Abstract

The Part I of the thesis describes security problems in today’s information systems. They are numerous because today’s information systems were not built with security requirements from the beginning. There are also many protection tools, which are designed to protect more or less efficiently information systems from malicious activities. However, even the best protection systems have their vulnerabilities.

The security weaknesses include the very basics of today’s computing and network systems, such as binary logic and von Neumann’s architecture. The universality of von Neumann’s architecture, which is very convenient from the user’s point of view, is inconvenient regarding security requirements. It is important to stress that anything, which can be programmed, may be programmed to perform malicious activities in the system and it is very difficult to discern such an attempt from the “normal” activities before some damage is done.

Binary logic is a basic of today’s computing, i.e. everything is performed through the sequences of zeros and ones. While it makes computing easy, it is an obstacle considering security requirements for exact pattern recognition. Although there are the methods to circumvent this inconvenient bound, it still remains the problem, which can be solved in satisfactory way by changing the binary logic to multivalued logic.

Having in mind these two major obstacles to information systems security, in the Part II of the thesis some other possibilities in the logic and architecture are offered so to have security requirements built from the start in information systems.

The Part II describes the ways on how to build secure information systems. The suggested basis of the secure information system is an intelligent security system. The term "intelligent" in the name of this security system does not indicate that the other security systems are non-intelligently constructed or designed. It simply means that this security system should have some intelligent capabilities such as the ability to learn or understand from experience, the ability to acquire and retain knowledge, the ability to respond quickly and successfully to a new situation, the ability to make proper decisions, etc.

The main goal of so proposed intelligent security system is to emulate an intelligent reaction to any suspicious action, which might occur in the information system. For that purpose the prototype with working name Nisan was developed and it is presented in detail in this thesis. It was shown that realization of theoretical concept is possible and that it gives satisfying results, even in this early phase of development.

It is shown that this intelligent system can be implemented in various kinds of current and future architectures considering corresponding advantages and constraints. It is supposed that realization of such an intelligent security system in any kind of information structures would be great advantage in the security of information systems.

 

1