INFOKOMMUNIKASIYA TIZIMLARDA FOYDALANISHNI ROLLI CHEKLASH TIZIMINI QURISH MODELLARI VA USULLARI

Durdona Irgasheva

Авторы

Durdona Irgasheva Muhammad al-Xorazmiy nomidagi Toshkent axborot texnologiyalari universiteti

Ключевые слова:

kompyuter tizimlari, xavfsizlik modellari, konfidensiallik, foydalanuvchanlik, foydalanishning cheklash tizimi, RBAC (Role-Based Access Control)- xavfsizlikning rolli nazorati, SOD (Segregation Of Duties)- vazifalarni taqsimlash, ME (Mutually Exclusive)-bir-birini inkor qilish, MER (Mutually Exclusive Roles)-bir-birini inkor qiluvchi rollar, MEP (Mutually Exclusive Permissions)-bir-birini inkor etuvchi vakolatlar, COI (Conﬂict Of Interest)-manfaatlar ixtilofi

Аннотация

Ushbu, maqola moslanuvchanlikni, ma’murga yuklamaning pasayishini ta’minlash va dinamik faoliyat muammosini hal etishga imkon beruvchi foydalanishni rolli cheklash tizimi dinamik modelining tavsifiga bag‘ishlangan. 1. Foydalanishni rolli cheklash RBAC modeli-foydalanuvchilarni bitta katalogda boshqarish, yoki bir xil huquqlarga ega bо‘lgan foydalanuvchilarning katta guruhlarini boshqarish va h. uchun, tizimlarda dinamik foydalanuvchiga foydalanish muammolarini hal qilishga mos emas. Ushbu muammolarni hal qilish uchun atributlarga asoslangan foydalanishni boshqarish usuli ABAC tanlab olindi. Atributlarga asoslangan siyosatning normativ talablarning murakkabligini kamaytirishi evaziga foydalanishni boshqarish samaradorligi oshadi. RBAC bilan ABACning qо‘shilishi foydalanishni boshqarishda ma’murlashni soddalashtirish va RBACdagi muammolarni bartaraf etish imkoniyatlarini beradi, lekin ikkala modelning qо‘shilishi ichki xavfsizlik tahdidlaridan himoyalamaydi. Ichki tahdidlardan xavfsiz sxemani yaratish uchun vakolatlar sathida vazifalarni taqsimlash–SODni amalga oshirish taklif etildi.

Библиографические ссылки

NIST Special Publication. Guide to Attribute Based Access Control (ABAC) Definition and Considerations/ Natl. Inst. Stand. Technol. Spec. Publ. January 2014. 800-162, 47 pages. URL: https://doi.org/10.6028/NIST.SP.-P.800-162.

Sandhu R., Bhamidipati V., Munawer Q. The ARBAC97 model for role-based ad-ministration of roles//ACM Trans Inf Syst Secur Feb. 1999; 2(1):105-35.

Ганиев С.К., Иргашева Д.Я., Рустамова С.Р. Фойдаланишни чеклаш тизимининг рол ва атрибут асосида бошқариш модели// “Мухаммад ал-Хоразмий авлодлари” журнали. -Тошкент, 2020. -№4 (14). -Б.45-54.

Jin X. Sandhu R. Krishnan R. RABAC: role-centric attribute-based access control/In: Kotenko I., Skormin V., editors//Computer network security, 7531. Springer Berlin Heidelberg; 2012. -P. 84-96.

Kuhn D. R., Coyne E. J., Weil T.R. Adding attributes to role-based access control//Computer 2010, 43. P.79-81.

Zhu, Y., Huang, D., Hu C.-J., Wang X. From RBAC to ABAC: Constructing ﬂexible data access control for cloud storage services // IEEE Trans. Serv. Comput. 2015, 8, 601-616.

Al-Kahtani M.A., Sandhu R. A model for attribute-based user-role assignment // In Proceedings of the 18 th Annual Computer Security Applications Conference, Las Vegas, NV, USA, 9-13 December 2002; pp. 1-10.

Rajpoot Q., Jensen C., Krishnan R. Attributes enhanced role-based access control model / In: Fischer-Hübner S, Lambrinoudakis C, López J, editors // Trust, privacy and security in digital business, vol. 9264. Springer International Publishing. 2015. -P. 3-17.

Huang J., Nicol D.M., Bobba R., Huh J.H. A framework integrating attribute-based policies into role-based access control. In: Proceedings of the 17th ACM symposium on access control models and technologies; 2012. -P.187-96.

Irgasheva D.Y., Rustamova, S.R. Development of Role Model for Computer System Security // International Conference on Information Science and Communications Technologies: Applications, Trends and Opportunities. DOI:10.1109/ICISCT47635.2019.9012058. ICISCT 2019.

Ganiev S.K., Irgasheva D.Y. About of One Methods Synthesis the Structural Protected Computer Network // International Conference on Information Science and Communications Technologies: Applications, Trends and Opportunities. DOI: 10.1109/ICISCT47635.2019.9011891. ICISCT 2019.

Habib M.A., Mahmood N., Shahid M., Aftab M.U., Ahmad U. Faisal C.M.N. Permission Based Implementation of Dynamic Separation of Duty (DSD) in Role Based Access Control (RBAC)//In Proceedings of the 8th International Conference on Signal Processing and Communication Systems, Gold Coast, Australia, 15-17 December 2014. -P.1-10.

Muhammad Umar Aftab, Zhiguang Qin, Negalign Wake Hundera, Oluwasanmi Ariyo, Zakria, Ngo Tung Son, Tran Van Dinh. Permission-Based Separation of Duty in Dynamic Role-Based Access Control Model // Symmetry. Published: 15 May 2019, 11, 669; doi:10.3390/sym11050669.

INCITS 359-2004 Information Technology - Role Based Access Control. STANDARD by InterNational Committee for Information Technology Standards (formerly NCITS), 02/03/2004,-P.2-10.

INCITS 359-2012 Role Based Access Control. STANDARD by InterNational Committee for Information Technology Standards (formerly NCITS), 05/29/2012.