A. S. Dubrovin, V. I. Sumin, Yu. Yu. Gromov, V. M. Tyutyunnik
{"title":"A Systems Approach to Ensuring Security in a Special-Purpose Automated Information System","authors":"A. S. Dubrovin, V. I. Sumin, Yu. Yu. Gromov, V. M. Tyutyunnik","doi":"10.3103/S0005105525700049","DOIUrl":null,"url":null,"abstract":"<p>A mathematical model of the subsystem of security in an automated information system with a special purpose, hierarchically decomposed by security levels, is considered, on the basis of which it is possible to develop and analyze relatively flexible rules of differentiation of access to information with high guarantee of their fulfillment with the help of the apparatus of finite nonlinear lattices. Two finite nonlinear lattices suitable for this purpose are proposed. For each, carrier, partial ordering, and algebraic operations are defined. Interpretations of these lattices are given as vector security levels, in contrast to the well-known interpretation of finite linear lattices as numerical security levels. For vector security levels, the “no read up” and “no write down” rules of the mandated security policy are defined. The equivalence of the modeling capabilities of these lattices is justified. The developed model integrates the principles of mandating and discretionary access control methods, taking subjects in the role of intermediaries between users and objects. The Bell-LaPadula model, as adapted to the formalization of security levels by finite nonlinear lattices is presented.</p>","PeriodicalId":42995,"journal":{"name":"AUTOMATIC DOCUMENTATION AND MATHEMATICAL LINGUISTICS","volume":"59 1","pages":"33 - 40"},"PeriodicalIF":0.5000,"publicationDate":"2025-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"AUTOMATIC DOCUMENTATION AND MATHEMATICAL LINGUISTICS","FirstCategoryId":"1085","ListUrlMain":"https://link.springer.com/article/10.3103/S0005105525700049","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
A mathematical model of the subsystem of security in an automated information system with a special purpose, hierarchically decomposed by security levels, is considered, on the basis of which it is possible to develop and analyze relatively flexible rules of differentiation of access to information with high guarantee of their fulfillment with the help of the apparatus of finite nonlinear lattices. Two finite nonlinear lattices suitable for this purpose are proposed. For each, carrier, partial ordering, and algebraic operations are defined. Interpretations of these lattices are given as vector security levels, in contrast to the well-known interpretation of finite linear lattices as numerical security levels. For vector security levels, the “no read up” and “no write down” rules of the mandated security policy are defined. The equivalence of the modeling capabilities of these lattices is justified. The developed model integrates the principles of mandating and discretionary access control methods, taking subjects in the role of intermediaries between users and objects. The Bell-LaPadula model, as adapted to the formalization of security levels by finite nonlinear lattices is presented.
期刊介绍:
Automatic Documentation and Mathematical Linguistics is an international peer reviewed journal that covers all aspects of automation of information processes and systems, as well as algorithms and methods for automatic language analysis. Emphasis is on the practical applications of new technologies and techniques for information analysis and processing.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
