Designing a Conceptual Model for the Information Security of the Islamic Republic of Iran's Cyberspace

Document Type : Original Article

Authors

1 Doctoral Degree in Strategic Management of Cyber ​​Space Security, National Defense University (Corresponding Author)

2 Faculty member of Shahed University

Abstract

Cyber space has been tremendously progressing and has led to various activities, such as information provision, service delivery, communications management, and social, political, cultural, and governance interactions through cybersecurity mechanisms. This space is exposed to various challenges, threats and threats such as organized crime, disruptive service attacks, spyware, sabotage, data bank destruction, privacy defects, and intellectual property rights violations. Cyber security threats by exploiting the complexity and increasing connectivity of existing systems in organizations, and in particular critical, critical, and critical infrastructure, compromise the security of the economy, safety and public health. Protecting information to create a safe, secure and resilient community of cyberattacks is essential, which requires mechanisms to preserve the confidentiality, integrity and availability of assets. Considering the emergence of the concept of information security in cyberspace and considering its impact on the national security of the country, addressing this issue and institutionalizing it is considered a necessity and priority. In this regard, in order to protect the country's information in the cyberspace, there is a need for full knowledge of this space and its threats. Accordingly, the preparation of a macroeconomic model for information security in the Islamic Republic of Iran's cyberspace would help to identify the areas needed and to take the necessary steps. Information security will be the focus of this article. In order to achieve a macroeconomic model for cyberspace security, it is necessary to examine theoretical foundations, upstream documents of the country in this area. It is also necessary to study the comparative study of country documents, which are discussed in this article and based on this. Dimensions, components, subcomponents and cyber security information indicators were measured. By summarizing the research findings (theoretical foundations, comparative studies, etc.), 8 dimensions and for each dimension, 4 components, and for each component, 3 subcomponents and 13 indicators for cybersecurity data, then a questionnaire based on the Likert scale of 5 options The expert opinion was adjusted and reviewed. By studying the methodology of similar research, modeling of structural equations by partial least squares (PLS) using SmartPLS software was selected to analyze the data. The fitting of the model, the fitting of the structural model and the general fitting of the model were calculated by fitting the analysis and fitting the model was evaluated. The results are presented in the form of final tables.

Keywords

References

  • منابع:

    • ·         قرآن کریم
    • بیانات حضرت امام خمینی (ره)
    • بیانات حضرت امام خامنه‌ای (مدظله‌العالی)
    •  ابلاغی مقام معظم رهبری، (1384)، سند چشم انداز ۲۰ ساله.
    • دفتر امور زیربنایی فناوری اطلاعات، معاونت فناوری اطلاعات، (1386)، سند راهبردی امنیت فضای تبادل اطلاعات کشور، وزارت ارتباطات و فناوری اطلاعات.
    • رامک، مهراب؛ امیرلی، حسین؛ قربانی، ولی­اله؛ حقی، مجید، (1394)، طراحی نظام دفاع سایبری مطالعه گروهی، دانشکده امنیت ملی، دانشگاه عالی دفاع ملی.
    • سازمان پدافند غیر عامل، (1389)، سیاست­های کلی نظام در پدافند غیرعامل.
    • مجلس شورای اسلامی، (1388 الف‌)، قانون انتشار و دسترسی آزاد به اطلاعات، مجلس شورای اسلامی.
    • مجلس شورای اسلامی، (1388 ب‌)، قانون جرائم رایانه‌ای.
      • A Draft Apocryphal and Anthropocentric Cyberspace،Translated from the original web page in France،alliancegeostrategique.org (2012). /2010/10/04/une-ebauche-apocryphe-etanthropocentrique-du-cyberespace
      • Abdallah، Saber. (2006). Towards a Framework for Enterprise Architecture Frameworks Comparison And Selection (Faculty of Computers and Information Cairo University(
      • Anderson، James M. (2003). Why we need a new definition of information security. Computers & Security. 22(4)، 308–313. http://www.sciencedirect.com/science/article/pii/S0167404803004073
      • Australian Government, "Australia Cyber Security Strategy", 2009
      • Bernsmed Karin و Jaatun Martin Gilje. (2011). Security SLAs for federated cloud services. در Proceedings of the 6th international conference on availability، reliability and security.
      • Clark، David. (2010). Characterizing cyberspace: past، present and future. Retrieved from: Massachusetts Institute of Technology website: http://web. mit. edu/ecir/pdf/clark-cyberspace. pdf. http://web.mit.edu/ecir/pdf/clark-cyberspace.pdf
      • Cyberinfrastructure. (2012). wikipedia. https://en.wikipedia.org/wiki/Cyberinfrastructure. Retrieved from https://en.wikipedia.org/wiki/Cyberinfrastructure
      • Copublished by the IEEE Computer and Reliability Societies March/April2015،Gaining an Edge in Cyberspace with Advanced Situational Awareness.
      • Carlisle Barracks, "U.S Army war college guide to national security issues", Volume I: Theory of war and strategy, 5th Edition, June 2012
      • DoD. (2010). Department of Defense Dictionary of Military and Associated Terms.pdf (No. Joint Publication 1-02).
      • Eastwest Institute and the Information Security Institute of Moscow State University, "Russia-U.S. Bilateral on cybersecurity - critical terminology foundations", Issue I, April 2011
      • European Network and Information Security Agency (ENISA), "National Cyber Security Strategies Practical Guide on Development and Execution", 2012
      • European Network and Information Security Agency (ENISA), "An evaluation Framework for National Cyber Security Strategies", 2014
      • Federal Ministry of the Interior, "Cyber Security Strategy for Germany", February 2011
      • Government of Canada, "Canada's Cyber Security Strategy", 2010
      • Gary Waters, Desmond Ball and Ian Dudgeon, "Australia and Cyber-warfare", The Australian National University Press, 2008
      • Heylighen. (1994). cyberspace,principia cybernetica. http://pespmc1.vub.ac.be/cybspace.html.
      • Homeland Security Enterprise Architecture. (2003). http://www.slideshare.net/Aamir97/homeland-security-enterprise-architecture.
      • ITU-T, "ITU National Cybersecurity Strategy Guide", Geneva: ITU, 2011
      • ISO/IEC 27001 Standard, "Information technology-Security techniques- Information security management systems – Requirements", 2013
      • ITU, "ITU National Cybersecurity Strategy Guide", (Geneva: ITU, 2011), http://www.itu.int/ITU-D/cyb/cybersecurity/docs/ITUNationalCybersecurityStrategyGuide.pdf
      • ITU-T X.805 Recommendation, " Security architecture for systems providing end-to-end communications", Geneva: ITU, 2003
      • k.f.rauscher & v.yaschenko. (2011). Cybersecurity Critical Terminology Foundations (p. 48). Information Security Institute MoscownState University.
      • Libicki، Martin C. (2009). Cyberdeterrence and cyberwar. Santa Monica، CA: RAND.
      • McAFEE. (2012). http://www.homelandsecuritynewswire.com/ srinfrastructure20120206-ranking-countries-cyberattack-preparedness.
      • NIST Special Publication 800-160, "Systems Security Engineering - An Integrated Approach to Building Trustworthy Resilient Systems", 2014
      • NATO Cooperative Cyber Defence Centre of Excellence, "National Cyber Security Framework Manual", 2012, PP 8-19
      • New Zealand Government, "New Zealand's Cyber Security Strategy", 2011
      • UK Cabinet Office, "The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world", November 2011
      • NATO Cooperative Cyber Defence Centre of Excellence (CCD-CoE), "National Cyber Security Framework Manual", NATO CCD-COE Publication, 2012
      • NIST, "Framework for Improving Critical Infrastructure Cybersecurity version 1.0", 2014
      • Qadir، Suhail و Quadri، S. M. K. (2016). Information Availability: An Insight into the Most Important Attribute of Information Security. Journal of Information Security.
      •  R.Ottis & P.Lorents. (2010). Cyberspace:Definition and Implications. In air force institue of technology. United States US / Dayton.
      • Strate, L. (1999). The varieties of cyberspace: Problems in definition and delimitation. Western Journal Of Communication, 63(3), 382–412. DOI: 10.1080/10570319909374648
      • UK Cabinet Office, "Cyber Security Strategy of the United Kingdom. Safety, security and resilience in cyber space", Norwich: The Stationery Office, 2009
    wikipedia. (2012). Cyberspace. https://en.wikipedia.org/wiki/Cyberspace.

National Security
Volume 9, Issue 33 - Serial Number 33
December 2019
Pages 315-353

Files

History

  • Receive Date: 30 September 2018
  • Revise Date: 16 February 2020
  • Accept Date: 11 December 2019

Share

How to cite

Statistics