2.1. Model for predicting and assessing the level of systems information security considering dependent events

The boundaries of the conditions for the provision of procedures for modeling secure information systems in terms of compliance with integrity, availability, and confidentiality, and the information circulating in them [9, 12, 25] is estimated by the possibility of realizing their technical characteristics in real devices and conditions [2, 13, 15, 22, 23]. In particular, the ready-made nodes of known information systems are separate technical devices with characteristics corresponding with their passport data. They provide the possibility to choose the topology of the information system within the limits of the compatibility characteristics of the system nodes [2, 4, 13, 15, 22–24]. At the same time, consideration of this approach to modeling allows to choose the priority of providing information security criteria such as integrity, availability, and confidentiality, which are generally interdependent in the construction of an information system and analysis of the possibility of ensuring maximum levels of values of these criteria. It means that depending on the conditions, tasks, which should be solved, and the purpose of building and information system, first of all, it is more important to ensure integrity; second, if availability comes, then it is confidentiality or in another sequence.

This sequence may be due to the complexity of the information system, its configuration, the characteristics of the individual nodes, which are involved in its composition, and external factors that affect the operating conditions. The opinion of experts [12] who make decisions on estimating the values of the parameters of the safety criteria, based on an analysis of the physical characteristics of the information system under consideration, plays an important role in the implementation of this approach. The theorem on the multiplication of the probabilities of dependent events is at the heart of the approach for estimating the parameters of safety criteria [5]. This is due to the dependence of the safety criteria which is described above, estimated by mutual influence in the analysis of the characteristics of the information system. For example, a separate information system node is a complete single device with specific technical characteristics that are individually responsible for the likely conditions for ensuring either integrity or availability or confidentiality. At the same time, by virtue of the technical implementation, this node cannot be ideal from the point of view of safety criteria and cannot provide only either integrity or availability or confidentiality, since the information that must have a certain level of each criterion will circulate in it. And the characteristics of this node will extend to a certain part of the information system, which also estimates the important conditions for ensuring its security [26]. The security of information, in the sense of analyzing the probability of the existence of safety criteria, in the information system can be represented in the diagram of sets shown in Figure 1.

the information. As a result they influence the level of system information security. The staff of information system have certain characteristics that affect a level of system information security as well as technical and software components. Such characteristics form mental state and psychophysical properties of staff. In addition to attacks on the information system implemented by technical methods, there is also an attack on the staff of the information system. This attack can be carried out by means of information-psychological impact (IPI). In this article, it is proposed to consider mathematical models for predicting and estimating the information security level of information systems, taking into account dependent events and information and psychological impact on staff, methods, and stages of implementing information and psychological impact. The approach to the analysis of staff conditions under the information-psychological impact is considered. A methodical approach is proposed for analyzing the impact of qualification and psychological states of staff on the information security

level of the information system. The application of this model is considered.

2. Mathematical models for estimating the level of information security considering the impact of staff qualifications and psychological state

The boundaries of the conditions for the provision of procedures for modeling secure information systems in terms of compliance with integrity, availability, and confidentiality, and the information circulating in them [9, 12, 25] is estimated by the possibility of realizing their technical characteristics in real devices and conditions [2, 13, 15, 22, 23]. In particular, the ready-made nodes of known information systems are separate technical devices with characteristics corresponding with their passport data. They provide the possibility to choose the topology of the information system within the limits of the compatibility characteristics of the system nodes [2, 4, 13, 15, 22–24]. At the same time, consideration of this approach to modeling allows to choose the priority of providing information security criteria such as integrity, availability, and confidentiality, which are generally interdependent in the construction of an information system and analysis of the possibility of ensuring maximum levels of values of these criteria. It means that depending on the conditions, tasks, which should be solved, and the purpose of building and information system, first of all, it is more important to ensure

2.1. Model for predicting and assessing the level of systems information security

integrity; second, if availability comes, then it is confidentiality or in another sequence.

This sequence may be due to the complexity of the information system, its configuration, the characteristics of the individual nodes, which are involved in its composition, and external factors that affect the operating conditions. The opinion of experts [12] who make decisions on estimating the values of the parameters of the safety criteria, based on an analysis of the physical characteristics of the information system under consideration, plays an important role in the implementation of this approach. The theorem on the multiplication of the probabilities of dependent events is at the heart of the approach for estimating the parameters of safety criteria [5]. This is due to the dependence of the safety criteria which is described above,

considering dependent events

234 Probabilistic Modeling in System Engineering

If the integrity (I), availability (A), and confidentiality (C) are separate sets, then security (S) is the intersection of these three sets.

It means that it is necessary to ensure both integrity, and availability, and confidentiality to a specific value of the appropriate criterion, estimated for each particular information system in order to ensure security [12, 25]. In its turn, from the point of view of ensuring the probability of the information system security and due to the interdependence described above, integrity, availability, and confidentiality are conditional signs. Then the probability of security should be considered in the following way (Eq. (1)) [12]:

$$p(\text{Sec}\,) = p(I \cap A \cap \mathbb{C}).\tag{1}$$

The figure shows a graphical interpretation of the product of the corresponding events I, A, and C for which the following expression is valid (Eq. (2)):

$$p(I \cap A \cap \mathbb{C}) = p(I) \cdot p\_I(A) \cdot p\_{IA}(\mathbb{C}).\tag{2}$$

Since the events of ensuring integrity, availability, and confidentiality are dependent, then the probability of producing these events according to the multiplication rule for the probabilities of dependent events, is (Eq. (3)):

Figure 1. Presentation of integrity, availability, and confidentiality using sets.

$$p(I \cdot A \cdot \mathbb{C}) = p(I) \cdot p(A/I) \cdot p(\mathbb{C}/I \cdot A). \tag{3}$$

2.2.1. Stages of implementation of information and psychological impact

1. The subject determines the goals to be achieved by IPI.

relevant objects of influence and their characteristics.

5. The subject forms a message for the IPI object.

7. The IPI object decodes the received message.

In Figure 3, the scheme of IPI is shown.

2.2.2. Formal IPI model

Figure 3. Scheme of IPI.

2. The subject determines the object of IPI.

It is possible to single out the following stages of IPI implementation [6–11]:

tools and sent via the selected communication channel to the object.

3. The subject collects information about the IPI object and investigates the psychophysical characteristics of the IPI object in order to detect subject matters of the IPI object and their characteristics (the subject is understood to be a component of the IPI object that determines its possible characteristics; one characteristic may belong to several IPI objects). 4. The subject chooses the most appropriate means of influencing the IPI object and the communication channel, based on the data of points 1–3. Each of the means affects the

Probabilistic Analysis of the Influence of Staff Qualification and Information-Psychological Conditions on…

http://dx.doi.org/10.5772/intechopen.75079

237

6. The subject implements an impact on the IPI object, with the aim of achieving a sustainable change in characteristics. To do it, the generated message is coded using the selected IPI

8. The decoded message affects the characteristics of the IPI object; as a result, they change,

The formal model of the IPI process is proposed [7, 8, 11]. For the IPI object Obj there is a set of

and there is some possibility of appearing/disappearing new characteristics.

subject matters Subi, and a set of characteristics (Eq. (4)) is defined for each of them:

To describe the case, the probability of coexistence of several dependent events is equal to the product of the probabilities of these events, and the probability of each next event in the order of recording is calculated if all the previous ones also take place.

It means that the probability of ensuring both integrity and availability and confidentiality of information is equal to the product of the probability of ensuring integrity to the probability of providing availability if there is ensuring of integrity and the probability of ensuring of confidentiality while integrity and availability are provided.

As it was mentioned before, the priority of the place of writing in the formula of the corresponding probabilities can be estimated by the experts' opinion, taking into account the complexity of their calculation, caused by the need to implement the corresponding values of the safety criteria levels, according to the physical expressions which describe these criteria levels [12].

Thus, the described approach makes it possible to model various information systems based on real physical characteristics that allow to predict and evaluate the levels of safety criteria, taking into account the experts and experts' opinions, and it is actual and necessary in practical implementation nowadays [12]. The information security level of the information system can be estimated according to the calculated values (1).

### 2.2. Model of information-psychological impact on staff

Along with the impact on the technical and software components of the information system, there are also effects pointed to the staff of the information system (Figure 2). They are information-psychological impacts (IPI) [6–11]. They can lead to a change in the characteristics of employees that are the subject of IPI; as a result, the information security level of the information system may change. As a rule, IPI data are usually transmitted through common communication channels.

Figure 2. Impacts on the information system.
