Maqola

DECISION-ORIENTED AUDITING OF ENCRYPTION AND KEY MANAGEMENT POLICIES BASED ON CONSISTENCY, STABILITY, AND RISK METRICS

J. R BaratovDepartment of Computer Science and Programming , Jizzakh Branch , National University of Uzbekistan , Jizzakh , UzbekistanA. N UlashevDepartment of Computer Science and Programming , Jizzakh Branch , National University of Uzbekistan , Jizzakh , UzbekistanT. T AynakulovDepartment of Computer Science and Programming , Jizzakh Branch , National University of Uzbekistan , Jizzakh , Uzbekistan

Advanced Computing An International Journaljournal2026

ABI

Annotatsiya

Auditing encryption and key management policies in modern web and server systems is complicated by architectural complexity and continuous configuration change. Existing approaches largely rely on static compliance checks or isolated metrics, providing limited support for actionable decision-making. This paper proposes a decision-oriented framework that bridges metric-based auditing and practical security governance. The framework relies on system-level abstractions of policy requirements and enforcement evidence, and maps consistency, conflict, stability, and risk metrics to discrete decision outcomes. A bounded and non-intrusive satisfaction function supports partial compliance, heterogeneous evidence, and conservative handling of missing data without accessing cryptographic key material. In addition, a riskaware remediation prioritization algorithm ranks policy requirements by urgency and architectural impact. Scenario-based evaluation demonstrates improved interpretability of audit results and supports proactive, risk-aware remediation planning.

Mavzular

Information and Cyber Security Access Control and Trust Security and Verification in Computing

Identifikatorlar

DOI: 10.5121/acij.2026.17103

Iqtiboslar va manbalar

0 ta iqtibos0 ta foydalanilgan manba

Koʻrsatkichlar — AkademScholar · Tez orada