تعداد نشریات | 36 |
تعداد شمارهها | 1,231 |
تعداد مقالات | 8,931 |
تعداد مشاهده مقاله | 7,697,400 |
تعداد دریافت فایل اصل مقاله | 4,588,625 |
تحلیل ساختارمند شاخص ایمنی در امنیت و پدافند سایبری سازمان های دانش بنیان کشور | ||
پدافند غیرعامل | ||
دوره 15، شماره 1 - شماره پیاپی 57، اردیبهشت 1403، صفحه 87-103 اصل مقاله (1.36 M) | ||
نوع مقاله: مقاله پژوهشی | ||
نویسندگان | ||
علیرضا علیزاده سودمند1؛ کیامرث فتحی هفشجانی* 2؛ اشرف شاه منصوری3؛ ابوذر عرب سرخی4 | ||
1دانشجوی دکتری رشته مدیریت فناوری اطلاعات، دانشگاه آزاد اسلامی، واحد تهران جنوب، تهران، ایران | ||
2استادیار گروه مدیریت فناروی اطلاعات، دانشکده مدیریت، دانشگاه ازاد اسلامی، واحد تهران جنوب، تهران، ایران | ||
3استادیار گروه مدیریت صنعتی، دانشکده مدیریت، دانشگاه ازاد اسلامی، واحد تهران جنوب، تهران، ایران | ||
4استادیار پژوهشی پژوهشکده امنیت، پژوهشگاه ارتباطات و فناوری اطلاعات، تهران، ایران | ||
تاریخ دریافت: 22 آبان 1402، تاریخ بازنگری: 17 بهمن 1402، تاریخ پذیرش: 08 بهمن 1402 | ||
چکیده | ||
گسترش حملات و انواع تهدیدات در فضای سایبری در سازمانهای دادهمحور و دانشی باعث شده، توجه به مسئله امنیت و پدافند سایبری در سازمانهای دانشبنیان بعنوان یک مسئله بسیار مهم و راهبردی مطرح گردد. این موضوع نیازمند، تبیین نقشهراهی جامع جهت دستیابی به اهداف، از طریق عملکرد بهینه، در فرآیندهای اصلی سازمان میباشد. تحقیق حاضر به تحلیل ساختارمند شاخصهای ایمنی در امنیت و پدافند سایبری سازمانهای دانشبنیان پرداخته است. پس از مشخص نمودن مولفهها و زیرمولفههای اثرگذار با استفاده از روشهای علمی (روش دلفی)، میزان اهمیت آنها توسط خبرگان مشخص گردید. مولفههای اثرگذار ترکیبی از مولفههای امنیت و پدافند سایبری میباشند. وجود انواع تهدیدات در فضای سایبری و نیز شرایط راهبردی کشور موجب شد، تا سه سازمان دانشبنیان"دانشگاه آزاد اسلامی واحد تهران جنوب، واحد علوم و تحقیقات و دانشگاه تهران که از لحاظ مسائل راهبردی و سایبری دارای اهمیت میباشند، مورد مطالعه قرار گیرند. میزان اهمیت مولفههای اثرگذار با نظرات خبرگان تعیین گردیده، میانگین هندسی بدست آمد و پس از وزندهی مولفهها تمامی مقادیر نرمالسازی شدند و با استفاده از الگوریتم تکاملی پرومیتی بعنوان یکی از روشهای نوین تصمیمگیری هوشمند، مقایسه درونگروهی، میانگروهی مولفههای صورت پذیرفت و سپس اولویتبندی براساس جنس مولفههای میانگروهی امنیت و پدافند سایبری انجام پذیرفت. سازمانها براساس اولویتبندی و میزان امتیاز رتبهبندی شده و مقرر گردید، با رعایت اصول راهبردی میزان امنیت و پدافند سایبری درونسازمانی را افزایش داده تا به حداکثر امنیت و کارایی سازمانها در حوزه پدافند سایبری دست یابند. | ||
کلیدواژهها | ||
شاخص ایمنی؛ امنیت اطلاعات؛ پدافند سایبری؛ الگوریتم تکاملی پرومیتی | ||
عنوان مقاله [English] | ||
Systematic Analysis of Safety Indicator in Security and Cyber Defense of Knowledge-Based Organizations in the Iran | ||
نویسندگان [English] | ||
alireza alizadeh soodmand1؛ Kiamarth Fathi Hafeshjani2؛ Ashraf Shah Mansouri3؛ Abuzar Arab Sorkhi4 | ||
1Department of Information Technology Management, Islamic Azad University, South Tehran Branch, Tehran, Iran | ||
2Department of Information Technology Management, Islamic Azad University, South Tehran Branch, Tehran, Iran | ||
3Department of Information Technology Management, Islamic Azad University, South Tehran Branch, Tehran, Iran | ||
4Research Assistant Professor, Security Research Institute, Communication and Information Technology Research Center, Tehran, Iran | ||
چکیده [English] | ||
The spread of attacks and various threats in the cyber space in data-oriented and knowledge-based organizations has caused attention to the issue of cyber security and defense in knowledge-based organizations as very important and strategic issue. This issue requires the explanation of comprehensive roadmap to achieve the goals through the optimal performance of the organization's main processes. The present research deals with the structured analysis of the safety index in security and cyber defense of knowledge-based organizations.After determining the sub-indicators and main influencing factors using scientific methods (Delphi method),their importance was determined by experts. Effective components are combination of security and cyber defense components.The existence of various threats and conditions in the country caused three knowledge-based organizations, "Islamic Azad University,South Tehran Branch, University Research Sciences Unit,and University of Tehran, which they are important in terms of strategic and cyber issues, to be studied. The importance of the influencing factors With the opinions of determined experts, the geometric mean was obtained, and after weighting the components, all values were normalized, using the evolutionary algorithm of Prometheus as one of the new decision-making methods,intra-group comparison of the components was carried out, and then the priority It was done based on the type of intergroup security and cyber defense components. The organizations were ranked based on priority and the amount of points and it was decided to increase the level of security and cyber defense within the organization in accordance with the strategic principles to achieve maximum security and efficiency of the system. | ||
کلیدواژهها [English] | ||
Safety Index, Information Security, Cyber Defense, Prometheus Evolutionary Algorithm | ||
مراجع | ||
[1]. United Nations Cybercrime Monitoring Center , “United Nations Cybercrime Monitoring Center report, in 2023,”. https://www.unodc.org/ [3]. Office Statistics and Information ICT Organization, “Annual Performance Report ICT Organization, Ministry ICT of Iran, 2023 [4]. Regulations on the Formation of Knowledge-Based Companies, Vice President for Science, Technology and Knowledge-Based Economy, Working Group on the Formation of KBC of Iran, 2023, https://daneshbonyan.isti.ir [5].R.U, “Regulations for the Evaluation of Knowledge-Bbased Companies,” Vice President for Science, Technology and Knowledge-Based Economy, Department of Evaluation of KBC of Iran, 2023, https://daneshbonyan.isti.ir [6]. Y. Omidi, “Effective factors in the success of commercialization of the products of internal knowledge-based companies studied in Pardis Technology Park,” master's degree (Islamic Azad University,” Science and Research Unit, Faculty of Management and Economics, Technology Management Field), pp. 32-78, 2021. (In Persian) [7]. M. Darzi ramandi, “Theoretical model of information security assessment in Iran's electronic government,” Doctoral thesis (Islamic Azad University, Science and Research Unit, Faculty of Management and Economics, Department of Information Technology Management - Smart Business), pp. 20-95, 2023. (In Persian) [8]. Kh. Razikin, B. Soewito, “Cybersecurity decision support model to design information technology security system based on risk analysis and cybersecurity framework,” Egyptian Informatics Journal 16 Marc. 2022. [9]. M.a, Chen. “Smart city and cyber-security; technologies used, leading challenges and future recommendations.” Energy Reports. 7. 10.1016/j.egyr.08.124, 2021. [10]. M. Rahimi, “Presentation of security (cyber) indicators for measuring the efficiency of the national information network,” supervisor: Mohammad Hadi Zahedi, consultant professor: Abbas Ali Rezaei, Payam Noor University, Bushehr Province, Payam Noor Center Asalouye, MA, 1.45-69, 2021.(In Persian) [11]. A.M. Mahdavi, “Compilation of information security evaluation indicators of the organization.,”Al-Zahra University (S) - Faculty of Economics and Accounting. 12-75, 2012 (In Persian) [12]. A. R. Alizadeh Soodmand, S. Najafi. “The strategic role of security in organizational information architecture. Journal of the Iranian Management Association. number 186. August and September 2016 (In Persian) [13]. S. A. Qara, “Designing the evaluation model of cultural indicators of information security with Dimtel and Vicor method,” guided by Ehsan Sadeh; former Zain al-Abidin Amini consulting. Master's degree (Islamic Azad University, Science and Research Unit, Faculty of Management and Economics, Department of Information Technology Management - Information Resource Management). 2021 (In Persian) [14]. M. Soori, “Optimizing supply chain resilience function using cyber-physical systems in automotive industry,” master's degree (Islamic Azad University, Science and Research Unit, Faculty of Management and Economics, Industrial Management - Production and Operations). 2022 (In Persian) [15]. M. Akhtari, M. A. Karamati, S. A. A. Mousavi, “Comparative comparison of cyber security and information security maturity models and statistics of common cyber security indicators,” passive defense, 13(4): 21-38. 2023. (In persian). https://pd.ihu.ac.ir/issue_2201372_2201441.html [16]. A. Noori, “Controller and viewer design in cyber-physical systems,” master's degree (Islamic Azad University. Science and Research Unit, Faculty of Mechanics, Electricity and Computers, Department of Electrical Engineering - Control); 22-88, 2022. [17]. Sh Shahrivari, “Presenting a maturity model for information security governance in supply chain management,” master's thesis, Ministry of Science, Research, and Technology, Tarbiat Modares University, Faculty of Economic Affairs. P 1-26, 2021 (In Persian) [18]. Basel Katt, m, “Use of cyber attack and defense agents in cyber ranges: A case study,” Computers & Security27 August.P 42-86, 2022 [19]. Simon Yusuf Enoch,“A practical framework for cyber defense generation,” enforcement and evaluation, Computer Networks, 17 March, 2021 [20]. A.R. Pourabrahimi, “Getting to know the principles of environmental security in the field of information and communication technology,” Islamic Azad University, Electronic Department, 23-46, 2019 (In Persian) [21]. M. R. Hafez Nia, Y. Safavi, M. Sharif; Gh.R. Jalali, “Designing a theoretical model of land preparation by applying the principles of passive defense,” Magazine: Defense Policy » Winter 2018 - Number 69 Scientific-Promotional Rating (Ministry of Science/ISC (38 pages - from 9 to 46), 2021 (In Persian) [22]. Gh. Nezami., A. Mehri,“The role of non-active defense in the security of the country,” magazine: strategic attitude » July 2017 - number 92 (26 pages - from 187 to 212). 2021 (In Persian). [23]. Passive defense organization of Iran, “The country's cyber defense strategic document,” Group: passive defense. Islamic Republic of Iran Cyber Defense Base Working Group, Issue Date: 03/21/2014 (In Persian). [24]. G. L. Stefanek, A.R. Pourabrahimi, translator,A. Toloi Ashlaqi, translator, “The best in information security,” Islamic Azad University, Electronic Unit, 18-89, 2019 [25].S.Rezvaneh, A.R. Pourabrahimi,“Security Considerations and Stability of Audio and Video Broadcasting in Cyber Space,” Year of Publication, Place of Publication: The First National Conference on Management, Ethics and Business. P. 21-49, 2018 (In Persian) [26].H. Zarin Pham, H. Golpayegani, Beheshtinia, Idris; Responsible author: Ranjbar, Iraj; “Social capital and soft threats against the Islamic Republic of Iran,” Journal: Foreign Relations » Autumn, Number 51, Rank B (Ministry of Science/ISC (32 pages - from 661 to 692), 2021 (In Persian) [27]. A. M. Nayini, “Comparative study of three threats: hard, semi-hard and soft.” Defense Strategy, 8(30), 157-177. SID. https://sid.ir/paper/194439/fa, 2021 (In Persian) [28]. A. Taghipour, A. Mashayikhi, P. Ahmadi, “Dehrshid Measuring citizens' attitudes towards security in cyberspace with passive defense approach (case study: Damghan city,” Passive Defense Quarterly; 13(4): 39-53, 2022. (In Persian) [29]. M. Afshon, A. Eidi Sheikh Rabat, “Security Threats,” (Semi-Hard, Journal: Political Research » Summer, Number 13 (35 pages - from 113 to 147), 2014 (In Persian) [30]. A. Motaghi Dastanain, “Soft threats against the national security of the Islamic Republic of Iran,” Journal: Psychological Operations Studies » Fall, Number 30 (13 pages - from 237 to 249), 2019 (In Persian) [31]. A.a. Jaafari,M. Nikrosh, “Soft war in the context of cyber threats and security solutions,” Journal: Psychological Operations Studies » Winter and Spring 2011 and 2012 - Number 35 (20 pages - from 28 to 47), 2012 (In Persian) [32].F. Kalantari, A.Eftekhari, “Examining and explaining the "threat versus threat" strategy in the defense policy of the Islamic Republic of Iran.” Defense Policy, 22(4 (ser. 88)), 63-90. SID. https://sid.ir/paper/261059/fa, 2014 (In Persian) [33]. A.R. Pourabrahimi, D. Safarnejad, H.R. Kashif, “Cyber defense strategies of the Islamic Republic of Iran against the threats of psychological warfare,” publication: National Security Quarterly No. 22, Volume 6, 2016 (In Persian) [34]. L.Abualigah, S. A. Diabat, Mirjalili, M. Abd Elaziz, A. H Gandomi, “The arithmetic optimization algorithm,” Computer methods in applied mechanics and engineering, 376, 113609, 2021 (In Persian) [35]. A. Rajabi Mushtaghi, H. Hojjat, A. Toloui Ashlaghi, M. R, Modir, "Comparison and ranking of meta-heuristic algorithms using group decision-making methods", Strategic Management Quarterly in Industrial Systems (formerly Industrial Management), 16(58), pp. 65-79. doi: 10.30495/imj.2022.688625, 2021 (In Persian) [36]. AF Psaros, X Meng, Z Zou, L Guo, “Uncertainty quantification in scientific machine learning: Methods, metrics, and comparisons,” Journal of Computational Physics, Elsevier, https://doi.org/10.1016/j.jcp.111902. 2023 | ||
آمار تعداد مشاهده مقاله: 12,251 تعداد دریافت فایل اصل مقاله: 5,651 |