Access control model of the typical library information system

The article describes a model of security to protect data in the automated information library systems (AILS). The necessity of creating a new model of access control that is different from the classic one, meeting the modern requirements for security, flexibility and easiness of setting up the access rights to the protected objects. Justification is based on the need to protect a large number of objects, the use of different options for accessing information, including full-text resources (objects), from open access to severely restricted certain group of users, and also the need for fast and comfortable access of the readers to the sites, taking into account the requirements of the regulations of the library and the Law "On Copyright and Related Rights" and "On Personal data". The developed model takes into account all of these requirements and restrictions, allowing a usage of different options of authentication in addition to the built-in one (including IP-addresses, Active Directory for LDAP-protocol, by electronic signature, or any other external authentication), considers the limitations on access time, on the collection of objects, for groups of users, taking into account the degree of confidentiality of the facilities. The article describes the basic elements and the operators of the proposed security model. Using the proposed model in the AILS would greatly simplify the administrator's job security, as well as eliminate mistakes of access rights.