Journals Monographies Textbooks Collections Authors
Submit manuscript
MODEL OF INDIVIDUALLY GROUP ASSIGNMENT OF ACCESS TO HIERARCHICALLY ORGANIZED OBJECTS OF CRITICAL INFORMATION SYSTEMS USING MOBILE TECHNOLOGIES
Submit manuscript
To cite
Citations:

MODEL OF INDIVIDUALLY GROUP ASSIGNMENT OF ACCESS TO HIERARCHICALLY ORGANIZED OBJECTS OF CRITICAL INFORMATION SYSTEMS USING MOBILE TECHNOLOGIES
UDK 60 Прикладные науки. Общие вопросы
Rogozin E. Alekseevich 1
Khvostov Viktor 2
Suhanov Valeriy Viktorovich 3
Korobkin D. Igorevich 4
Mochalov D. A. 5
Authors:
1.  Voronezh Institute of the Ministry of the Interior of the Russian Federation

Russian Federation
2.  Voronezh State University of Engineering Technologies

3.  FGKVOU VO «Voronezhskiy institut pravitel'stvennoy svyazi (filial) Akademii Federal'noy sluzhby ohrany Rossiyskoy Federacii»

4.  Air Force Academy named after professor N.E. Zhukovsky and Y.A. Gagarin

Russian Federation
5.  Air Force Academy named after professor N.E. Zhukovsky and Y.A. Gagarin

Type:
Article
DOI:
https://doi.org/10.12737/2219-0767-2021-14-1-73-79
Pages:
from 73 to 79
Status:
Published
Received:
20.03.2021
Accepted:
20.03.2021
Published:
20.03.2021
Subject area:
UDK 60 Прикладные науки. Общие вопросы
Language:
Russian
Keywords:
mobile station, hierarchical thematic classification, security gateway, mobile device manager, medical information system, unauthorized access, security grid
Abstract and keywords
Abstract (English):
The analysis of access control models currently used in information security systems (SPI) is carried out. Based on the analysis of the advantages and disadvantages of discretionary, authoritative and role models in the implementation of access of mobile systems of subjects with different needs and roles to hierarchically organized information objects of medical information systems (MIS), it is proposed to use access control based on a thematic - hierarchical policy. The methods of forming thematic grids that provide security control of information flows are proposed. The article offers methods for setting the reachability matrix for reading, writing, and executing different access subjects to access objects with monorubricated and multi-rubricated hierarchical thematic classification.

Keywords:
mobile station, hierarchical thematic classification, security gateway, mobile device manager, medical information system, unauthorized access, security grid
References

1. Obschestvennoe zdorov'e i zdravoohranenie. Nacional'noe rukovodstvo / pod red. V.I. Starodubova, O.P. Schepina. - M. : GEOTAR - Media, 2013. - 624 s.

2. Metody i sredstva povysheniya zaschischennosti avtomatizirovannyh sistem : monografiya / V.A. Hvostov [i dr.]. - Voronezh : Voronezhskiy institut MVD Rossii, 2013. - 108 s.

3. Analiz ugroz bezopasnosti informacii pri obrabotke personal'nyh dannyh v mobil'noy medicine / V.P. Gulov, V.A. Hvostov, A.V. Skrypnikov, V.P. Kosolapov, G.V. Sych // Sistemnyy analiz i upravlenie v biomedicinskih sistemah. - 2020. - T. 20, № 2. - S. 129-138.

4. Analiz osobennostey zaschity personal'nyh dannyh v mobil'noy medicine / V.P. Gulov, V.A. Hvostov, V.P. Kosolapov, G.V. Sych // Sistemnyy analiz i upravlenie v biomedicinskih sistemah. - 2020. - T. 19, № 3. -S. 171-176.

5. Federal'nyy zakon Rossiyskoy Federacii ot 27 iyulya 2006 g. N 152-FZ. «O personal'nyh dannyh». - «Rossiyskaya gazeta» ot 29 iyulya 2006 g. N 165. - URL: https://rg.ru/2006/07/29/personaljnye-dannye-dok.html (data obrascheniya: 02.02.2021).

6. Postanovlenie Pravitel'stva RF ot 01.11.2012 N 1119 «Ob utverzhdenii trebovaniy k zaschite personal'nyh dannyh pri ih obrabotke v informacionnyh sistemah personal'nyh dannyh» - «Rossiyskaya gazeta» ot 07 noyabrya 2012 g. N 256. - URL: https://rg.ru/2012/11/07/pers-dannye-dok.html (data obrascheniya: 02.02.2021).

7. Ob utverzhdenii sostava i soderzhaniya organizacionnyh i tehnicheskih mer po obespecheniyu bezopasnosti personal'nyh dannyh pri ih obrabotke v informacionnyh sistemah personal'nyh dannyh Prikaz direktora FSTEK Rossii ot 18 fevralya 2013 g. № 21. - URL: https://fstec.ru/normotvorcheskaya/akty/53-prikazy/691 (data obrascheniya: 26.09.2019).

8. Zaschita informacii v medicinskih uchrezhdeniyah : monografiya / V.P. Gulov, V.P. Kosolapov, G.V. Sych, V.A. Hvostov. - Voronezh, 2020. - 430 s.

9. Scherbakov, A.Yu. Sovremennaya komp'yuternaya bezopasnost'. Teoreticheskie osnovy. Prakticheskie aspekty : uchebnoe posobie / A.Yu. Scherbakov. - M. : Knizhnyy mir, 2009. - 352 s.

10. Primernaya instrukciya po deloproizvodstvu v medicinskih organizaciyah. - URL: http://upravlenie-zdravoohraneniem.rf/load/dokumenty/dokumenty/ primernaja_instrukcija_po_deloproizvodstvu_v_medicinskikh_organizacijakh/1-1-0-78 (data obrascheniya: 31.03.2020).

11. NIST Special Publication 800-162. Guide to Attribute Based Access Control (ABAC). Dentition and Considerations / V.C. Hu, D. Ferraiolo, R. Kuhn, A. Schnitzer, K. Sandlin, R. Miller, K. Scarfone // NIST National Institute of Standards and Technology, 2014. - 47 p. - DOI: http://dx.doi.org/10.6028/NIST.SP.800-162.

12. Avtomatizaciya medicinskih uchrezhdeniy. - URL: http://www.mlsit.ru/products/archimed (data obrascheniya: 02.02.2021).

13. MedWork - professional'naya medicinskaya informacionnaya sistema. - URL: https://www.medwork.ru (data obrascheniya: 02.02.2021).

14. Medicinskaya informacionnaya sistema qMS. - URL: https://sparm.com/products/qms/mis (data obrascheniya: 02.02.2021).

15. Medicinskaya informacionnaya sistema VS Clinic. - URL: http://www.vita-soft.ru/solves/54/(data obrascheniya: 02.02.2021).

© INFRA-M
Support Powered by Editorum,  Instructions
Login or Create
* Forgot password?