Development of an Algorithm for Implementing Mandatory and Role-Based Access Control
Annotatsiya
The article discusses the algorithm for combining role and mandatory security policies. The security policy was simulated, including role-based and mandatory access control. Based on the model, a method has been developed for creating a complex security policy. An approach to combine mandatory security policies of two computer systems with different value grids is proposed. The result of combining these two approaches can be presented both as a concept based on security labels and as a hierarchy of roles. The protection of data integrity, to which subjects' access is granted in the information system, is achieved due to the fact that the information system is presented as part of the formal security model of logical mandatory and role-based access and information flow management and integrity control.