RUS  ENG
Full version
JOURNALS // Sistemy i Sredstva Informatiki [Systems and Means of Informatics] // Archive

Sistemy i Sredstva Inform., 2015 Volume 25, Issue 3, Pages 78–93 (Mi ssi418)

This article is cited in 9 papers

Possibilities of secure architecture creation for dynamically changing information systems

A. A. Grushoa, N. A. Grushoa, E. E. Timoninaa, S. Ya. Shorginb

a Institute of Informatics Problems, Federal Research Center "Computer Science and Control" of the Russian Academy of Sciences, 44-2 Vavilov Str., Moscow 119333, Russian Federation
b Federal Research Center "Computer Science and Control" of Russian Academy of Sciences, 44-2 Vavilov Str., Moscow 119333, Russian Federation

Abstract: The paper is devoted to research of existence of information system security architecture. The authors assume dynamical changes in the distributed information system in which along with valuable information resources, there can be high-risk components. Process of consecutive synthesis of secure architecture at which there is the compromise with initial requirements for security is constructed. Consistency of requirements of local security policies and a security policy in the integrated system is automatically reached. The methodology of creation of the protected information system with unsecure components is suggested in practice. In the paper, the elements of known security policies are applied: Multilevel Security (MLS), Role-Based Access Control (RBAC), etc. Known mechanisms and security protocols which define the trust to the whole system are used whenever it is possible. In the constructed secure architecture, it is necessary to use additional mechanisms of security — security servers. Functionalities of some types of security servers are constructed by standard methods. When the analysis of semantics is necessary, the requirements to the security server raise.

Keywords: information security of information system; valuable information resources; security policies; architecture of the distributed information system.

Received: 12.08.2015

DOI: 10.14357/08696527150305



Bibliographic databases:


© Steklov Math. Inst. of RAS, 2024