Object

Title: Concept of Joint Functioning of Access Control Systems, Journal of Telecommunications and Information Technology, 2023, nr 1

Group publication title:

2023, nr 1, JTIT-artykuły

Description:

Modern integrated information and telecommunication systems are upgraded on a continuous basis. Such systems contain both new and old components. The approaches to developing individual components of access control systems are different in the majority of cases. As a rule, modernization of outdated but efficient systems that have been operating without any failures for long periods of time is economically unfeasible. Such an approach requires that different subsystems function based on shared data. This necessitates the coordination of various access control systems in order to ensure proper information security levels. This article examines how joint functioning of various versions of access control systems deployed in IT and telecommunication spheres may be achieved at the stage of their modernization. Potential ways in which information flows may bypass the security policies of one of the access control systems concerned are determined. The authors discuss traditional access control models. For role-based and thematic access control models, specific hypotheses are formulated to comply with security policies when different versions of access control systems work together. The structure of the model assuming that different versions of access control systems operate jointly has been developed. Based on the model, the necessary and sufficient conditions are determined under which unauthorized information flows are prevented. The security theorem for the joint functioning of different versions of access control systems is presented and proved. The results of the study showed that the methodological basis for coordinating access control models applicable to information and telecommunication systems undergoing modernization consists in observing, separately, the equality of information flows between shared objects in each of the versions of the access control systems. The approaches developed in this article can be extended to combined access control systems.

Publisher:

Instytut Łączności - Państwowy Instytut Badawczy

Format:

application/pdf

Resource Identifier:

oai:bc.itl.waw.pl:2265 ; ISSN 1509-4553, on-line: ISSN 1899-8852

DOI:

10.26636/jtit.2023.164322

eISSN:

1899-8852

Source:

Journal of Telecommunications and Information Technology

Language:

ang

Rights Management:

Biblioteka Naukowa Instytutu Łączności

Object collections:

Last modified:

Jun 6, 2024

In our library since:

Apr 27, 2023

Number of object content hits:

17

All available object's versions:

https://bc.itl.waw.pl/publication/2575

Show description in RDF format:

RDF

Show description in OAI-PMH format:

OAI-PMH

×

Citation

Citation style:

This page uses 'cookies'. More information