PSI - Issue 22

Jerzy STANIK et al. / Procedia Structural Integrity 22 (2019) 334–344 "Author name" / Structural Integrity Procedia 00 (2019) 000 – 000 ℤ - a set of tasks possible to be implemented in IT the of -th functional configuration, ℤ - a set of efficient resources of engineering or human character used for the “establishment” of the -th functional configuration, ℋ – a set of parameters and indicators describing potential capabilities of the -th functional configuration, The set of acceptable functional configurations after the occurrence of an emergency situation of number ∈ is determined based on knowledge: ℤ - set of tasks required to be performed from the moment of occurrence of this failure, ℤ - a set of resources at the disposal after this failure, according to the following rule: = { { = < ℤ , ℤ > ∈ ℤ × ℤ }, ⋁ ( ℤ ⊇ ℤ ) < , >∈ × ; , ℎ (20) where: ℤ - family of IT task sets, whereby: ℤ ∈ ℤ ℤ - family of IT resources ensuring the execution of sets of tasks belonging to the family ℤ , - set of indexes of family elements ℤ - set of indexes of family elements ℤ The above shall mean that the set of acceptable functional configurations after the occurrence of an emergency situation includes all functional configurations, constructed for various IT resource variants remaining after the failure, ensuring the completion of the required set of IT tasks. The capabilities (potentials) of functional configurations have a significant impact on maintaining the required level of functional reliability, and this in turn affects the value of residual IT risk. 4.2. Security configuration model The term security configuration is understood as a suitably designed and implemented collection of security mechanisms (safeguards of engineering or organizational character) and relations between them with strictly defined security functions. Every security function is precisely performed within strictly defined conditions of real threat, vulnerability and specific time in the IT security environment. The security of IT objects (resources, tasks, processes, systems) depends on the precision of this action, and consequently the security of the entire IT. Let's introduce the following notation of any security configuration ≝ < , ℬ , ℳℬ , > , ∈ , (21) where: - security configuration established to maintain the required level of security in relation to the b-th IT resource set with regard to the security attributes assigned to it, – a set of IT resources that are possible to be protected by the b-th security configuration ℬ – a set of security attributes assigned to the b-th IT resource, ℳℬ – a collection of security mechanisms that constitute the b-th security configuration, where: ℳℬ ≝ < ℤ , ℤ , , ℙ > , ∈ , (22) whereby: ℤ – collection of engineering safeguards, ℤ - collection of organizational safeguards, – a set of potential security functions (e.g.: detection, deterrence, prevention, limitation, correction, reconstruction, monitoring, awareness, etc.), which may be of engineering or organizational nature, ℙ – collection of vulnerabilities that can be utilized by threats – set of parameters and indicators describing the potential capabilities of the -th security configuration, 341 8