Open access peer-reviewed chapter

Periodic Monitoring and Recovery of Resources in Information Systems

By Alexey Markov, Alexander Barabanov and Valentin Tsirlov

Submitted: October 30th 2017Reviewed: February 12th 2018Published: September 26th 2018

DOI: 10.5772/intechopen.75232

Downloaded: 62

Abstract

This section deals with the issues of business continuity and recovery after disasters. The authors analyzed standards, laws, and regulations pertaining to the parameters of periodic monitoring and recovery in information systems. This section includes mathematical models of resources and environment periodic monitoring as well as periodic backup and recovery after interruptions or disasters. The work demonstrates that the well-known deterministic periodic monitoring and backup models do not take into account stochastic peculiarities of ergatic systems to the full extent. The authors developed new stochastic models of restricted monitoring and backup that allow taking into consideration resources constrains and random factors of information systems operation. The notion of Bernoulli stream has been introduced. This section suggests the criteria for selecting deterministic or stochastic monitoring and backup models and their combinations. A solution of direct and reverse task of the calculation of control and monitoring procedures frequency is offered. This section also provides a methodology for information system stability management, considering periodic monitoring, rollback, and recovery in case of interruption.

Keywords

  • business continuity
  • backup
  • rollback
  • recovery
  • regular procedures
  • limited stochastic control
  • Bernoulli flow
  • stochastic models
  • deterministic models
  • periodic inspection
  • stochastic redundancy

1. Introduction

Basic business continuity planning and disaster recovery procedures include periodic monitoring (control) of resource integrity and periodic backup [1, 2, 3, 4].

Requirements for periodic monitoring and backup established by current regulatory documents are briefly described subsequently.

2. Parameters of periodic monitoring and recovery in information systems

2.1. Periodic monitoring parameters

The main parameters of periodic monitoring and recovery in protected information systems (ISs) are provided as follows:

  • frequency of monitoring (internal monitoring) of security functions operability of information security controls used in the information systems;

  • frequency of external (external audit) of security functions operability of information security controls applied in the information systems; and

  • update frequency of the information system parameters and characteristics relating to the information security (change of passwords, update of the information security controls decision rules or signatures).

The results of completed analysis are shown in Table 1.

Name of documentFrequency of internal monitoringFrequency of external monitoringFrequency of parameters update
ISA 62443–3-3:2013+++
ISO/IEC 27001:2013/ISO/IEC 27002:2013+++
PCI DSS+ (6 months)+ (6 months)+ (90 days)
Australian Government Information Security Manual. Controls1 (Australia)+++ (90 days)
The IT-Grundschutz Catalogs2 (Germany)+++
Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks3 (Great Britain)+
Information Security Provisions in Federal Information Systems4 (Russia)+++ (180, 120, 90, and 60 days)
Requirements for Information Security in Process Control Systems (Russia)+++ (180, 120, 90, and 60 days)
NIST SP 800–535/NIST SP 800-63B6 (USA)+++

Table 1.

Requirements for the periodicity of control.

https://www.asd.gov.au/publications/Information_Security_Manual_2017_Controls.pdf


https://download.gsb.bund.de/BSI/ITGSKEN/IT-GSK-13-EL-en-all_v940.pdf


https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/647,619/requirements_archived.pdf


http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf


https://nvd.nist.gov/800-53/Rev4


http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf


2.2. Periodic backup parameters

In practice [1, 2, 4, 5], the main parameter defining the frequency of periodic information backup is the recovery point objective (RPO)—the maximum period of data loss occurring due to an information security incident. The value recovery time objective (RTO) is the period of the information system unavailability in case of the information security incident. The value of RPO defines the backup frequency (Figure 1).

Figure 1.

Diagram of the system operation and incident recovery.

The analytical review of regulatory documents and methodologies defining the requirements for information security relating to periodic backup and recovery is shown in Table 2.

Document nameRequirements for periodic backupQuantitative values or calculation formulae
ISA 62443–3-3:2013+
ISO/IEC 15408+
ISO/IEC 27001:2013/ ISO/IEC 27002:2013+
Australian Government Information Security Manual Controls++
The IT-Grundschutz Catalogs+
Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks
GOST R 56939+
Information Security Provisions in Federal Information Systems+
Requirements for Information Security in Process Control Systems+
NIST SP 800–53/NIST SP 800–34+
Framework for Improving Critical Infrastructure Cybersecurity1+

Table 2.

Requirements for backup frequency.

www.nist.gov/sites/default/files/documents/cyberframework/cybersecurity-framework-021214.pdf


As the completed review shows (Tables 1 and 2), there are clear requirements for periodic monitoring and backup though their main parameters are defined either by expert judgments or by management order.

Considering high subjectivity of such decisions, it is reasonable to develop mathematical models for the calculation of periodic monitoring and backup parameters.

3. Mathematical models of periodic monitoring and backup

As noted earlier, the basic mechanism for providing functional stability to information systems (ISs) is systematic monitoring and backup against possible failures. There are two key approaches to arranging monitoring in IS. The first one relates to the occurrence of a certain event of the computation process (message processing, initiating an exchange among processes, system program call, etc.) [6]. This approach’s drawbacks are the difficulty in identifying a set of controlled events of the computation process and the potential for unlimited growth of control points. The latter makes the approach hard to apply during IS normal operation, given the specified resource and task-time restrictions.

The second approach involves a periodic check of the system at predetermined intervals [7, 8, 9, 10]. This is consistent with time schedules and allows the existing resource restrictions to be taken into consideration, but fails to fully reflect the stochastic nature of the occurrence of various errors and irregularities. Furthermore, a number of subjective factors make it impossible, in the first place, to organize periodic control in ergatic systems at strictly specified intervals. There is another approach, however, that takes into account the stochastic external factors of IS functional stability, given the specified time and economic constraints.

Under ISO/IEC 15408–1:2009,1 monitoring covers not only SW (assessment object) but also the operational environment. Let us consider stochastic and deterministic models of the earlier procedures.

3.1. Periodic resource monitoring models

Let us conditionally present the IS software (SW) operating process as alternating flows of errors I(y), normal operation recovery I(z), failures I(Q), and SW/environment control (Figure 2).

Figure 2.

Flows of errors, failures, recovery, and control.

Being mutually alternative, the flows of failures and normal system operation recovery result from the flow of errors and are shifted with respect thereto by the values Q(t) and z(t). The maximum of these values determines the manifestation of a respective flow. Assuming the recovery time to be instantaneous, the normal operation recovery flow may be considered part of the control flow. In this case, the task of providing SW functional stability comes down to that of optimizing restricted control that meets the condition z(t) < Q(t).

Let us consider the SW life cycle period t, having regard to the conducted inspection control of repeatable accuracy. Because the period t far exceeds the control time, let us assume the latter to be instantaneous. Then, the SW repeatable accuracy is characterized by the probability P(ẑ<Q) = Fẑ(Q) that the irregularity/vulnerability/error detection time ẑwithin the inter-control interval is not longer than the permissible SW life cycle period Q, where there is an irregularity. A periodic control fragment is shown in Figure 3.

Figure 3.

A fragment of the inspection control of an information security tool.

Let us consider the flow of irregularities (errors and vulnerabilities) to be the simplest one with the density of interval ŷdistribution among them:

gŷ=λeλyE1

where λ is the intensity of irregularities.

Let us define a stochastic model for the detection of irregularities. In this case, control is undertaken a certain number of times with equal probability and independently of one another. Thus, the limited flow formed by all the control points is Bernoulli’s flow with the density of interval T̂distribution among the control points [11]:

fT̂=n/t1T/tn1E2

where n is the number of control points.

The delay time ẑ= T̂ŷis a function of two stochastic variables and has the following distribution function:

Fẑs=Snt1Ttn1λeλydTdy;t>0n>0E3

Having defined the integration limit (Figure 4), we obtain the following:

Fẑs=0tzyy+zn/t1T/tn1λeλydTdy+tztytn/t1T/tn1λeλydTdyE4

Figure 4.

Domain of integrating the irregularity detection time delay interval.

After simplifying (Eq. (4)), we have the following formula:

Fẑs=λ/tn0tzeλytyntzyndy+tzteλytyndyE5

Having expanded the formula integrands as a power series, we obtain an approximate value of the distribution function that is the basic computational ratio:

Fẑs=λi=0nj=0rl=1n+j+11i+j+l+1CniCn+j+1lλjtj+1lzlj!1+j+iE6

where r is the number of iterations.

In order to compare stochastic and deterministic models, let us elaborate on the latter. The deterministic model’s control points form a regular flow with a constant value of the interval T = t/(n + 1) and the irregularity detection time distribution density:

gẑ=λeλTz;0<z<TE7

It can be shown that the expression for the distribution function in the deterministic model is as follows:

Fẑd=eλTeλz1;0<z<TE8

Comparison of the expressions for the models (Eqs. (4) and (8)) suggests that the models under review conform to the process of detecting SW repeatable accuracy disturbances (at specified values λ, Q, t, and n):

FẑszFẑdzE9

The irregularity detection probability Pnfor the SW life cycle period t can be presented as follows:

Pn=n+1FẑE10

where n is the number of inspection control points (n > 0), Fẑ=maxFẑszFẑdz.

A review of the models discussed earlier showed an advantage of the stochastic model, given a small number of inspection control points. Conceptually, it can be accounted for by the fact that even with a small number of random points of SW characteristics control, there is always a likelihood that an irregularity is detected once it has occurred, whereas in the case of the deterministic model, the inspection period may not be less than the specified value.

3.2. Operational environment periodic control model

The control of restrictions imposed on SW primarily involves inspecting SW environment and operation/production conditions. Such inspections help rule out irregularities (errors, vulnerabilities) concerning the SW front-end interface. In this regard, the procedures for detecting environment irregularities can be interpreted as a mechanism to prevent SW irregularities.

Environment control requirements are specified by ISO 15408 standards.

Let us consider IS operation where an SW error prevention mechanism is available.

When developing environment control models, we will adhere to the approach outlined in the previous section. We will assume SW repeatable accuracy to be characterized by the probability Pẑ<Q=FẑQthat the preliminary control ẑtime between the environment control point and a possible point of occurrence of SW characteristic disturbance does not exceed the permissible time Q. Let us define a stochastic model of environment irregularity control (Figure 5).

Figure 5.

Operation of the system, with an irregularity error prevention mechanism available.

It can be shown that the preliminary control time is a function of two random values ẑ=ŷT̂and has the following distribution function:

Fẑs=Snt1Ttn1λeλydTdy;t>0n>0E11

where n is the number of environment control points and λis the SW characteristic disturbance intensity.

Having defined integration limits (Figure 6) and simplified the expression, we obtain the following:

Fẑs=0zfT̂TeλT1eλTdT+ztzfT̂TeλT1eλzdT+tztfT̂TeλTdTeλtztn,E12

Figure 6.

Domain of integrating the irregularity prevention time interval.

Having expanded the formula integrands as a power series, we obtain an approximate value of the distribution function that is the basic computational ratio:

Fẑsni=0rj=0n1b1b2eλtztn;t>0n>0E13

where r is the number of iterations; b1=1i+jCn1iλjj!ti+1i+j+1; b2=ti+j+1zi+j+12jeλztzi+j+1eλz.

Let us compare the obtained stochastic model and the deterministic one. The deterministic model’s control points form a regular flow with a constant value of the interval T = t/(n + 1) and the following preliminary control time distribution density:

gẑ=λeλT+z;0<z<TE14

Hence, the expression for the distribution function in the deterministic model will be as follows:

Fẑd=eλT1eλz;0<z<TE15

By comparing computational model expressions at specified values λ, Q, t, and n, we obtain a criterion to choose a model:

FẑszFẑdzE16

The probability Pnof irregularity prevention for SW life cycle period t can be presented as follows:

Pn=n+1FẑE17

where n is the number of control points (n > 0), Fẑ=maxFẑszFẑdz.

Comparative analysis of stochastic and deterministic models showed the former’s effectiveness with a small number of control points. Therefore, when managing system information security by numerical methods, it is possible to identify preferred models (stochastic, deterministic, or combined) that bolster confidence in SW. This gives an effect akin to introducing structure redundancy, that is, a special type of redundancy—stochastic—the use of which is unlikely to result in higher costs [11].

An example of comparing deterministic and stochastic models is shown in Figure 7.

Figure 7.

Irregularity prevention probability versus the number of preliminary control points.

3.3. Periodic backup models

The previous subsections dealt with deterministic and stochastic SW control models. When tackling comprehensive tasks of providing IS operational reliability and security, it is important to ensure information safety in case of incidents. This can be achieved by developing an incident management system.2

Apart from control models, this work also investigates backup and recovery models.

The backup mechanism is intended to recover a system’s normal operation in case of a failure or an incident, such a recovery starting from the last backup time (Figure 8).

Figure 8.

Program operation using a checkpoint mechanism.

The backup mechanism control task boils down to developing a checkpoint (CP) setting model that minimizes the mathematical expectation of the program operation delay time, given the restrictions on the total SW operation time and the number of CP. The issues of minimizing the mathematical expectation of delay time by changing the CP setting frequency and the determined interval among checkpoints are discussed in [9].

Let us consider a situation when an interval is a random value.

If the failure flow of the computation process is regarded as simple, it can be shown that the delay time ẑ= ŷT̂is a function of two random values and has the following mathematical expectation:

Mẑs=SyTnt1Ttn1λeλydTdy;t>0n>0E18

where n is the number of environment control points and λ is system’s failure intensity.

Having defined integration limits (Figure 9) and simplified the expression, we obtain the following:

Mẑs=0tn/t1T/tn1eλTλdT0t/2n/t1T/tn1e2λTT+1λdTb1,E19

where b1=eλt2n(1λ+nt/2n+2).

Figure 9.

Domain of integrating the program operation delay time interval.

Having expanded the integrands as a power series, we obtain an approximate value of the mathematical expectation of delay time:

Mẑsni=0n1j=0r1j+iCn+1iλjtjb2j!b1,E20

where b2=1λi+j+1t2i+2i+j+212i+1λi+j+1,r is the number of iterations.

In order to compare the obtained stochastic model (Eq. (20)) and the deterministic one, we consider the latter in more detail. The deterministic model’s checkpoints form a regular flow with a constant value of the interval T=tn+1. The delay time distribution density will be as follows:

gẑ=λeλT+z;0<z<T.E21

It can be shown that the expression for the mathematical expectation of delay time in the deterministic model is as follows:

Mẑd=eλTλ1eλTλT+1;0<z<TE22

By comparing the expressions (Eqs. (20) and (22)), we obtain a criterion allowing a model to be chosen at specific values λ, t, and n:

MẑszMẑdzE23

Considering the CP setting time and restart to be instantaneous, we obtain a total SW operation time model, given the availability of the CP mechanism:

tn=t+n+1MẑE24

where t is the SW operation time, n is the number of checkpoints, and Mẑ=maxMẑszMẑdzis the mathematical expectation of the SW operation delay time in case of failure.

Here is an example using the department archive data for the first half of 2017. The database (DB) was inspected seven times over this period. The inspections revealed 12 errors, all of which were corrected by standard methods, with the relevant entry made in the administrator log. The following error parameters were calculated:

  • the average time between errors Mẑ= 43.83 h;

  • the error intensity λ = 0.022 1/h;

  • the average quadratic deviation δẑ= 30.04 h; and

  • Cramér-von Mises criterion (goodness of fit) k(n) = 0.55.

This allowed the error flow to be considered a stationary Poissonian flow. A study of the electronic archive DB operation in 2000–2017 showed that the restriction on the correctable error detection time Q was more than 1 month.

The DB recovery probabilities calculated by the formulas (Eqs. (20) and (22)) and their dependence on the number of control points for the first half of 2010 (t = 1052 h) are shown in Figure 10.

Figure 10.

DB error detection probabilities versus the number of control points.

Taking into account the electronic archive availability requirements, it is advisable to use only three control points when applying the stochastic model (Table 3).

Control typeNumber of control pointsMan hoursRecovery probability
Conventional7421.0
Deterministic4240.99996
Stochastic3180.99997

Table 3.

An example of control parameter calculation results.

Thus, the practical solutions offered in this work allow for the stochastic nature of DB errors. This permits the desired error detection model to be chosen at a specified DB and electronic archive parameters.

4. System functional stability management

In general, IS periodic control involves performing a number of standard procedures:

  • software error control;

  • operational environment error control; and

  • backup in case of failure.

Choosing a strategy and the number of control/backup points helps manage the system’s stability, integrity, and accessibility levels [12]. For example, considering the earlier procedures, one can define the system availability ratio (operational availability factor [13]):

R=tt+Mnrrp+1pPnee+1PneePnppE25

where tis the task solution time, Mnrris the mathematical expectation of the program operation delay time in case of nrbeing the backup points, p is the SW error-free performance (SW efficiency), Pneeis the error prevention probability in case of neenvironment control points, and Pnppis the error detection probability in case of npSW control points.

In the above formula, p is the SW failure-free performance probability; error prevention probability—Pne= ne+1Fẑ; error detection probability—Pnp= np+1Fẑ; availability factor R=tt+Mnrr; Mnrr=t+nr+1Mẑ.

The constraining factor (Eq. (25)) is the SW dependability cost index defined as the cost of standard procedures:

Cnenpnr=Cene+Cpnp+CrnrE26

where Cpis the cost of one SW error detection control event; Ceis the cost of one environment control event for error prevention; and Cris the cost of setting one checkpoint.

The SW operation security management task comes down to optimizing the availability factor, with the constraining factor (Eq. (26)). The following two optimization tasks can be defined:

  1. Direct task: Using partial redundancy of the number of standard procedures, ensure that the SW security index is at least equal to the specified index Rrg, with a minimum possible cost of standard procedures in general, that is

    minCnenpnrRnenpnr>RrgE27

  • Reverse task: Using partial redundancy of the number of standard procedures, ensure that the cost of all standard procedures does not exceed the specified value Crg, with a maximum possible SW reliability index, that is

    maxRnenpnrCnenpnr<CrgE28

  • 4.1. Direct optimization task

    Analysis (Eq. (25)) showed that R is a nondifferentiable monotone increasing function that is strictly convex upward.

    In order to solve optimization tasks, therefore, it is advisable to employ sequential search methods.

    Let us assume the value of incremental difference R(ne, np,nr)/C to be an enumeration criterion. Let us determine an enumeration step in accordance with the dichotomy rule. In this case, the computational scheme for solving the direct task can be presented as follows:

    1. Define a set of initial values of the number of standard procedures:

      No= {n0i, n0j,n0k}, where i,j,k ϵ{e,p,r}.

    2. Calculate the initial value R:

      R0= R(No).

    3. If R0> Rrg, perform the following operations:

      1. 3.1. Find a set of search interval values

        L0= { L0i, L0j, L0k}, where L0l= n0l- nlwl; nlwlis the lower boundary nl.

      2. 3.2. Obtain the set of possible values of the number of standard procedures

        N1i= {n1i, n0j,n0k}, where n1i=n0iL0i/2.

      3. 3.3. Find another set of values of the number of standard procedures

        N1= N1i, where i is the index of the standard procedure conforming to the minimization condition:

        min(R0- R(N1i)/(CiL0i/2)), where i,j,k ϵ{e,p,r}.

    4. If R0< Rrg, perform the following operations:

      1. 4.1. Find a set of search interval values

        L0= {L0i, L0j, L0k}, where L0l= nul- n0l; nulis the upper boundary nl.

      2. 4.2. Obtain three sets of possible values of the number of standard procedures

        N0i= {n1i, n0j,n0k}, where n1i=n0i+L0i/2.

      3. 4.3. Find another set of values of the number of standard procedures

        N1= N1i, where i is the index of the standard procedure conforming to the maximization condition:

        max(RN1iR0- /(CiL0i/2)), where i,j,k ϵ{e,p,r}.

    5. Increase the iteration index

      τ=τ+1.

    6. Calculate the value R

      Rτ=RNτ.

    7. Find a set of search interval values

      Lτ= {Lτi,Lτ1j,Lτ1k}, where Lτi=Lτ+1i/2.

    8. If R0>Rrg, perform the following operations:

      1. 8.1. Obtain a set of possible values of the number of standard procedures

        Nτi= {nτ+1i,nτj,nτk}, where nτ+1i=nτiLτi/2.

      2. 8.2. Find another set of values of the number of standard procedures

        Nτ=Nτ+1i, where i is the index of the standard procedure conforming to the minimization condition:

        min(R0- R(Nτ+1i)/(CiLτi/2)), where i,j,k ϵ{e,p,r}.

        If Nτ+1=Nτ1, withdraw from the procedure.

    9. Otherwise (Rτ<Rrg), perform the following operations:

      1. 9.1. Obtain the set of possible values of the number of standard procedures:

        Nτ+1i= {nτ+1i,nτj,nτk}, where nτ+1i=nτi+Lτi/2.

      2. 9.2. Find another set of values of the number of standard procedures

        Nτ+1=Nτ+1i, where i is the index of the standard procedure conforming to the maximization condition:

        max(RNτ+1iR0/(CiLτi/2)), where i,j,kϵ{e,p,r}.

      3. 9.3. If Nτ+1=Nτ1, record the value Rτ+1= R (Nτ1) and withdraw from the procedure.

    10. Proceed to item 5.

      The period of this computation scheme can be reduced as follows:

      • by specifying the effective initial values, for example, by using personnel’s experience (knowledge) or statistically accumulative tables;

      • by reducing the calculation of standard procedure indices to their calculation only as per deterministic models. This is acceptable with a great number of standard procedures (more than 5–20) when stochastic models are less effective than deterministic ones.

    4.2. Reverse optimization task

    The reverse task can be solved using the branch-and-bound procedure. In this case, the computation scheme will be as follows:

    1. Specify a cost-ordered set N of initial values of the number of standard procedures

      Nτ= {nτ1,nτ2,nτ3}, C1C2C3,

      which meets the normalization requirement:

      0Crq- i=13nCiCi; i=1;3¯,

      where τis the ramification index;

    2. Calculate the maximum value R by directed enumeration n2at the fixed value n1=nr1and the initial value n2=nr2:

      RNτ=maxRn1=nτ1),

      where Nτmeets the normalization requirement;

    3. Calculate the maximum value R by directed enumeration n2at the fixed value n1=nτ1+1and the initial value n2=nτ2:

      RNτ+1=maxRn1=nτ1+1),

      where Nτ+1meets the normalization requirement;

    4. Calculate the maximum value R by directed enumeration n2at the fixed value n1=nτ11and the initial value n2=nτ2:

      RNτ1=maxRn1=nτ11), where Nτ1meets the normalization requirement;

    5. If Rτ=maxRτ1RτRτ+1, withdraw from the computation scheme;

    6. If Rτ+1=maxRτ1RτRτ+1, let τ=τ+1, perform item 3 and proceed to item 5;

    7. If Rτ1=maxRτ1RτRτ+1, let τ= −1 and proceed to item 4.

    In practice, there may be a task of calculating indices not for the SW functional stability (dependability) system in general but for a part thereof (checkpoint or error prevention/detection mechanisms). This means a transition from multidimensional to unidimensional task interpretation, which helps substantially simplify computational procedures. Thus, solving a partial reverse optimization task boils down to a single calculation of a specific index when n=Crq/C.

    When solving a direct task, the effectiveness of the computation scheme can be additionally improved by adjusting the variable change interval, for example, by defining the next variable value in accordance with a distribution law, and so on.

    5. Conclusion

    Thus, in this section, we have considered stochastic and deterministic models of SW periodic monitoring and backup, which allow for time and computational/data resource constraints. Representing monitoring and backup points as a restricted Bernoulli’s flow helps obtain random time intervals with the preset number thereof and, accordingly, allow for the effect of stochastic external factors on the system operation process.

    Comparative analysis of stochastic and deterministic models showed the former’s effectiveness with a small number of control and backup points. Therefore, when managing IS stability by numerical methods, it is possible to identify preferred models (stochastic, deterministic, or combined) which enhance IS functional stability. This gives an effect akin to introducing structure redundancy, that is, a special type of redundancy (stochastic), the use of which is unlikely to result in higher costs. The application of stochastic models in engineering systems can be facilitated by using a random-impulse generator that forms random-restricted Bernoulli’s flows [11].

    A similar approach was taken as a basis to solve the problem of efficiency assessment of the diagnostic mechanism for data array failures. Apart from the IS resource control and backup domain, the above-stated results can be of use in assessing the cost-effectiveness of control measures and mechanisms being implemented in various engineering and management systems. For better use of stochastic models, it is possible to use a random pulse generator (e.g., [14]).

    Notes

    • ISO/IEC 15408–1:2009: IT—security techniques—evaluation criteria for IT security.
    • ISO/IEC TR 18044:2004 IT—security techniques—information security incident management.

    How to cite and reference

    Link to this chapter Copy to clipboard

    Cite this chapter Copy to clipboard

    Alexey Markov, Alexander Barabanov and Valentin Tsirlov (September 26th 2018). Periodic Monitoring and Recovery of Resources in Information Systems, Probabilistic Modeling in System Engineering, Andrey Kostogryzov, IntechOpen, DOI: 10.5772/intechopen.75232. Available from:

    Embed this chapter on your site Copy to clipboard

    <iframe src="http://www.intechopen.com/embed/probabilistic-modeling-in-system-engineering/periodic-monitoring-and-recovery-of-resources-in-information-systems" />

    Embed this code snippet in the HTML of your website to show this chapter

    chapter statistics

    62total chapter downloads

    More statistics for editors and authors

    Login to your personal dashboard for more detailed statistics on your publications.

    Access personal reporting

    Related Content

    This Book

    Next chapter

    Probabilistic Analysis of the Influence of Staff Qualification and Information-Psychological Conditions on the Level of Systems Information Security

    By Igor Goncharov, Nikita Goncharov, Pavel Parinov, Sergey Kochedykov and Alexander Dushkin

    Related Book

    First chapter

    Introductory Chapter: Introduction to Dependability Engineering

    By Fausto Pedro García Márquez and Mayorkinos Papaelias

    We are IntechOpen, the world's leading publisher of Open Access books. Built by scientists, for scientists. Our readership spans scientists, professors, researchers, librarians, and students, as well as business professionals. We share our knowledge and peer-reveiwed research papers with libraries, scientific and engineering societies, and also work with corporate R&D departments and government entities.

    More about us