Модели и методы информационно-телекоммуникационной системы ВУЗА/Models and methods for University information and telecommunication systems тема диссертации и автореферата по ВАК РФ 00.00.00, кандидат наук Ник Аин Купаи Алиреза

Introduction

Relevance of the research topic. Progress in the field of technologies for synthesizing infocommunication systems, primarily based on packet technologies for transmitting and processing information, also covers the citadels of training and research-Universities around the world. The rapid growth of cloud technologies creates new conditions and imposes new requirements for informatization and automation of learning and research processes in the interests of training students for subsequent work in industrial and research enterprises that determine the development of the economy and progress in general in all countries of the world.

In the context of increasing risks and threats to the information security of University infocommunication systems aimed at hacking university information protection systems, its disclosure, substitution, modification and distortion, ensuring information security and protection of university infocommunication resources, information and supporting infrastructure of Universities is an important and urgent task. Its solution will allow Universities to ensure the confidentiality, reliability, accessibility and safety of university information, primarily providing for the educational process, prevent disclosure of legally protected university data, claims and descriptions of inventions, intellectual property, etc., as well as improve the reliability of systems and means for collecting, storing, processing, transmitting and displaying university information.

Proposed in the framework of the logical-probabilistic approach of the scientific school of A. N. Nazarov, cloud technological solutions based on the creation of a monitoring cluster based on Hadoop technology have a common application. However, in practical terms, focused on specific university activities, it is necessary to conduct a study in which it is necessary to identify and formalize the features of the formation and

characteristics of university data that may be subject to cyber attacks.

In general, the typical structure of a University cluster consists of a head academic office and offices of specialized subject-oriented departments of the University (faculties, institutes, administrative and economic services, etc.) distributed over a large territory. In each of them, in the 21st century, their activities are carried out on the basis of information exchange and data storage processes. Thus, the task arises of creating a secure corporate infocommunication system that is geographically distributed, which requires urgent solutions to a number of new scientific problemsassociated, first of all, with the rapid development of infocommunication technologies.

Questions of implementation of safety methods and models have been considered to varying degrees in the works of a number of other authors and scientists, such as A. Nazarov, K. Sychev, H. Wang, D. He and S. Tan, V. O. Sirotyuk, V. V. Kulba and N. P. Kurochka, V. V. Kulba, S. S. Kovalevsky, S. A. Kosyachenko. These documents mainly describe the approaches and techniques needed to ensure database security.

Some issues of mathematical modeling for IaaS in cloud computing are reflected in the works of Russian and foreign scientists: A. Shakhmatov, A. Lyamin, V. Borisov and K. Ples, A. Meckel, V. Grigoriev and A. Nazarov, K. Sychev, aimed at providing a secure mathematical platform against cyber attacks. On the other hand, other scientists have provided some other secure architectural mathematical model for the database to build strong cryptographically optimized algorithms to protect data from cyber attacks, such as A. Kahate, J. Chang, CW Huang, KH Chang, YC Chen and CC Hsieh, M. erban, A Moh 'd, Y Jararweh, and LA Tawalbeh V. R. Grigoriev and A. N. Nazarov and others, where the problems of presenting methodological aspects of parallel problem solving in a cloud cluster for monitoring cyber attacks were considered.

The tasks of creating models and methods for ensuring information security and evaluating the possibility of providing services in them remain relevant.

Since the transformation of existing local automation systems for university

learning and research processes to new cloud-based technological solutions is accompanied by changes in the forms and methods of data representation and processing, the classical approaches to studying the features of teletraffic delivery and processing developed in numerous works of the above-mentioned scientists do not take into account the features of the latest cloud technologies and modern teletraffic of University learning and research processes in the 21st century.

From the above, the relevance of the dissertation follows.

The aim of the work is to increase the efficiency of planning, designing and developing aon secure infocommunication system of the University by developing and using models and methods for calculating structural and network parameters based on cloud solutions.

The scientific task, that is solved in the dissertation is to resolve the contradiction between the complexity of the processes of structural and network synthesis of the University's infocommunication system (UIS) and its elements and the underdevelopment of their model and methodological support based on the development of a set of models and methods, numerical research and computational justification of a secure UIS based on cloud, batch technologies, for solving a wide class of applied problems of UIS planning, design and development from a system perspective.

The object of research is the processes of transportation, aggregation and protection of teletraffic, as well as the distribution and evaluation of resources in the cloud system, which allow creating a secure UIS.

The subject of the research is the theoretical and practical foundations of creating analytical and algorithmic models for traffic transportation, aggregation, and protection, methods for identifying traffic parameters and allocating resources in an UIS, as well as the application of developed models and methods for automating a wide class of applied problems for calculating structural and network parameters of UIS fragments.

To achieve this goal and solve a scientific problem, it is necessary to solve a

complex of interrelated private scientific problems:

• Analysis of the state and directions of development of the information and communication network, mechanisms for providing them with modern services;

• Model of traffic of cloud university services;

• Methodological approaches to the development of IaaS models and computational justification of design solutions for cloud-based university ecosystems;

• Model of resource provision in the university cloud;

• Security analysis, measures to mitigate threats and attacks and their impact on the information and communication network;

• Preventing the occurrence of conditions that contribute to the occurrence of destabilizing factors (hereinafter -referred to as DF, DF);

• Prevention of exposure to the risk of manifested and detected DF,

• Identification of the impact of DF on the risk object;

Research methods. In the course of the research, methods of system analysis, probability theory, mathematical statistics, cryptography, number theory, mathematical programming theory and algebra were used.

The scientific novelty of the results of the dissertation work is as follows:

1. Developed a set of mathematical models for calculating the mechanism of access control to the information structure, which allows you to calculate the parameters of data flows between user permissions.

2. The relevance of developing models and methods for resource research, as well as computational justification of IaaS design decisions, is shown. Based on the results of the analysis of IaaS deployment models and the selected dynamic bit traffic model, a model for providing resources for IaaS services is obtained. The scientific task of estimating the number of IaaS virtual connections was defined and formalized.The results of this task were used to obtain a new optimization model of the IaaS "sources -

boundary nodes" system and to develop an area coverage method for calculating the total number of IaaS virtual connections.

3. A new modification of the AES-512-bit input blocks is recommended, since a larger key size makes the algorithm more secure, and a larger input block increases the efficiency of the algorithm. The implemented AES-512 bit method, which provides high-quality encryption, takes advantage of Pre-Shared Table (PST) and provides faster processing speed with stable surface improvement. Additional increments are acceptable in this area and make the proposed algorithm ideal for applications that require a high level of security and power, such as multimedia communications.

4. Providing a method that allows you to determine the number of virtual connections for various services that can be processed in a cloud cluster with a given quality, taking into account. On the one hand, the flow of requests from sources of various services to provide virtual connections, and the needs of the same services in transfer rates, taking into account analytical relations for calculating the required performance of a cloud cluster for a given value of the probability of losing a micro-packet of DStream streams, are obtained.

The reliability of the results, conclusions and recommendations is ensured by the correctness of the output of mathematical dependencies for calculating network parameters, the mathematical methods used, the correspondence of the results obtained by analytical calculations and modeling, and consistency with known data published in domestic and foreign publications.

Theoretical of the work. The theoretical of the results lies in the development of a comprehensive approach to calculating the parameters of data secrecy in the network, indicators of the quality of application service, in the development of a method and algorithm for forming an advanced security level that reduces the number of attacks in the network channel.

The practical significance of the work is that the implementation in processes of

planning, design and development of infocommunication University system the results of the research will allow significantly improve the quality of construction and operation of IaaS. The results obtained contribute to the development of the theory and practice of synthesis virtual connections in cloud systems on streaming packets technologies. The practical value of the work is emphasized by the fact that the results The work allows us to obtain estimates of the required cloud resources in R&D for research and development of modern information and telecommunication technologies and systems, as well as the development of system-technical proposals for their implementation in IaaS projects. The results obtained in the dissertation can be used in research and development of system and engineering solutions for construction and operation of IaaS, as well as in the development of system projects for the development of the University's infocommunication system in terms of designing a telecommunications framework, planning its development, feasibility study for the choice of principles of structural and architectural organization, as well as network management subsystems, preparation technical and financial proposals. The results obtained are applicable to solving the complex problem of bit identification and management multiservice burst traffic in IaaS for any services.

Use and implementation of the work result. The developed methodology is currently implemented in the educational process of the Center for Information Technologies and Systems (CITAS) at the Moscow Institute of Physics and Technology-National Research University - MIPT.

Testing the work. The results presented in the dissertation were discussed at the following conferences:

1. 2019 Systems of Signals Generating and Processing in the Field of on-Board Communications, 2019;

2. 2020 Systems of Signals Generating and Processing in the Field of on-Board

Communications, 2020;

3. 2020 SYNCHROINFO JOURNALA in the field of Radio and Information Systems;

4. 2019 International Conference on Engineering and Telecommunication (EnT), MIPT;

5. 2020 Systems of Signals Generating and Processing in the Field of on-Board Communications, 2020;

6. 2023 Journal of Research in Engineering and Applied Sciences;

7. 2024 Journal of Research in Engineering and Applied Sciences - in press;

Publishing results.

8 publications indexed in international databases (SCOPUS, Web of Science).

8 articles were published on the topic of the dissertation. Of these, one was published in a journal listed by the Higher Attestation Commission, 6 articles were indexed in Scopus, and 2 papers were published in Web of Science (WoS).

Personal contribution of the author.

All submitted scientific results are received by the applicant personally. The author was directly involved in planning and conducting the work, processing and discussing the results obtained, and preparing publications.

In co-authored papers, the applicant plays a leading role in setting the problem, developing a method for solving it, conducting a computational experiment, and summarizing the results obtained.

Compliance with the specialty passport.

The research conducted by the author is included in the research area "2.2.15. Telecommunication systems, networks and devices." (pp. 1, 6, 16, 17, 19).

Provisions submitted for defense.

1. Results of the analysis of standard technical solutions for information and communication systems of the University in a network environment, which allowed us to

develop a family of models of multiservice cloud packet traffic and methodological approaches to assessing the characteristics and resource support for transporting such traffic, taking into account the features of standard information technologies and the features of forming University databases.

2. A set of mathematical models has been developed for calculating the access control mechanism to the information structure, which allows calculating the parameters of data flows between user permissions with the recommended new modification of the input blocks encryption algorithm of the AES-512 bit encryption algorithm, since a larger key size makes the algorithm more secure, and a larger input block increases the algorithm efficiency. The implemented AES-512 bit method, which provides high-quality encryption, takes advantage of PST (Pre-Encrypted Searcher) and provides faster processing speed with stable surface improvement. Additional increments are acceptable in this area and make the proposed algorithm ideal for applications that require a high level of security and power, such as multimedia communications.

3. A set of mathematical models for calculating the degree of secrecy of data flows in the university database, based on the formation and analysis of information and technical structures, which are the basis of a new method for forming an algorithm that implements it, which can significantly increase security due to the PST table.

Work structure

The dissertation consists of an introduction, 4 sections, analytical results, a conclusion, a list of figures, a list of references, and several appendices. The main part is described in 122 pages.

I would like to express my deep gratitude to My family for their constant support and to my supervisor for the tasks assigned, to the staff of the Department of Radio Engineering and Cybernetics for their attention to my work and the creative atmosphere.

Conclusion

The following main results were obtain in the dissertation research.

1. A scientific problem statement is formulated, which is solved in the dissertation. The models and methods proposed in the DB allow to construct effective mechanisms for the protection of DB structures at the canonical, logical and physical levels of their representation, providing access and admission to the content of DB only with the appropriate user authority and establishing rules for user interaction with information resources according to the criteria of optimal, consistent with the requirements.

2. Developed on the basis of the entropy approach, the IaaS model of the system" information sources - boundary nodes" describes the most likely distribution of data from information sources over IaaS boundary nodes fixed in space, and all its coefficients have a certain physical meaning. The model allows you to get the values of the upper and lower estimates of the number of VC as a function of the bit rate values of information sources. The development of the method of covering areas for solving the problem of calculating the number of virtual connections in IaaS is proposed. The new algorithm of this method allows you to implement a step-by-step procedure for calculating the number of virtual connections in IaaS based on the directed formation of covering areas of traffic condensation based on the entropy approach. The results obtained in this paper can be useful in solving the problem of structural-topological synthesis of IaaS at the pre-project stage.

3. New modification of AES-512 bit input blocks because the larger key size makes the algorithm safer, and the larger input block increases algorithm efficiency. The introduced method of AES-512 bit, which designed high encryption, takes advantage of PST and produces faster processing speed with stable surface improvement. Extra increments are tolerable in the area and make the proposed algorithm ideal applications

that require high levels of security and power such as multimedia communications. Nevertheless, it proved that GCM is secure using a strong block cipher since choosing a unique initialization vector for each encryption produced with the same key.

4. A method of statistical compaction of the necessary cloud resource in the processing of streaming services in the interests of monitoring systems for various purposes has been developed. A method for calculating the number of uncompacked streaming virtual connections in a cloud cluster is proposed.

5. Based on the developed models, the proposed analytical relations that allow to assess the gain from statistical multiplexing and determine the number of virtual connections for different services, which can be handled in a cloud-based cluster with a given quality, taking into account, on the one hand, the flow of requests the sources of the various services on the virtual connection, and, on the other hand, needs the services of transmission rate taking into account poly-burst traffic.

6. New hybrid solutions are presented regarding data classification, error correction, and Homomorphic techniques. The Homomorphic technique in this method is used for privacy-preserving out-source storage and computation. The privilege of the classification technique is that here it requires a small number of training data to estimate the event which is going to happen or not with a respect to the servers' data collection. The error correction technique is handle to detect and correct a limited number of errors in transmitted data without the re- transmission which leads to prevent any malicious packets that slow down traffic on the network. Besides, this technique does not need a handshaking method between the source and the destination - is used for broadcasting data to many destinations simultaneously from a single source. It is operated in real-time systems also because it saves the bandwidth required for re-transmission. The proposed architecture and its solutions are more secure and reliable in cyberspace which performs communication in both indoor and outdoor networks and different applications. The reason for using hybrid method is to support and cover the weakness of other parts of the

algorithms used in the system. This hybrid solution makes the network safe under active cyber-attacks because the attacker must pass through several security walls simultaneously due to the availability of several layers of security.

References

1. A N A Koupaei., A N Nazarov. An Architecture Model for Active Cyber Attacks on Intelligence Info-communication Systems:Application Based on Advance System Encryption (AES-512) Using Pre-Encrypted Search Table and Pseudo-Random Functions(PRFs) // International Conference on Engineering and Telecommunication (EnT). Dolgoprudny. Russia. — 2019. — P. 1-5.

2. A N A Koupaei., A N Nazarov. A Hybrid Security Solution for Mitigating Cyber-Attacks on Info-Communication Systems // International Conference Engineering and Telecommunication (EnT). Dolgoprudny. Russia. — 2020. — P. 1-4.

3. Nik Aein Koupaei, Alireza . A hybrid method for improving quality of service in constraint-based availability in the cloud for SMEs // International Journal of Cloud Computing. — 2019. — Vol. 8. — P.103-107.

4. Nazarov A.N. Model of parallel processing of tasks in the cloud cluster Hadoop // Proceedings of the XIII international industry scientific and technical conference.Technologies of the information society. Vol. 2. — 2019. — P. 69-71.

5. Nazarov A N., Grigoriev V R. Methodological aspects of parallel problem solving in the cloud cluster of cyber-attacks monitoring // Proceedings of the XVIII scientific and practical conference Information technologies in public administration. Digital transformation into human capital. FSUE research Institute "Voskhod". Moscow. — 2019. — P. 4.

6. Abdrakhmanova., Gulnara Alekseeva., Nina Belousov., Dmitry Blinkin., Mikhail Burov., Vasily Carlin., Lev Chulok., Alexander Dobrolyubov. Russia 2030: Science and Technology Foresight. // National Research University Higher School of Economics. Russia 2030. — 2015. — P. 1400.

7. E Vdovkina. The strategy for the development of the information technology industry in the Russian Federation for 2014-2020 and for the future until 2025 // — 2013.

— Order 2036. — P. 1360.

8. Shakhmatov A., Lyamin A., Borisov V., Ples K. On the analysis of requirements to information security in the public cloud systems // Collection of proceedings of XVIII scientific and practical conference Information technologies in public administration. Digital transformation into human capital. Russia. Moscow. Federal state unitary enterprise "Research Institute "Voskhod". — P. 67-80.

9. S. H. Alrasheed., M. Aied alhariri., S A Adubaykhi., S El Khediri. Cloud Computing Security and Challenges: Issues, Threats, and Solutions // 5th Conference on Cloud and Internet of Things (CIoT). Marrakech. Morocco. — 2022. — P. 166-172.

10. ITU-T. Information Security - Security Cloud computing // Reference architecture 2014. Recommendation Y.3502. Access: https://www.itu.int/rec/T-REC-Y.3502-201408-I/en.

11. A. Jagruthi., K. Vikas., G Nookaraju., K R Teja., G Sanjana,. M A Jabbar. Enhancing Data spillage in Multi-Cloud Storage Services // 13th International Conference on Computing Communication and Networking Technologies (ICCCNT). Kharagpur. India. — 2022. — P. 1-4.

12. ITU-T. Cloud computing - Functional architecture for Network as a Service // 2017 Recommendation Y.3515. Access: https://www.itu.int/rec/T-REC-Y.3502-201408-I/en.

13. L. Bordak. Cloud Computing Security // 17th International Conference on Emerging eLearning Technologies and Applications (ICETA). Stary Smokovec. Slovakia. — 2019. — P. 87-92.

14. Alvaro A Cardenas., Saurabh Amin., Shankar Sastry. Secure control: Towards survivable cyber-physical systems // The 28th International Conference on Distributed Computing Systems Workshops. — 2008. — P. 495-500.

15. Yilin Mo., Tiany Hyun-Jin Kim., Kenneth Brancik., Dona Dickinson., Heejo Lee., Adrian Perrig et al. Cyberphysical security of a smart grid infrastructure //

Proceedings of the IEEE. — 2012. — Vol. 100. no. 1. — P. 195-209.

16. Yao Liu., Peng Ning., Michael K. Reiter False data injection attacks against state estimation in electric power grids // ACM Transactions on Information and System Security (TISSEC). — 2012. — Vol. 14. no. 1. — P. 13.

17. Patrick Tague., David Slater., Radha Poovendran., Guevara Noubir. Linear programming models for jamming attacks on network traffic fellows // IEEE International Symposium on Modeling and Optimization in Mobile Ad Hoc and Wireless Networks (WiOpt). — 2008. — P. 207-216.

18. Nazarov A., Sychev K. Models and methods for calculating the indicators of quality of functioning of the equipment units and structural parameters of the network the next generation networks // 2th edn. LLC Policom. Russia. Krasnoyarsk. — 2011. — P. 491.

19. Nazarov, A. Processing streams in a monitoring cluster // Russian Technological Journal. — 2019. — Vol. 6. — P. 54-65.

20. H. Wang., D. He, S. Tang. Identity-Based Proxy-Oriented Data Uploading and Remote Data In-tegrity Checking in Public Cloud // IEEE Trans. Information Forensics and Security. — 2016. — vol. 11. no. 6. — P. 1165-1176.

21. V. V. Kulba., S. S. Kovalevsky, S. A. Kosyachenko, V. O. Sirotyuk. Theoretical bases of designing optimal structures of distributed databases // Series "Informatization of Russia on the threshold of the twenty-first century. Moscow. — 1999. — P. 660.

22. V. O. Syrotyuk., V. O. Syrotyuk. Methods and means of ensuring the information security of patent offices // Patent information today. — 2012. — no.2. — P. 3-11.

23. V. V. Kulba., N. P. Kurochka. Mathematical Model of Information Security in Databases // Internet-magazine "SCIENCE". — 2015. — Vol. 7. no. 3.

24. J. R. Vacca., J. R. Vacca Morgan Kaufmann. Computer and Information Security Handbook. — 2017. — P. 1280.

25. A.N.Nazarov. Pricessing streams in a monitoring a cloud cluster // RTJ. Russian Technological Journal. — 2019. — Vol. 7 — P. 56-67.

26. A.N. Nazarov. Service traffic models with bit rate of transmission in wideband integral service digital networks Autom // Remote Control. — 1998. — P. 1245-1254.

27. Wolkerstorfer J., Oswald E, Lamberger M. An ASIC implementation of the AES SBoxes // In Cryptographers Track at the RSA Conference. Springer Berlin Heidelberg. — 2002. — P. 67-78.

28. V. O. Syrotyuk. Methods and means of ensuring the information security of patent offices // Patent information today. — 2012. — no.2. — P. 3-11.

29. V.V. Kulba. Mathematical Model of Information Security in Databases / N.P. Kurochka // Internet-magazine SCIENCE. — 2015. — Vol. 7. no. 3.

30. M. Gregg. The Network Security Test Lab // A Step-by-Step Guide, John Wiley And Sons. — P. 488.

31. McGrew D. Galois Counter Mode / in van Tilborg H.C.A. Jajodia S. (eds) // Encyclopedia of Cryptography and Security. Springer. Boston. MA. — 2011. — P. 340.

32. Biryukov A. Adaptive Chosen Plaintext and Chosen Ciphertext Attack / In: van Tilborg H.C.A., Jajodia S. (eds) // Encyclopedia of Cryptography and Security. Springer. Boston. MA. — 2011. — P 205.

33. Kizza Joseph Migga. Guide to Computer Network Security // Springer. — 2017. — P. 569.

34. H Wang., D. He, S. Tang. Identity-Based Proxy-Oriented Data Uploading and Remote Data In-tegrity Checking in Public Cloud // IEEE Trans. Information Forensics and Security. — 2016. — Vol. 11. no. 6. — P. 1165-1176.

35. Koupaei A. N., Nazarov A. N. Security analysis threats, attacks, mitigations and its impact on the internet of things (IOT) // SYNCHROINFO JOURNAL. — 2020.

— V.6(4). — P. 36-41.

36. A.N. Nazarov., A. Nik Aein Koupaei. Models of Risk of Attack of university Infocommunication System // 2019 Systems of Signals Generating and Processing in the Field of on Board Communications. Moscow. Russia. — 2019. — P. 1-8.

37. A.N. Nazarov., A.N.A. Koupaei., . Dhoot A., Azlan A,. S.M R. Siadat. Mathematical Modelling of Infrastructure as a Service // 2020 Systems of Signals Generating and Processing in the Field of on Board Communications. Moscow. Russia.

— 2020. — P. 1-6.

38. S. Naik., V. Maral. 2017. Cyber security in IoT // 2nd IEEE International Conference on Recent Trends in Electronics, Information Communication Technology (RTEICT). Bangalore. —2017. — P. 764-767.

39. Pacheco J., Hariri S. 2016. IoT security framework for smart cyber infrastructures // 2016 IEEE 1st International Workshops on Foundations and Applications of Self Systems. Augsburg. Germany. — 2016. — P. 242-247.

40. Z. C. L. V. Sheng Z., Mahapatra C. Recent advances in industrial wireless sensor networks toward efficient management in IoT \\ 2015. — Vol. 3. — P. 622-37.

41 C. V. C. S. G. A. H. Y. Baronti P., Pillai P. Wireless sensor networks: A survey on the state of the art and the 802.15.4 and zigbee standards \\ Computer Communications. —2007. — Vol. 30. — P. 1655-1695.

42. M. M. Hossain., M. Fotouhi., R. Hasan. Towards an analysis of security issues, challenges, and open problems in the internet of things \\ 2015 IEEE World Congress on. IEEE. —2015. — P. 21-28.

43. Mahmoud Ammar., Giovanni Russello., Bruno Crispo. Internet of Things: A survey on the security of IoT frameworks // Jour- nal of Information Security and Applications. —2015. —Vol. 38. — P.8-27.

44. Angen, Gaute., Hallstensen., Christo er., nekkenes., Einar. A frame-work for estimating information security risk assessment method completeness // International Journal of Information Security. —2018. — Vol. 17. — no 6. — P. 681-699.

45. D. X. Z. Xuanxia Yao., Xiaoguang Han. A lightweight multicast authentication mechanism for small scale iot applications // IEEE Sensors. —2013. — Vol. 13. — P. 3693-3701.

46. Arbia Riahi., Yacine Challal., Enrico Natalizio., Zied Chtourou., Abdelmad-jid Bouabdallah. A Systemic Approach for IoT Security // IEEE. DCOSS. — 2013. — Boston. United States. — P. 351-355.

47. M. K. Khan., S.-K. Kim., K. Alghathbar. Cryptanalysis and security enhancement of a more efficient secure dynamic idbased remote user authentication scheme // Computer Communications. —2011. — Vol. 34. — No. 3. —P. 305-309.

48. Liu., P. Ning. Multilevel tesla: Broadcast authentication for distributed sensor networks // ACM Transactions on Embedded Computing Systems (TECS). —2004. — Vol. 3. — No. 4. — P. 800-836.

49. W. Ben Jaballah., M. Mosbah., H. Youssef. Performance evaluation of key disclosure delay-based schemes in wireless sensor networks in Pervasive Computing and Communications // International Conference on Pervasive Computing and Communications Workshops. — 2013. — P. 566-571.

50. B. Mbarek., A. Meddeb., W. B. Jaballah., M. Mosbah. A secure authenticatio // 12th International Conference of Computer Systems and Applications.—2015. Marrakech. —P. 1-7.

51. A. Nazarov. Estimation of information safety level of modern infocommunication networks on basis of logic-probability approach // Automation and Remote Control. — 2007. — Volume 68.—P. 1165-1176

52. A. Nazarov., Nguyen Xuan Tien., Tran Minh Hai. Modeling of information attacks, and security risk assessment facilities // T-Comm. — 2016. — Vol. 10. — No. 8.

— P. 69-78.

53. H. Wang., D. He, S. Tang. Identity-Based Proxy-Oriented Data Uploading and Remote Data In-tegrity Checking in Public Cloud // IEEE Trans Information

Forensics and Security. — 2016. — Vol. 11. — No. 6. — P. 1165-1176.

54. V. O. Syrotyuk. Methods and means of ensuring the information security of patent offices // Patent information today. — 2012. — No.2. — P. 3-11.

55. Chang CJ., Huang CW., Chang KH., Chen YC., Hsieh CC. High throughput 32-bit AES implementation in FPGA. InCircuits and Systems // IEEE Asia Pacific Conference. — 2008. — P. 1806-1809

56. M. erban. Methods to Increase Search Performance for Encrypted Databases, Procedia Economics and Finance // ISC International Cnference.—2017.—P. 1063-1068.

57. Moh'd A., Jararweh Y., Tawalbeh LA. AES-512: 512-bit Advanced Encryption Standard algorithm design and evaluation // In Information Assurance and Security (IAS). — 2011. — P. 292-297.

58. Wolkerstorfer J., Oswald E., Lamberger M. An ASIC implementation of the AES SBoxes // In Cryptographers Track at the RSA Conference.—2002. Berlin Heidelberg. —P. 67-78.

59. Umanailo. M., Chairul Basrun. Cybercrime Case as Impact Development of Communication Technology That Troubling Society // Int. J. Sci. Technol. —2019.—P. 1224-1228.

60. Lee., Junho. A Software Development Methodology for Secure Web Application // International Journal on Advanced Science, Engineering and Information Technology. —2019. —P. 336-341.

61. Wazid, Mohammad., Sherali Zeadally., Ashok Kumar Das. Mobile banking: evolution and threats: malware threats and security solutions // IEEE Consumer Electronics Magazine. —2019. —P. 56-60.

62. Hole., Kjell Jorgen., Vebjorn Moen., Thomas Tjostheim. Case study: Online

banking security // IEEE Security & Privacy. —2006. —P. 14-20.

63. Peotta., Laerte. A formal classification of internet banking attacks and vulnerabilities // International Journal of Computer Science & Information Technology. — 2011. —P. 186-197.

64. Nagaraju., Sabout., Latha Parthiban. Trusted framework for online banking in public cloud using multi-factor authentication and privacy protection gateway // Journal of Cloud Computing. —2015. —P. 22.

65. Kour., Jaspreet., M. Hanmandlu., A. Q. Ansari. Biometrics in Cyber Security // Defence Science Journal. — 2016. —P 43-46.

66. Wang., Huaqun., Debiao He., Shaohua Tang. Identity-based proxyoriented data uploading and remote data integrity checking in public cloud // IEEE Transactions on Information Forensics and Security. —2016. —P. 1165-1176.

67. Ardagna. D., Panicucci. B., Trubian. M., Zhang. L. Energy-aware autonomic resource allocation in multitier virtualized environments // IEEE Trans. Serv. Comput. —2010.42. —Vol. 5. — No. 1. —P.2-19.

68. Buyya. R., Yeo. C.S., Venugopal. S., Broberg. J., Brandic, I. Cloud computing and emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility // Gener Comput. Syst. —2009. —Vol. 25. — No. 6.—P.599-616.

69. Chawla. Y., Bhonsle. M. A study on scheduling methods in cloud computing // The International Journal of Emerging Trends and Technology in Computer Science (IJETTCS). —2012. —Vol. 1. —No. 3. —P.12-14.

70. Di Martino. B., Cretella. G., Esposito. A. Classification and positioning of cloud definitions and use case scenarios for portability and interoperability // 3rd International Conference on Future Internet of Things and Cloud (FiCloud).—2015. —P.538-544.

71. Khorshed. M.T., Ali. A.B.M.S., Wasimi. S.A. A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud

computing // Future Generation Computer Systems. —2012. —Vol. 28. —P.833-851.

72. Michael. A., Armando. F., Rean. G., Anthony. D.J., Randy. H.K., Andrew. K., Gunho. L., David. A.P., Ariel. R., Ion. S., Matei. Z. A view of cloud computing', Commun // ACM. —2010. —Vol. 53. —No. 4. —P.50-58.

73. Narale. S.A., Butey. P.K. Cloud computing techniques to meet QoS // International Journal of Advance Computational Engineering and Networking (IJACEN). —2015. —Vol. 6. —No. 5. —P.7-8.

74. Opara-Martins. J., Sahandi. R., Tian. F. Critical review of vendor lock-in and its impact on adoption of cloud computing // International Conference on Information Society (i-Society).—2014. —P.92-97.

75. Patel. R., Mer. H. A survey of various Qos-based task scheduling algorithm in cloud computing environment // International Journal of Scientific and Technology Research. —2013. —Vol. 2.—No. 11.—P.11-14.

76. Petcu. D., and Vasilakos. A.V. Portability in clouds: approaches and research opportunities // Scalable Comput Practice Experience. —2014.—Vol.15.—No.3.— P.251-270.

77. Shelke. R., Rajani. R. Dynamic resource allocation in cloud computing // International Journal of Engineering Research and Technology (IJERT). —2013. — Vol. 2. — No. 6. —P.731-737.

78. S. J. Katz., D. Linz., M. Mcilrath. Peers Predators and Porn: Predicting Parental Underestimation of Children ' s Risky Online // 5th ITC International Coneference. —2014. —Vol. 19. — P. 215-231.

79. Guozhang Jiang et al. Model knowledge matching algorithm for steelmaking casting scheduling // Int. J. Wirel. Mob. Comput. —2018. —Vol. 15. —P. 215-222.

80. Xu Binzi et al. Knowledge network model of the energy consumption in discrete manufacturing system // Modern Physics Letters. —2017.—Vol. 31. —P.1740-1750.

81. A. G. Massel., D. A. Gaskova. Ontological engineering for the development of an intelligent system for threat analysis and cybersecurity risk assessment of energy facilities // Ontology of design. —2019. —No. 2. —P. 32.

82. J. Jamaludin., Rohani J. Mohd. Cyber-Physical System (CPS): State of the Art // Proceedings of the 2018 International Conference on Computing Electronic and Electrical Engineering (ICE Cube). —2018. —P. 1-5.

83. Wu Lihong. Dameng creates innovative domestic database // Shanghai Informatization. —2013. —Vol. 07. —P. 70-71.

84. Ma Qin. Domestic database and data security industry analysis and prospect // Information Security and Communications Privacy. —2014. —Vol. 10. — P. 49-53.

85. Zeng Qingyun. Information security in e-government construction and its countermeasures // China New Telecommunications. —2016. —Vol. 18. —No. 16, —P. 106-107.

86. Jiang huilin. A preliminary study on the security of e-government construction based on domestic database // Information Technology and Network Security. —2018. —Vol. 37. —No. 09. —P. 38-41.

87. Wang Shiwei, "Further Discussion of Information Security Network Security and Cyberspace Security[J]", Journal of Library Science in China, vol. 41, no. 02, pp. 72-84, 2015.

88. P. S. Murthy., V. Nagalakshmi. Database Forensics and Security Measures to Defend from Cyber Threats // 3rd International Conference on Intelligent Sustainable Systems (ICISS). Thoothukudi, India. — 2020. —P. 1302-1307.

89. Mubina Malik., Trisha Patel. Database Security - Attacks and Control Methods // International Journal of Information Sciences and Techniques. — 2016.— Vol. 6.—P. 175-183.

90. A. Caballero. Information Security Essentials for Information Technology Managers: Protecting Mission-Critical Systems // Computer and Information Security

Handbook. Morgan Kaufmann. —2017. —P. 393-419.

91. Martin S. Olivier. On metadata context in database forensics // Digital Investigation. —2009. —Vol. 5. —P. 115-123.

92. Lawrence Suffern. A Study of Current Trends in Database Forensics // Journal of Digital Forensic Practice. —2010. —Vol. 3. —No. 2-4. —P. 67-73.

93. N. Shafqat., A. Masood. Comparative analysis of various national cyber security strategies // International Journal of Computer Science and Information Security. —2016. —Vol. 14. —No. 1. —P. 129.

94. A. Mousa., M. Karabatak., T. Mustafa. Database Security Threats and Challenges // 8th International Symposium on Digital Forensics and Security (ISDFS). —2020. Beirut. Lebanon. —P. 1-5.

95. S. Kulkarni., S. Urolagin. Review of Attacks on Databases and Database Security Techniques // International Journal of Emerging Technology and Advanced Engineering. —2012. —Vol. 2. —No. 11. —P. 2250-2459.

96. S. Imran., I. Hyder. Security Issues in Databases // Second International Conference on Future Information Technology and Management Engineering. —2019. —P. 541-545.

97. V. Pevnev., S. Kapchynskyi. Core threats and prevention in database security // Advanced Information Systems. —2018. —Vol. 2—No. 1. —P. 69-72.

98. N. A. Al-Sayid., D. Aldlaeen. Database security threats: A survey study // 5th International Conference on Computer Science and Information Technology Amman. —2103. —P. 60-64.

99. M. Murray., Coffin. Database Security: What Students Need to Know // Journal of Information Technology Education. —2010. —Vol. 9. —P. 61-77.

100. R. Agrawal., R. Srikant., Y. Xu. Database technologies for electronic commerce // Proceedings of the 28th International Conference on Very Large Databases. — Vol. 2. —P. 1055-1058.

101. §. Mariu|a. Principles of security and integrity of databases // Procedia Economics and Finance Targul din Vale Romania. —Vol. 15. —P. 401-405.