ASSESSMENT OF INFORMATION SYSTEM PROTECTABILITY ON THE BASE OF DEVELOPMENT OF TREE OF SOCIAL ENGINEERING ATTACK
St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences, Laboratory of Computer Security Problems ; Professor
Abstract. An approach to the problem of information system protectability assessment is developed as an outgrowth of the method proposed by the authors earlier. The new approach is based on development of trees of socioengineering attacks. The concepts of model and construction related to the possibility of account for socioengineering attacks are introduced
Keywords: information security, security analysis, information system, social engineering attacks, protection criterion.