Scientific and Technical Journal

ELECTROTECHNIC AND COMPUTER SYSTEMS

ISSN Print 2221-3937
ISSN Online 2221-3805
А DYNAMIC CLASSIFICATION MODEL FOR SECURE ACCESS CONTROL IN BUSINESS-CRITICAL SYSTEMS
Abstract:
It is proposed a dynamic classification model of software applications, that are part of business critical systems (BCS). Software applications were classified on the degree of access security.
The purpose of researches is the development of synthesis methods of access control in a business critical system based on the model of dynamic classification.
The subject of the research is the process of user access control.
Practical result of research - it is performed to identify the most critical class of software applications from the point of view of compliance with the limit values of metrics security policy priority for further reengineering role access control.
The information technology was developed, which identifies three classes of safety-critical software regarding applications access. This allows to hold the reengineering of user roles. An example of application of technology and the assessment of its effectiveness were presented.
The application of this approach in the access control to BCS has allowed: 1) to increase the effectiveness of reengineering access policies in the BCS; 2) to reduce the number of vulnerabilities and conflict situations that arise due to an incorrect determination of the level of user access; 3) to provide a decision support system that allows the decision maker, adaptively configure user access profiles for the effective control of security policies in the BCS.
Authors:
Keywords
DOI
10.15276/etks.16.92.2014.17
References
1. Smirnov N., Yadro Besopasnosti [Secu-rity Kernel], (2013), Chief Information Officer CIO.ru, No. 3. Available at: url: http: //www.osp.ru/cio/2013/03/13034655/ (accessed 22.11.2014) (In Russian).
2. Lugovskaya L.P., Skatkov I.A., and Shevchenko V.I., Dinamicheskaya klasterizat-siya informatsionnyih potokov [Dynamic Clustering of Information Flows], (2011), Journal Informatika, Elektronika, Svyas, Sevas-topol, Vol. 114, pp. 14 – 20 (In Russian), url: http://www.nbuv.gov.ua/old_jrn/natural/Vsntu/informat/2011_114/2011_114/114_03.pdf.
3. Mashchenko E.N., and. Shevchenko V.I., (2012), Issledovanie kriticheskih situatsiy v IT-infrastrukturah metodami klasternogo an-aliza [Research of Critical Situations in IT-Infrastructures of Cluster Analysis Methods], Journal Electronic and Computer Systems, Kharkov, Ukraine, Vol. 5 (57), pp. 191 – 196. url:
http://nbuv.gov.ua/j-pdf/recs_2012_5_36.pdf.
4. Mashchenko E.N., and Shevchenko V.I., Issledovanie protsessov upravleniya kachestvom IT-servisov dlya biznes-kriticheskih sistem me-todami klasternogo analiza [Research of Quality Control Processes for IT Services in Business-Critical Systems of Cluster Analysis Methods], (2013), System Analysis and Information Tech-nologies, 15-th International Conference SAIT 2013, Kiev, Ukraine, May 27-31, 2013, 301 p. (In Russian).
5. Mashchenko E.N. Model upravleniya dostupom v biznes-kriticheskoy sisteme na os-nove ispolzovaniya tehnologiy upravleniya in-formatsiey i sobyitiyami bezopasnosti i metoda agregatsii roley polzovateley. [Access Control Model in Business-Critical System Based on the use of Technology for Information Management and Security Event and Aggregation Method user Roles], (2014), Modern Problems of Ap-plied Mathematics, Computer Science, of Auto-mation and Managemen, Materials of the 4th Scientific and Technical Workshop. 23–27 Sep-tember 2014 in Sevastopol, Moscow, Russian Federation, 181 p.; pp. 94 – 100 (In Russian).
6. Bendjamin S. Duran, and Patrick L. Odell, (1974), Claster Analysis a survey. Springer-Verlag-Berlin-Heydelberg-New York. 198 p. (In English).
7. Mandel I.D., (1988), Klasternyiy Analiz, Moscow, Russian Federation, Finansyi i Statis-tic Publ., 176 p. (In Russian).
8. Ferraiolo D.F., Kuhn D.R.. (1992), Role Based Access Control, 15th National Computer Security Conference, Baltimore MD, October 1992, р. 554 – 563 (In English).
9. Sandhu R., Coyne E. J., Feinstein H. L., Youman C. E., (1996), Role-Based Access Con-trol Models. IEEE Computer (IEEE Press) vol-ume 29 Number 2, pр. 38 – 47. (In English).
10. Mashchenko E.N.,and Shevchenko V.I., (2013), Upravlenie dostupom v biznes-kriticheskoy sisteme na osnove agregatsii roley polzovateley [Access Control in the Business-Critical System Based on the Aggregation of user Roles], (2013), Materials of the Interna-tional Scientific-practical Conference “Institute of Information Technology and Information Se-curity tion in Science, Technology, and Educa-tion” Infotech 2013 September 9-13, 2013, Sevastopol, 117 p.; p. 18 – 19 (In Russian).
11. Rolik A.I., (2013), Kontseptsiya up-ravleniya korporativnoy IT-infrastrukturoy [The Concept of Management by Corporate IT Infra-structure], (2012), Journal Informatika, Elek-tronika,, Upravlenie i Vyichislitelnaya Tehnika, Kiev, Ukraine, No. 56, pp. 31– 55 (In Russian).
12. Skatkov A.V., and Shevchenko V.I., (2014), Optimizatsiya upravleniya protsessami podderzhki IT-servisov [Optimization of Man-agement Process of IT Services Support], (2014), Journal Optimization of Production Processes, Sevastopol, Vol. 15, p.p. 97 – 102 (In Russian).
13. Skatkov A.V. (ed.), (2012), Information Technology for Critical Infrastructures: mono-graph, SevNTU, Sevastopol, 306 p. (In Russian).
Published:
Last download:
2017-11-16 11:44:37

[ © KarelWintersky ] [ All articles ] [ All authors ]
[ © Odessa National Polytechnic University, 2014. Any use of information from the site is possible only under the condition that the source link! ]
Яндекс.Метрика