Abstract:
The article focuses on studying and implementing a method of assigning access rights to the applications in a corporate mobile network with different requirements for security, which will allow considering the specific activities of multiple users. The existing solutions for assigning access rights to applications and services of the intranet are analyzed, the need to create a method that ensures information security when implementing access in corporate networks with different requirements for the level of security is substantiated. Due to the results of analysis of trends and development prospects of modern corporate mobile networks there has been found a contradiction between the requirements for information security of universal mobile devices with access to secure services and technical capabilities of information security systems that ensure access security in the corporate networks with different security requirements. To solve the problem, a multi-user system has been implemented that ensures operation of any computer equipment and mobile devices of an organization whose DBMS has a client-server architecture. The functional requirements for the developed method include the ability to perform user authorization, providing the administrator with the ability to manage user access rights to various applications, managing application storage, recording user operations, and keeping records. In the course of the software implementation of the method of assigning access rights, the design of the database is described in stages, a model of information flows is built, a physical diagram of the interaction of individual procedures is considered, on the basis of which the database is created, a user interface with forms that display information stored in the database is developed.
Keywords:access rights, user, data storage, security, information protection, differentiation of powers, application, corporate network, Web server.