|
1(89) 2016 MATHEMATICS AND MECHANICS
S.A. Lapin
Comparative Analysis of Existing Access Control Models in Systems with Interchangeable Objects
The paper examines usage peculiarities of existing access control models in systems with interchangeable objects. Interchangeable objects are understood to be objects that have the same functionality but different characteristics. Such systems can be focused on performing of a set of tasks with certain specific requirements for each of tasks. A health care institution is an example of such system, where each subject of the system is a doctor providing treatment services to patients and objects with the access that requires monitoring are drugs. In order to treat the same disease, a doctor can be provided with a variety of drugs that have the same functionality, but different characteristics. Both classic access control models (HRU, RBAC) and models meant for dynamic systems (TBAC, DEBAC) are discussed. The analysis is conducted in the context of access rights redundancy, differentiation in accordance with the tasks, as well as flexibility and complexity of the security policy administration. In terms of the performed analysis the necessity to create a new mathematical access control model suited for the examined systems is proved.
DOI 10.14258/izvasu(2016)1-25
Key words: computer security, mathematical security models, access control, dynamic systems, tasks, HRU, RBAC, TBAC, DEBAC, requirements
Full text at PDF, 625Kb. Language: Russian.
|