Uses of Mathematical Models in Cybersecurity and Information Security

Mathematical Model and Risk Management
Student’s Name
Institutional Affiliation
Mathematical Models and Risk Management
The advent of excessive usage of the internet and network technology in the past two decades has significantly improved the manner in which data and information are transferred and exchanged. Particularly, the ever-growing internet technology has offered numerous functionalities and facilities in the field of information technology. However, the advancement of the internet and network technologies have come with their fair share of challenges in terms of a suitable cyber defence system required to protect the valuable data and information stored on systems. The problem of cyber-attacks have become a menace today. Understanding the source and behaviours of the malicious attacks is necessary to overcome the problem. Therefore, mathematical modelling plays important roles in fixing the possible parameters of the malicious objects. Particularly, the function of mathematical models is to help in designing the cybersecurity systems as they reveal how systems threats propagates in the internet. Cyber threats emanate from various malicious objects such as worm, virus, Trojan horse, spam and certain harmful technologies like rootkits, bots, phishing and instant messaging. Moreover, models of information security typical refer to highly tractable and predictive mathematical models that provides abstract description of a system. Many of the existing models are designed to focus on flows of information in a system. Then, this paper discusses the application of mathematical models in cybersecurity and information security, and implementation of specific models in information security.
Uses of Mathematical Models in Cybersecurity.
The primary function of mathematical models is to provide theoretical description of a more complex reality. In others others words, the models simplifies the real artifacts to make them comprehensible and open analysis (Rasheed, 2014). A model provides protection to a system by keeping up confidential and prevent an unauthorized change to confidential data and information. Models are also used to determine the most appropriate conditions one can prove some types of systems are insecure (Rasheed, 2014). Also, other type of models are implemented to define how the computer system applies control.
Models can be designed as prediction models to predict impending attacks by using statistical techniques. The prediction model employs the concepts of probability and simulation. The model can be simulated to generate to predict it possible malicious objects and suggesting midcourse corrections. Through what-if analyses, the analysts can record the instances of threats and decode on the best option solution (Roy, Sarkar, Ganesan, & Goel, 2015). The model has been effective especially after the recent growing demand on market of both legal and illegal for information on computer system vulnerabilities. The continuous growth of market increases the probability of cyber-attacks targeting valuable information. Essentially, random scanning algorithm are developed to forecast the location of future crimes based on the activities of repeated offenders using the existing data in their past crimes (Roy, Sarkar, Ganesan, & Goel, 2015).
In addition, Generative math models are used to interpret statistical patterns from either an insurgent, terrorist, and cyber-attacks across different geographic settings including the cyberspace. The math modelling and statistical analysis draw on approaches that can be interpreted into a meaningful information. The timing and frequency of cyber-attacks are essential is important in determining the possible attacks and the increasing rates of the imminent attacks. The models have helped in solving the problem of using conventional models that relied analyzing temporal statistical activity on social network only. Math models now are majorly interested in missing data problems in case of withheld information to infer from the surrounding.
Implementation of Mathematical Model in Information Security
Access-control matrix model (ACM)
It is considered as the simplest in computer security. It is developed in form of a matrix where the row and columns contains the subjects and objects respectively. The rows are called capability lists whereas the columns are called access control list. Essentially, every entry in the matrix are made up with sets of rights of the subjects in the rows over the entities in the columns. The subject access rights in access control are in the form of read, write, and executes commands (Nanavati, Colp, Aiello, & Warfield, 2014). The capability lists are linked to the subjects and defines the specific functions to perform on each objects. On the other hand, the access control lists are linked with the object and defines the distinct functions to perform on specific subjects.
The primary purpose of an access-control matrix is to protect the state of a system. Although, the systems’ protective status is always dynamic, and the components of the access-control matrix must adjust to to match this evolutions.
Typed Access Control Model (TAM)
It adds types to the components of access control matrix additional variant. TAM connects with the entities of ACM to change the commands for matrix modification accordingly. TAM represents the distribution of rights in the system with the aid of access matrix. The concepts enables the entities to be regroup into finer categories that are more complex than mere subject and object. In TAM, the rubrics display are not clear since none of either an entity of E or or any its prints can develop a new entity in the form of E. TAM has a direct application to systems and environments and focus on more complex tasks of securing the systems.
Mandatory Access Control Model (MAC)
As the name suggests, mandatory access control model employs methods that rule based. Users have no mandate over MAC as only the system security officer have the right to alter them. Big enterprises and state institutions employs this methods in many of their systems. Accessing a data or information from a back or a lower segment of the segment’s access is prohibited even if access permission is granted. In addition, the rules determines the access decision on attributes of the objects and subjects from ACM and TAM.
Discretionary Access Control Model (DAC)
DAC refers to an information security tool that can either grant or deny a subject to access through through access policies that are determined based on objects and subjects owner group. DAC technique rely on users’ identification by prompting credentials such as username and passwords to control the systems. DAC are not rule based or mandatory since the subject and transfer authenticated objects or information access to authorized personnel.
Role-Based Access Control Model (RBAC)
An access control model that takes a real life approach to determine users’ access based on their specialize...