Open AccessVERBAL MODEL OF MANAGEMENT OF A VULNERABLE PROCESS OF DEDICATING THE ACCESS OF USERS TO THE SOFTWARE OF THE ELECTRONIC DOCUMENT SYSTEM
Author(s) -
V. P. Alferov,
I. G. Drovnikova,
L. Obukhova,
Е. А. Рогозин
Publication year - 2019
Publication title -
vestnik dagestanskogo gosudarstvennogo tehničeskogo universiteta. tehničeskie nauki
Language(s) - English
Resource type - Journals
eISSN - 2542-095X
pISSN - 2073-6185
DOI - 10.21822/2073-6185-2019-46-2-37-49
Subject(s) - computer science , access control , password , process (computing) , computer security , authentication (law) , system administrator , software , document management system , software engineering , database , operating system
Objectives Traditional methods for solving the problem of protecting the information resource of electronic document management systems based on protective basic functions (identification, authentication and verification of users, etc.) of available tools and information security subsystems have a significant drawback - inefficiency when an attacker masters the password of regular users. In order to eliminate it, it is necessary to develop new methods related to managing the weakly vulnerable process of delimiting user access not only to confidential information, but also to the software of the electronic document management system. Method One way to solve this problem is to use the modified “soft administration” method, which consists in automatically generating lists of allowed source files in the authorization matrix by reducing the lists and comparing file integrity functions with a reference list for an existing software package. This allows you to automate the process of developing access control rules and provide management of the weakly vulnerable process of access control to software tools of the electronic document management system. Result A verbal model is developed for automated control of a weakly vulnerable process of differentiating access to software tools of an electronic document management system, and a system of performance indicators for the functioning of a promising subsystem for protecting confidential information characterizing it as a control object is proposed. Conclusion The presented verbal model provides for the possibility of distributed control, in which the security administrator directly controls the specified process using a remote software tool. The formation (change) of the authority establishment matrix for managing a weakly vulnerable process of access control using a promising subsystem for protecting confidential information and the development of a system of indicators to comprehensively evaluate the effectiveness of its functioning is one of the most important tasks of protecting information from unauthorized access, guaranteeing the implementation of a security policy throughout the entire operation period secure electronic document management system.