Geodesic
The model and metrics of awareness in~confidential information. Part 1. Potential awareness
Prikladnaâ diskretnaâ matematika, no. 3 (2023), pp. 86-103.

Voir la notice de l'article provenant de la source Math-Net.Ru

As part of the subject-object formalization of computer systems, the concepts of potential and actual user awareness of confidential information are introduced. Potential awareness is considered as a value determined by the user's access rights to objects containing confidential information and the volume of confidential information of the corresponding objects. The volume of confidential information of the object is proposed to be determined on the basis of the number of words contained in the text of the object and the amount of information content of the object, which is determined by an external factor, for example, the author and/or a dedicated user (analyst). For the main access control models (discretionary, mandatory, thematic-hierarchical and role-based), analytical relations are presented that determine, on a quantitative scale of the range $[0,1]$, the amount of potential awareness of users in confidential information contained (processed) in a computer system. The satisfaction of the corresponding values to the metric requirements is proved.
Keywords: confidential information, awareness, potential awareness, awareness model, awareness metrics, access control, access rights, access subject, access objects. 
@article{PDM_2023_3_a4,
     author = {N. A. Gaydamakin},
     title = {The model and metrics of awareness in~confidential information. {Part} 1. {Potential} awareness},
     journal = {Prikladna\^a diskretna\^a matematika},
     pages = {86--103},
     publisher = {mathdoc},
     number = {3},
     year = {2023},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/PDM_2023_3_a4/}
}
TY  - JOUR
AU  - N. A. Gaydamakin
TI  - The model and metrics of awareness in~confidential information. Part 1. Potential awareness
JO  - Prikladnaâ diskretnaâ matematika
PY  - 2023
SP  - 86
EP  - 103
IS  - 3
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/PDM_2023_3_a4/
LA  - ru
ID  - PDM_2023_3_a4
ER  - 
%0 Journal Article
%A N. A. Gaydamakin
%T The model and metrics of awareness in~confidential information. Part 1. Potential awareness
%J Prikladnaâ diskretnaâ matematika
%D 2023
%P 86-103
%N 3
%I mathdoc
%U http://geodesic.mathdoc.fr/item/PDM_2023_3_a4/
%G ru
%F PDM_2023_3_a4
N. A. Gaydamakin. The model and metrics of awareness in~confidential information. Part 1. Potential awareness. Prikladnaâ diskretnaâ matematika, no. 3 (2023), pp. 86-103. http://geodesic.mathdoc.fr/item/PDM_2023_3_a4/

[1] Ushakov D. N., Great Dictionary of Russian Language, Dom Slavyanskoy kn., M., 2008, 959 pp. (in Russian)

[2] Devyanin P. D., Security Models of Computer Systems. Access and Information Flow Management, Goryachaya liniya-Telekom, M., 2020, 352 pp. (in Russian)

[3] Gaydamakin N. A., Differentiation of Access to Information in Computer Systems, UrFU Publ., Ekaterinburg, 2003, 328 pp. (in Russian)

[4] Grusho A. A., Primenko E. A., and Timonina E. E., Theoretical Foundations of Computer Security, Publishing Center “Akademiya”, M., 2009, 272 pp. (in Russian)

[5] Shannon C. E., “A mathematical theory of communication”, Bell System Technical J., 27 (1948), 379–423 | DOI | MR | Zbl

[6] R 50.1.053-2005. Information Technology. Basic Terms and Definitions in the Field of Technical Information Protection, Standartinform Publ., M., 2005, 11 pp. (in Russian)

[7] GOST R ISO/IEC 27000-2021. Information Technology. Methods and Means of Ensuring Security. Information Security Management Systems. General Overview and Terminology, Standartinform Publ., M., 2021, 21 pp. (in Russian)

[8] Federal Law “On information, information technologies and on information protection”. 27.07.2006, no. 149-FZ, Collection of Legislation of the Russian Federation, Moscow, 2006, no. 31, st. 3448, 2006 (in Russian)

[9] GOST R 58545-2019. Knowledge management. Guidelines for the collection, classification, labeling and processing of information, Standartinform Publ., M., 2019, 34 pp. (in Russian)

[10] Deza E. I. and Deza M. M., Encyclopedic Dictionary of Distances, Nauka, M., 2008, 446 pp. (in Russian)

[11] Gaydamakin N. A., “A model of thematic differentiation of access to information for the hierarchical classifier in automatic control systems”, Autom. Remote Control, 64:3 (2003), 505–516 | DOI | MR | Zbl

[12] Gaydamakin N. A., “Multilevel thematic-hierarchical access control (MLTHS-system)”, Prikladnaya Diskretnaya Matematika, 2018, no. 39, 42–57 (in Russian) | MR | Zbl

[13] Gaydamakin N. A., Baranskiy V. A., “Algebra of multirubric on root trees of hierarchical thematic classifiers”, Sib. Èlektron. Mat. Izv., 14 (2017), 1030–1040 (in Russian) | Zbl

[14] Ferrariolo D. F. and Kuhn D. R., “Role Based Access Control”, 15th National Computer Secure Conf. (Baltimore, 1992), 554–563

[15] Sundhu R., Coyne E. J., Feinstein H. L., and Youman C. E., “Role-Based Access Control models”, IEEE Computer, 29:2 (1996), 38–47 | DOI