Conceptual Model of Information Security

The presented paper deals to create a conceptual model of information security. The purpose of the paper is to investigate existing models and develop a first-level conceptual model and lower-level models. The above analysis of existing models showed their main disadvantage. This is the absence of any dialectical connections between model elements. Such schemes are primitive in terms of their use in the organization of protection systems. The proposed model allows you to look at the task of creating information protection systems taking into account the impact of vulnerabilities on possible scenarios of attacks by the intruder, the impact of detected vulnerabilities on the protection system, in terms of its improvement, the possibility of passive counteraction to the actions of the intruder. The second-level models examined the elements of the first-level model in more detail, which made it possible to penetrate more deeply into the ideology of creating protection systems, including proactively depriving some of the capabilities of a potential violator.