governance, data loss prevention management and information security support. After development of Data Center infrastructure authority distribution, security policies and cyber-defense measures cyber-attack probability could be calculated as sum of bandwidth exhaustion, filtering depletion and memory depletion probabilities.


	Наукова періодика України		Захист інформації