•  
  •  
 

Bulletin of TUIT: Management and Communication Technologies

Abstract

This article is devoted to the presentation of the threat state model of access control, which allows calculating the probabilities of the impact of threats on the access control system and the probability of opening this system based on taking into account the generalized algorithm for the implementation of external threats, and determines the need to develop additional components of the access control system designed to identify and classify attacks.

References

[1] Samarati, P.; de Vimercati, S.C. Access control: Policies, models, and mechanisms. In Proceedings of the International School on Foundations of Security Analysis and Design, Bertinoro, Italy, 18–30 September 2000; pp. 137–196.

[2] Cheminod, M.; Durante, L.; Seno, L.; Valenza, F.; Valenzano, A. A comprehensive approach to the automatic refinement and verification of access control policies. Comput. Secur. 2018. [CrossRef]

[3] Verma, D.C. Simplifying network administration using policy-based management. IEEE Netw. 2002, 16, 20–26. [CrossRef]

[4] Sandhu, R.; Munawer, Q. How to do discretionary access control using roles. In Proceedings of the Third ACM Workshop on Role-Based Access Control, Fairfax, VA, USA, 22–23 October 1998; pp. 47–54.

[5] Li, N. Discretionary access control. In Encyclopedia of Cryptography and Security; Springer: Berlin, Germany, 2011; pp. 353–356.

[6] Jueneman, R.R. Integrity controls for military and commercial applications. In Proceedings of the Fourth Aerospace Computer Security Applications, Orlando, FL, USA, 12–16 September 1988; pp. 298–322.

[7] Barabanov А.V., Dorofeev А.V., Markov А.S., Sirlov V.L. Sem bezopasnix informatsionnix texnologiy/M.:DMK Press, 2017- s 224. 158-160 s.

[8] Gaydamakin H.A. Razgranichenie dostupa k informatsii v kompyuternix sistemax. Izd-vo Uralskogo un-ta, 2003.- s.328.

[9] Gujva D.Yu. Teoriya i praktika neyrosetevogo upravleniya zashitoy informatsii v infotelekommunikatsionnix sistemax. Monografiya-M: Izdatelstvo VА RVSN im. Petra Velikogo, 2008.- 239 s.

[10] Zhu, Y.; Huang, D.; Hu, C.-J.; Wang, X. From RBAC to ABAC: Constructing flexible data access control for cloud storage services. IEEE Trans. Serv. Comput. 2015, 8, 601–616. [CrossRef]

[11] Batra, G.; Atluri, V.; Vaidya, J.; Sural, S. Enabling the Deployment of ABAC Policies in RBAC Systems. In Proceedings of the 32nd IFIP Annual Conference on Data and Applications Security and Privacy, Bergamo, Italy, 16–18 July 2018; pp. 51–68.

[12] Alam, M.; Emmanuel, N.; Khan, T.; Xiang, Y.; Hassan, H. Garbled role-based access control in the cloud. J. Ambient Intell. Humaniz. Comput. 2018, 9, 1153–1166. [CrossRef]

[13] Аlguliev R.M., Ragimov E.R. Ob odnom metode otsenki informatsionnoy bezopasnosti korporativnix setey v stadii ix proektirovaniya//Informatsionnыe texnologii. 2005 - №7.

[14] Irgasheva D.Y., Rustamova, S.R. Development of Role Model for Computer System Security //International Conference on Information Science and Communications Technologies: Applications, Trends and Opportunities, ICISCT 2019, 2019, 9012058.

[15] Barkley, J. Comparing simple role based access control models and access control lists. In Proceedings of the second ACM workshop on Role-Based Access Control, Fairfax, VA, USA, 6–7 November 1997; pp. 127–132.

[16] Sandhu, R.S.; Coyne, E.J.; Feinstein, H.L.; Youman, C.E. Role-based access control models. Computer 1996, 29, 38–47. [CrossRef]

[17] Incits, A. Incits 359-2004. Role-based access control. Am. Natl. Stand. Inf. Technol 2004, 359, 2–10.

[18] Devyanin, P. N. Аnaliz bezopasnosti upravleniya dostupom i informatsionnimi potokami v kompyuternix sistemax [Tekst]:Ucheb. posobie dlya vuzov/P. N. Devyanin. – M.: Radio i svyaz, 2006. – 176 s.

[19] Teoreticheskie osnovi kompyuternoy bezopasnosti [Tekst]: Ucheb. posobie dlya vuzov/P. N. Devyanin, O. O. Mixalskiy, D. I. Pravikov, А. Yu. Sherbakov.–M.:Radio i svyaz, 2000. – 192 s.

[20] Ganiev, S.K., Irgasheva D.Y. About of One Methods Synthesis the Structural Protected Computer Network//International Conference on Information Science and Communications Technologies: Applications, Trends and Opportunities, ICISCT 2019, 2019, 9011891.

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.