User access management for university corporative automated information system

Автор: Bolodurina Irina Pavlovna, Volkova Tatyana Victorovna, Ashcheulova Nadezhda Alekseevna

Журнал: Инфокоммуникационные технологии @ikt-psuti

Рубрика: Управление и подготовка кадров для отрасли инфокоммуникаций

Статья в выпуске: 3 т.13, 2015 года.

Бесплатный доступ

University automated information system is based on integration of data and advanced telecommunication infrastructure with great number of users (access subjects) with varied access rights to different data elements (access objects). Problem of minimization of information system user access privilege should be solved to provide effective corporate data protection. We present model of user access policy which joins restrictions of subject domain and capability access policy DBMS Oracle. Here restrictions of subject domain under permitted access are defined by user affiliation to hierarchy nodes that corresponds to university department organizing structure. Model provides flexible response to variation of user affiliation to nodes of university department hierarchy. It was implemented to Orenburg State University as a part of project "Orenburg State University Information Analysis System".

Еще

Integrated database, access subject, access object, model of access management, restrictions of subject domain

Короткий адрес: https://sciup.org/140191780

IDR: 140191780   |   DOI: 10.18469/ikt.2015.13.3.16

Статья научная