Increasing the energy efficiency of electronic document management systems

This paper proposes a comprehensive set of characteristics of integrated security systems of electronic document management. We give a classification description and data analysis for modeling decision-making processes in integrated security systems by the example of responding to the threats of information leakage through parametric channels. The optimal set of measures to respond to an attacker’s operations of illegal interception of information via parametric channels by using the appropriate modes of operation of the TCP protocol, which reduces the decision-making time, optimizes the performance of the system as a whole and significantly contributes to the optimization of its energy efficiency is given.


Introduction
Electronic document management systems in today's realities, including pandemic and remote access to information resources are among the most demanded and critical in terms of security integrated security systems (ISS). This article proposes a comprehensive set of characteristics of such ISB, which allows to conduct research on the degree of protection of such systems from external and internal threats from the perspective of system analysis and to model their functioning in different conditions. Let us define a set of mathematical models to assess the characteristics of the effectiveness of response measures to threats of information leakage through parametric channels [1][2][3][4].

Materials and methods
In accordance with the compositional nature of the procedure for forming a system of characteristics of the effectiveness of response measures to threats of information leakage through parametric channels, the input data for mathematical models of characteristics of the second level of the hierarchy of such a system are the values of the characteristics of the first (lower) level: -set {(oijk)} of temporal characteristics of operations of illegal actions for interception of information via parametric channels; -set {(vijk)} of temporal characteristics of the functions for detecting signs of illegal actions of an intruder to intercept information via parametric channels; The characteristics {(oijk)} and {(vijk)} are set empirically and are random variables [8][9][10].
Characteristics of the second level of the system of characteristics of the effectiveness of response measures to threats of information leakage through parametric channels are evaluated by the following sets of models: -a set of models {M( (pjk))} to estimate the average values of the implementation times of the TCP modes during illegal actions for interception of information via parametric channels; -a set of models {M( (yjk))} to estimate the average values of time to establish the facts of the implementation of certain modes of TCP during illegal actions for interception of information via parametric channels.
Characteristics of the third level of the system of characteristics of the effectiveness of response measures to threats of information leakage through parametric channels are evaluated by the following sets of models: -a set of models {M(  (ek))} to estimate the average values of time of implementation by an attacker of individual stages of illegal actions to intercept information via parametric channels; -a set of models {M( (ek))} to estimate the average response time to the actions of the attacker during the implementation of individual stages of illegal actions to intercept information via parametric channels; -set of models {M(P(p)k)} to estimate the probabilities of timely response to the actions of the attacker when he implements the individual stages of illegal actions to intercept information via parametric channels.
Assessment of the characteristic of the fourth level -system indicator R of timeliness of response to threats of information leakage through parametric channels is carried out under the assumption of independence of events related to timely response to actions of intruder during implementation by him of separate stages of illegal actions of information interception through parametric channels.
Temporal characteristics of the intruder's ability to implement modes of operation of the TCR in the process of illegal actions for interception of information via parametric channels are formed at the second composite level of the system of characteristics of effectiveness of response measures to this kind of threats to information security [11,12]. The formation procedure is based on the establishment of interlevel composite links of these characteristics with the characteristics of the initial (first) level of this system. The content of these links, and, consequently, the type of mathematical models of characteristics of this level is determined by the relevant functional models of illegal actions to intercept information via parametric channels. Typical formats of formed analytical dependencies are presented in [8][9][10].
The following expressions (1) -(15) are mathematical models for estimation of average values of time of realization of operation modes of TCP during illegal actions on interception of information via parametric channels. In accordance with the order of operations, given in [1,4], performed by an intruder in the process of configuration of AP equipment through the channels of acousto-electrical transformations, HF irradiation, parasitic (auto) generation and HF imposition, the average value  (p11) of the random value of time, spent by an intruder on the realization of this mode of TCR operation is determined in accordance with the expression: where 113, 114, 116 and 117 are the probabilities of performing operations o113, o114, o116 and o117 by the intruder in the process of illegal actions, respectively,  (o111),  (o112),  (o114),  (o116) and  (o117) are the mean values of random values of time spent by the attacker to perform operations o111, o112, o114, o116, and o117, respectively, and E( (o113)• (o115)) means the mean value of the composition of the random variables (o113) and (o115) of the time the attacker performed operations o113 and o115, respectively. The order in which an intruder performs operations in the process of locating sources of informative acoustic signals of the reconnaissance object allows to form an expression to determine the average value  (p12) of the random value of time spent by the intruder on the implementation of this mode of operation: where 123, 124, 125 and 126 are the probabilities of performing operations o123, o124, o125 the average random values of time spent by the intruder to perform operations o121, o122, o123, o124, o125 and o126, respectively. According to the order in which the intruder performs operations in the process of calculating the availability zones of informative acoustic signals of the reconnaissance object, the average value  (p13) of the random value of the time spent by the intruder on the implementation of this mode of operation of the transmission control protocol (TCP), is determined according to the expression: where 131, 132, 133 and 134 are the probabilities of performing operations o131, o132, o133 and o134 by the intruder in the process of illegal actions, respectively,  (o131),  (o132),  (o133) and  (o134) are the mean values of random values of time spent by the attacker to perform operations o131, o132, o133, and o134, respectively, and E( (o135) • ( (o136) • ( (o137)) means the mean of the composition of the random variables (o135), (o136) and (o137) of the time the attacker performed operations o135, o136 and o137, respectively. The given order of operations performed by an intruder in the process of determining the places of optimal availability of informative acoustic signals of the reconnaissance object allows us to form an expression for the average value  (p14) of the random value of time spent by an intruder on the implementation of this mode of TCS operation, in the form: where E( (o141)• (o142)) means the mean value of the composite of the random variables (o141) and (o142) of the time the attacker performed operations o141 and o142, respectively.
In accordance with the given order of operations performed by an intruder in the process of interception of electrical signals modulated by informative acoustic signals with the help of AR conducting equipment through the channel of acousto-electrical transformations, the average value  (p21) of the random value of time spent by an intruder on the implementation of this mode of TCR operation, is determined in accordance with the expression: where E( (o211)• (o212)) means the mean value of the composite of the random variables (o211) and (o212) of the time the attacker performed operations o211 and o212, respectively.
The given order of operations performed by an intruder in the process of increasing the intelligibility of intercepted informative acoustic signals by special software (hardwaresoftware) methods allows us to form an expression for the average value  (p22) of the random value of time spent by an intruder on the implementation of this mode of TCS operation, as follows: where E( (o221)• (o222)• (o223)) means the mean value of the composite of the random variables (o221), (o222), and (o223) of the time the attacker performed operations o221, o222, and o223, respectively.
In accordance with the given order of operations performed by an intruder in the process of interception of over-repeated high-frequency (HF)-signals, modulated by informative acoustic signals in auxiliary technical means and systems (ATSS) of reconnaissance object by means of acoustic reconnaissance (AR) equipment via HF-irradiation channel, the average value  (p31) of random value of time, spent by an intruder on implementation of this mode of operation of ATSS, is determined according to the expression: where E( (o311)• (o312)) means the mean value of the composite of the random variables (o311) and (o312) of the time the attacker performed operations o311 and o312, respectively.
The given order of operations performed by an intruder in the process of increasing the intelligibility of intercepted informative acoustic signals by special hardware-software methods allows us to form an expression for the average value  (p32) of the random value of time spent by an intruder on the implementation of this mode of TCR operation, as follows: where E( (o321)• (o322)• (o323)) means the mean value of the composite of the random variables (o321), (o322), and (o323) of the time the attacker performed operations o321, o322, and o323, respectively.
In accordance with the given order of operations performed by an intruder in the process of intercepting of re-transmitted HF signals, modulated by informative acoustic signals in VTSI of intelligence object by means of AR conducting equipment via HF-irradiation channel, the average value  (p41) of random value of time spent by an intruder on realization of this mode of TCR operation is determined according to the expression: where E( (o411)• (o412)• (o413)) means the mean value of the composite of the random variables (o411), (o412), and (o413) of the time the attacker performed operations o411, o412, and o413, respectively.
The given order of operations performed by an intruder in the process of increasing the intelligibility of intercepted informative acoustic signals by special software (hardware-software) methods allows us to form an expression for the average value  (p42) of the random value of time spent by an intruder on the implementation of this mode of TCR, in the form: where E( (o421)• (o422)• (o423)) means the mean value of the composite of the random variables (o421), (o422), and (o423) of the time the attacker performed operations o421, o422, and o423, respectively.
According to the given order of operations performed by an intruder during interception of high-frequency electromagnetic signals arising during operation of generators included in the technical means and (or) parasitic (auto) generation in technical means of the intelligence object by means of AR conducting equipment via parasitic (auto) generation channel, the average value  (p51) of random value of time spent by an intruder on realization of this mode of TCR operation, is determined according to the expression: where E( (o511)• (o512)) means the mean value of the composite of the random variables (o511) and (o512) of the time the attacker performed operations o511 and o512, respectively.
The given order of operations performed by an intruder in the process of increasing the intelligibility of intercepted informative acoustic signals by special software (hardwaresoftware) methods allows us to form an expression for the average value  (p52) of the random value of time spent by an intruder on the implementation of this mode of TCS operation, as follows: where E( (o521)• (o522)• (o523)) means the mean value of the composite of the random variables (o521), (o522), and (o523) of the time the attacker performed operations o521, o522, and o523, respectively.
In accordance with the given order of operations performed by an intruder during the conversion of data intercepted through the channels of acousto-electrical transformations, RF irradiation, parasitic (auto) generation and RF imposition, the average value  (p61) of the random value of time spent by the intruder on the implementation of this mode of TCR operation, is determined according to the expression: where E( (o611)• (o612)) means the mean value of the composite of the random variables (o611) and (o612) of the time the attacker performed operations o611 and o612, respectively.
The given order of operations performed by an intruder during the search of information of interest allows us to form an expression to determine the average value  (p62) of the random value of time spent by an intruder on the implementation of this mode of TCR operation, in the form of: where E( (o621)• (o622)• (o623)) means the mean value of the composite of the random variables (o621), (o622), and (o623) of the time the attacker performed operations o621, o622, and o623, respectively.
In accordance with the given order of operations performed by an intruder during the analysis of sufficiency of information intercepted through the channels of acousto-electrical transformations, RF irradiation, parasitic (auto) generation and RF imposition for disclosure of information process content, the average value  (p63) of the random value of time spent by an intruder on implementation of this mode of TCR operation is determined according to the expression: where E( (o631)• (o632)) means the mean value of the composite of the random variables (o631) and (o632) of the time the attacker performed operations o631 and o632, respectively.
Time characteristics of intruder's capabilities to implement the stages of illegal actions to intercept information via parametric channels are formed on the third composite level of the system of characteristics of effectiveness of response measures to this kind of threats to information security. The formation procedure is based on the establishment of interlevel compositional links of these characteristics with the characteristics of the second level of this system.

Results and discussion
These studies are a continuation of the comprehensive experiment described in papers [1][2][3][4]. Assessment of the effectiveness of mechanisms for detecting threats to information leakage through parametric channels, in accordance with the above methodology, we will consider in relation to the typical characteristics of illegal actions to intercept information through the channels of the type under consideration and the typical characteristics of mechanisms for detecting threats to information leakage.
In order to implement this methodology, a set of programs to assess the effectiveness of mechanisms to identify threats to information leakage through parametric channels was developed. Figure 1 shows a dialog box to enter the initial data on the characteristics of threats in accordance with their representation in the form (22), obtained by analyzing the signs of illegal actions ri, i = 1, 2, ..., 19 of their set) [5].
where: a -number of unique (non-repeating) actions performed to implement threats to information leakage through parametric channels (procedures for detecting such threats); Atotal number of actions performed to implement such threats (procedures for detecting such threats); b -number of unique operands used to implement such actions (procedures); Btotal number of operands used to implement threats to information leakage through parametric channels (procedures for detecting such threats). The numerical characteristics of the calculations of the signs of illegal actions are shown in Figure 1. In this case, the column "Identifier/IND" corresponds to the identifiers and names of the functions of the initial level of description of the threats of information leakage through parametric channels, the columns " ", "Аmin", "Аmax", " ", "Bmin", "Bmax" correspond to the parameters of expression (16).
The values in the columns "Vmin", "Vmax", "Vsr", "Vsko" correspond to the minimum, maximum, average values of the information volume of functions and its standard deviation, respectively. These values are determined in the process of the program complex operation.
On the basis of these initial data in accordance with the models presented in the paper, we obtain the values of information volume of functions of the third intermediate level of functional description of illegal actions to intercept information via parametric channels.

Conclusions
Obtained in the experiment, the values of the characteristics of the information volume of the target function of illegal actions to intercept the secondary HF radiation of the elements of radio-electronic equipment (REE) and semi-active pawning devices (SAPD) and the target function of detecting threats of information leakage through parametric channels can determine the effectiveness of mechanisms to detect threats to information leakage through parametric channels, that is, the effectiveness has increased to 78%:  Thus, the method of structuring the characteristics of mechanisms for detecting threats to information leakage through parametric channels presented in the work allows to provide significantly higher assessment reliability than the reliability of assessment by individual characteristics of mechanisms for detecting threats that are not connected in any system. The models considered in this paper are a methodological basis for synthesizing the procedure for assessing the effectiveness of mechanisms for detecting threats to information leakage via IND parametric channels. The application of the evaluation of the effectiveness of mechanisms for detecting threats to information leakage through parametric channels developed in the article allows us to provide a more reliable assessment than traditional methods of assessment [6][7][8][9][10].
Thus, the article considers the optimal set of measures to respond to an attacker's operations of illegal interception of information via parametric channels when using the appropriate modes of operation of the TCP protocol, which reduces decision-making time, optimizes the system as a whole and significantly contributes to the optimization of its energy efficiency.