Architecture of a computing complex for web services and portals with multilevel access control over public networks

Shamil Magomedov

Abstract


The article is devoted to the development of the architecture of computing systems with multilevel access control to web services over public networks. Information technologies are becoming global and cross-border which leads them to become an integral part of all spheres of activity of an individual, society and state. Their effective application is a factor in accelerating the economic development of the state and the formation of an information society. At the same time, the rapid scientific and technological progress and the constant improvement of software and hardware require, on the one hand, the same constant improvement and increase in the efficiency of the functioning of all components, in terms of reducing costs, improving quality, reliability, safety, but at the same time providing a high level security of access to computing resources, without violating the requirements of existing laws to protect personal and confidential data. Taking into account the ever-increasing requirements for information infrastructure, the development of a computing complex architecture with various access control mechanisms that can expand the capabilities of information security tools is a very urgent task. Despite the fact that modern systems have a wide range of mechanisms and means of protecting information, they are clearly not enough, taking into account constant hacks and information leaks, therefore it is necessary to determine their role and place in each level of computing architecture. The paper proposes the architecture of a data processing system of a computing complex, with the described components serving to ensure access control. Also presented are the levels of data access when components access the computing complex, with a detailed description of the functioning and filling of modules. The results of experimental studies for assessing resource costs when tracking all the user actions are presented.


Full Text:

PDF (Russian)

References


J. R. Gil-Garcia, M. Á. Flores-Zúñiga , “Towards a comprehen-sive understanding of digital government success: Integrating implementation and adoption factors,” Government Information Quarterly, vol. 37, no. 4, p. 101518, 2020.

K. E. Lewinter, S. M. Hudson, L. Kysh, M. Lara, C. L. Betz, J. Espinoza, “Reconsidering reviews: the role of scoping reviews in digital medicine and pediatrics,” NPJ Digital Medicine, vol. 3, no. 1, p. 1-4, 2020.

A. Emejulu, C. McGregor, “Towards a radical digital citizenship in digital education,” Critical Studies in Education, vol. 60, no. 1, pp. 131-147, 2019.

G. Elia, A. Margherita, G. Passiante, “Digital entrepreneurship ecosystem: How digital technologies and collective intelligence are reshaping the entrepreneurial process,” Technological Fore-casting and Social Change, vol. 150, p. 119791, 2020.

P. De Hert, V. Papakonstantinou, G. Malgieri, L. Beslay, I. Sanchez, “The right to data portability in the GDPR: Towards user-centric interoperability of digital services,” Computer Law & Security Review, vol. 34, no. 2, p. 193-203, 2018.

R. El Sibai, N. Gemayel, J. Bou Abdo, J. Demerjian, “A survey on access control mechanisms for cloud computing,” Transactions on Emerging Telecommunications Technologies, vol. 31, no. 2, p. e3720, 2020.

J. Sheng, J. Amankwah-Amoah, X. Wang, “Technology in the 21st century: New challenges and opportunities,” Technological Forecasting and Social Change, 2019, 143, 321-335.

F. Cai, J. He, Z. Ali Zardari, S. Han, “Distributed management of permission for access control model,” Journal of Intelligent & Fuzzy Systems, vol. 38, no. 2, p. 1539-1548, 2020.

M. H. Yarmand, K. Sartipi, D. G. Down, “Behavior-based access control for distributed healthcare systems,” Journal of Computer Security, vol. 21, no. 1, p. 1-39, 2013.

A. Walker, J. Svacina, J. Simmons, T. Cerny, “On automated role-based access control assessment in enterprise systems,” In Information Science and Applications, Springer, Singapore, pp. 375-385, 2020.

S. Kirrane, A. Mileo, S. Decker, “Access control and the resource description framework: A survey,” Semantic Web, vol. 8, no. 2, p. 311-352, 2017.

X. C. Yin, Z. G. Liu, B. Ndibanje, L. Nkenyereye, S. M. Riazul Islam, “An IoT-based anonymous function for security and privacy in healthcare sensor networks,” Sensors, vol. 19, no. 14, p. 3146, 2019.

A. S. M. Kayes, R. Kalaria, I. H. Sarker, M. Islam et al., “A survey of context-aware access control mechanisms for cloud and fog networks: Taxonomy and open research issues,” Sensors, vol. 20, no. 9, p. 2464, 2020.

J. Qiu, Z. Tian, C. Du, Q. Zuo, S. Su, B. Fang, “A survey on access control in the age of internet of things,” IEEE Internet of Things Journal, vol. 7, no. 6, p. 4682-4696, 2020.

F. Menges, T. Latzo, M. Vielberth et al. “Towards GDPR-compliant data processing in modern SIEM systems,” Computers & Security, vol. 103, p. 102165, 2021.

S. G. Magomedov, P.V. Kolyasnikov, E.V. Nikulchev, “Devel-opment of technology for controlling access to digital portals and platforms based on estimates of user reaction time built into the interface,” Russian Technological Journal, vol. 8, no. 6, p. 34-46, 2020. [In RUS]

A. Gusev, D. Ilin, P. Kolyasnikov, E. Nikulchev, “Effective selection of software components based on experimental evaluations of quality of operation,” Engineering Letters, vol. 28, no. 2, p. 420–427, 2020.


Refbacks

  • There are currently no refbacks.


Abava  Кибербезопасность IT Congress 2024

ISSN: 2307-8162