Main Reasons of Information Systems Vulnerability

Revnivykh A.V.; Fedotov A.M.

Инд. авторы:	Revnivykh A.V., Fedotov A.M.
Заглавие:	Main Reasons of Information Systems Vulnerability
Библ. ссылка:	Revnivykh A.V., Fedotov A.M. Main Reasons of Information Systems Vulnerability // Global Journal of Pure and Applied Mathematics. - 2016. - Vol.12. - Iss. 3. - P.2133-2142. - ISSN 0973-1768. - EISSN 0973-9750.
Внешние системы:	РИНЦ: 27036144; SCOPUS: 2-s2.0-84978420275;
Реферат:	eng: In today’s world, the role of information technology is difficult to overestimate. Due to their global spread, year by year humanity is increasingly relying on various information systems and, as a result, depends on them. But information systems cannot be ideal and the more complex they are, the more flaws and vulnerabilities of different kinds they have. In this article, the reader is invited to look at information security from the perspective of the reasons of the vulnerability of information technologies and systems.
Ключевые слова:	Vulnerability Risks; Vulnerability; Information Systems; Security;
Издано:	2016
Физ. характеристика:	с.2133-2142
Цитирование:	[1] Mazov N.A., Revnivykh A.V., Fedotov A.M., Analysis of information security risks. Vestnik NGU. Ser.: Information Technologies. 2011; 9(2): 80–89. [2] Brinkley D.L., Schell R.R., “What is there to worry about? An Introduction to the Computer Security Problem”. Information Security: An Integrated Collection of Essays. 1995; 11–39. [3] Revnivykh A.V. Fedotov A.M., Monitoring of information infrastructure of the organizations. Vestnik NGU. Ser.: Information Technologies. 2014. ISSN 1818-7900. (in Russian) [4] Mukhanova A.A., Revnivyh A.V., Fedotov A.M., Classification of threats and vulnerabilities of information security in corporate systems. Vestnik NSU. Ser.: Information Technologies. 2013. ISSN 1818-7900. (in Russian) [5] Hogan C.B., “Protection Imperfect: The Security of Some Computing Environments”. ACM SIGOPS Operating Systems Rev. 1988; 22(3), 7–27. [6] Department of Defence Trusted Computer System Evaluation Criteria, DoD 5200.28-STD Supersedes CSC-STD-00l-83, dtd l5 Aug 83 Library No. S225,7ll (also known as “Orange Book”). [7] National Vulnerability Database. http://nvd.nist.gov/. [8] MITRE Corp, CommonVulnerabilities and Exposures. http://www.cve.mitre.org/. [9] Securityfocus. http://www.securityfocus.com. [10] Witten B., Landwehr C., Caloyannides M., (2001, September/October). Does Open Source Improve System Security? IEEE Software, 57–61. Retrieved 5 May 2008, from Computer Database. [11] Lawton G., (March 2002). Open Source Security: Opportunity or Oxymoron Computer, 18–21. Retrieved 5 May 2008, from IEEE Computer Society Digital Library. [12] Wagner David, Foster Jeffrey S., Brewer Eric A., Aiken Alexander., A first step towards automated detection of buffer overrun vulnerabilities. In: Network and Distributed System Security Symposium. San Diego, CA, February 2000; 3–17. [13] Viega J., Bloch J.T., KohnoY., Mcgraw G., Its4: a static vulnerability scanner for C and C++ code. In: Computer Security Applications. ACSAC ’2000. 16Th Annual Conference. 2000; 257–267. [14] Ball Thomas, Bounimova Ella, Cook Byron, Levin Vladimir, Lichtenberg Jakob, Mcgarvey Con, Ondrusek Bohus, Rajamani Sriram K., Ustuner Abdullah, Thorough static analysis of device drivers. SIGOPS Oper. Syst. Rev. 2006; 40(4): 73–85. [15] Evans David, Larochelle David, Improving security using extensible lightweight static analysis. IEEE Software. 2002; 19(1): 42–51. [16] XieYichen, ChouAndy, Engler Dawson R., Archer: using symbolic, path-sensitive analysis to detect memory access errors. In: ESEC / SIGSOFT FSE. 2003; 327–336. [17] Islam S., DongW., Human factors in software security risk management. Proceedings of the first international workshop on Leadership and management in software architecture (LMSA2008), Leipzig, Germany, ACM, 2008. [18] Aycock John, Computer Viruses and Malware. Springer. 2006. ISBN 978-0-387-30236-2. [19] Filiol Eric, Computer viruses: from theory to applications. Springer. 2005. ISBN 978-2-287-23939-7.