ChRelBAC data access control model for large-scale interactive informational-analytical systems

Autor: V. A. Vasenin, Alexander Itkes, Maxim A. Krivchikov, Evgeniya Yavtushenko
Rok vydání: 2020
Předmět:
Zdroj: Journal of Computer Virology and Hacking Techniques. 16:313-331
ISSN: 2263-8733
Popis: Information systems providing interactive access for a huge number of users worldwide are exposed to numerous security threats. One of the most significant threats to this sort of systems is the threat of unauthorized access to system resources, leading to the breach of data confidentiality (privacy), data integrity and to the denial of service. The design and implementation of models and algorithms to reduce the risks of realizing such threats and to ensure the prompt response to the incidents is an important problem. In this article we introduce the chain-relational model of access control (ChRelBAC), which was designed and implemented for a large scientometric system. We describe two software tools for supporting the model. Visualization tool presents access control rules in a user-friendly way. Verification tool for the processes of the model integration with the target information system source code identifies the entry points of the system that are not covered by the model. Finally, we discuss the problem of testing the relational model on the real data sets.
Databáze: OpenAIRE
Externí odkaz: