Abstract:
The paper is devoted to research of existence of information system security architecture. The authors assume dynamical changes in the distributed information system in which along with valuable information resources, there can be high-risk components. Process of consecutive synthesis of secure architecture at which there is the compromise with initial requirements for security is constructed. Consistency of requirements of local security policies and a security policy in the integrated system is automatically reached. The methodology of creation of the protected information system with unsecure components is suggested in practice. In the paper, the elements of known security policies are applied: Multilevel Security (MLS), Role-Based Access Control (RBAC), etc. Known mechanisms and security protocols which define the trust to the whole system are used whenever it is possible. In the constructed secure architecture, it is necessary to use additional mechanisms of security — security servers. Functionalities of some types of security servers are constructed by standard methods. When the analysis of semantics is necessary, the requirements to the security server raise.
Keywords:information security of information system; valuable information resources; security policies; architecture of the distributed information system.