سیستم متخصص حسابرسی ارزیابی امنیت ارتباطات

The main goal of the research consists in the elaboration of a system concerning the investigation of security communication, which regards a set of security factors, such as: the degree of encryption, the freshness of nonces, intruder activation, the lifetime of keys, secrets, etc. This paper is devoted to the presentation of systematization formalisms describing the functioning of a security model. In our variant, we investigate the changes of all chosen factors (security attributes) during the realization of protocol operations. The security attributes should be systematically corrected in this process. It changes the general security level of communication. The audit system strategy leads us to one of the most noticeable security in fluence characteristics that refer to time parameters. We can introduce the notation concerning the lifetime of elements (key, message, nonces, secret, etc.). When the value of time activity of an element exceeds its lifetime, then the communication security is definitely threatened. By using special rules presented in the works of Burrows, and Needham2, among other authors, and by creating additional logic formulas, we can estimate intermediate security probability parameters. Finally, we propose a certain kind of probability time automata in order to investigate and predicate different types of communication threats. These automata are built on the basis of a colored Petri net. In addition, this investigation consists in checking communication security (or a kind of threats) and making a threat prediction about possible cases that are connected with losing information. We also included in the model a procedure of security modification with respect to time (the activity of some parameters depends on time). We define the finite set of states by using the LU - technique (interval attribute activity) of a date notation. The proposed system resolves security problem in more comprehensive (multifaceted) way. Ingredient security factors can be grouped in different combinations. This approach increased the range of investigated threaten structures to even unknown hacker algorithm inventions.