THE METHOD OF ASSESSING THE VALUE OF INFORMATION
Keywords:aging of information, the importance of information, restriction of access to information, value of information
Context. The task of assessing the value of the institution’s information as one of the objects of protection of the information security model is considered.
Objective. The goal of the work is the creation of a method of assessing the value of information, which takes into account the time of the final aging of information.
Method. The results of the analysis of methods for evaluating the value of information showed that modern approaches are conventionally divided into two directions. In the first direction, the value of information is calculated as the amount of information in bytes. In the second direction, the value of information is calculated in monetary terms. It is shown that modern approaches do not take into account the influence of time on the value of information. A method of assessing the value of information is proposed, which takes into account such characteristics as the term of final aging of information, the level of its access restriction, importance, and form of ownership. The value of information is presented as a quantitative measure that determines the degree of its usefulness for the owner. It is proposed to calculate the value of the initial value of information during its creation or acquisition by calculating the normalized weight of the coefficients according to the formula of the arithmetic mean. It was shown that the current value of information has a functional dependence on the time of existence of information and the time of its final aging.
Results. The results of the experiment confirm that the value of information has a nonlinear functional dependence on the time of final aging of information.
Conclusions. The conducted experiments confirmed the efficiency of the proposed method of evaluating the value of information and allow recommending it for use in practice to protect the institution’s information. Prospects for further research may include the creation of a methodology for assessing the value of an institution’s information, taking into account the aging of information and subsequent adjustment of measures to protect it.
Pevnev V., Tsuranov M., Zemlianko H., Amelina O. Conceptual Model of Information Security, Integrated Computer Technologies in Mechanical Engineering, 2020, Vol. № 188, pp. 158–168. DOI: 10.1007/978-3-030-667177_14.
Onyshchenko S., Yanko A., Hlushko A., Sivitska S. Conceptual Principles of Providing the Information Security of the National Economy of Ukraine in the Conditions of Digitalization, International Journal of Managemen, 2020, № 11(12), pp. 1709–1726. DOI: 10.34218/IJM.11.12.2020.157.
Hasan Shaikha, Ali Mazen, Kurnia Sherah, Thurasamy Ramayah Evaluating the cyber security readiness of organizations and its influence on performance, Journal of Information Security and Applications, 2021, Vol. 58, P. 102726. DOI:10.1016/j.jisa.2020.102726.
Palko D., Myrutenko L., Babenko T., Big-dan A. Model of Information Security Critical Incident Risk Assessment, 2020 IEEE International Conference on Problems of Infocommunications. Science and Technology (PIC S&T), 2020, pp. 157–161. DOI: 10.1109/PICST51311.2020.9468107.
Fazlida M. R., Said Jamaliah Information Security: Risk, Governance and Implementation Setback, Procedia Economics and Finance, 2015, Vol. 28, pp. 243–248. DOI: doi.org/10.1016/S2212-5671(15)01106-5.
Mirtsch Mona, Blind Knut, Koch Claudia, Dudek Gabriele Information security management in ICT and non-ICT sector companies: A preventive innovation perspective, Computers & Security, 2021, Vol. 109, P. 102383. DOI: doi.org/10.1016/j.cose.2021.102383.
Aven T. Risk assessment and risk management: Review of recent advances on their foundation, European Journal of Operational Research, 2016, Vol. 253, Issue 1, pp. 1–13. DOI: doi.org/10.1016/j.ejor.2015.12.023.
Eyvindson K., Hakanen J., Mönkkönen M., Juutinen A., Karvanen J. Value of information in multiple criteria decision making: an application to forest conservation, Stochastic Environmental Research and Risk Assessment, 2019, № 33, pp. 2007–2018. DOI: 10.1007/s00477-019-01745-4.
Zaiats V. M. and Zaiats M. M. The figurative approach to calculate the amount of information and estimates its values, Visnyk Natsionalnoho universytetu “Lvivska politekhnika”, 2017, 872, pp. 93–100. (Serie: Informatsiini systemy ta merezhi).
Zaiats V. M., Rybytska O. M., Zaiats M. M. An approach to evaluating the values and quantity of information in queueing systems based on pattern recognition and fuzzy sets theories, Kibernetika ta sistemnij analiz, 2019, Vol. 55, № 4. pp. 133–144.
Pererva P.G. Informational activity of the enterprise: management, price and marketing composition, Bulletin of the National Technical University “KhPI” (economic sciences), 2018, № 37 (1313), pp. 120–125.
Mokhor V., Davydiuk A. Approach of the information properties destruction risks assessing based on the color scale, Information Technology and Security, 2020, Volume 8, Issue 2, pp. 216–223. DOI: doi.org/10.20535/24111031.2020.8.2.222608.
Laptiev O., V. Sobchuk, A. Sobchuk, S. Laptiev, T. Laptieva Improved model of estimating economic expenditures on the information protection system in social networks, Electronic Professional Scientific Edition “Cybersecurity: Education, Science, Technique”, 2020, № 4(12), pp. 19–28. DOI: 10.28925/2663-4023.2021.12.1928.
Sawatnatee A., Prakancharoen S. Insider Threat Detection and Prevention Protocol: ITDP, International Journal of Online and Biomedical Engineering, 2021, Vol. 17, № 02, pp. 69–89. DOI: doi.org/10.3991/ijoe.v17i02.18297
Hmelevskoy R. Research on information security threat assessment of information activity objects, Modern Information Security, 2016, № 4, pp. 65–70.
Gulak G. M. Metodolohiia zakhystu informatsii. Aspekty kiberbezpeky: pidruchnyk, Kyiv, Vydavnytstvo NA SB Ukrainy, 2020, P. 256.
Korchenko O. H., Arkhypov O. Ye., Dreis Yu. O. Otsiniuvannia shkody natsionalnii bezpetsi Ukrainy u razi vytoku derzhavnoi taiemnytsi: Monohrafiia. Kyiv, Nauk.-vyd. tsentr NA SB Ukrainy, 2014, P. 332.
Horne C. A., Maynard S. B., Ahmad A. Information security strategy in organisations: review, discussion and future research, Australasian Journal of Information Systems, 2014, Vol. 21. DOI: doi.org/10.3127/ajis.v21i0.1427
How to Cite
Copyright (c) 2023 I. A. Pilkevych, T. A. Vakaliuk, O. S. Boichenko
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Creative Commons Licensing Notifications in the Copyright Notices
The journal allows the authors to hold the copyright without restrictions and to retain publishing rights without restrictions.
The journal allows readers to read, download, copy, distribute, print, search, or link to the full texts of its articles.
The journal allows to reuse and remixing of its content, in accordance with a Creative Commons license СС BY -SA.
Authors who publish with this journal agree to the following terms:
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License CC BY-SA that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.