Journal "Software Engineering" (Programmnaya Ingeneria) | Access Control Models in Multiuser Scientometric Content Management Systems

Main

New Issue

Archive

Most cited articles

Editor in chief

Editorial board

For the authors

Publishing ethic

Peer reviewing

Publishing House

Old site

Russian

Issue N12 2016 year

DOI: 10.17587/prin.7.547-558

Access Control Models in Multiuser Scientometric Content Management Systems

V. A. Vasenin^{1, 2}, e-mail: vasenin@msu.ru, A. A. Itkes², e-mail: itkes@imec.msu.ru, V. Yu. Bukhonov¹, e-mail: bukhonovvyu@gmail.com, A. V. Galatenko¹, e-mail: agalat@msu.ru, ¹ Faculty of Mechanics and Mathematics, Lomonosov Moscow State University, Moscow, 119991, Russian Federation, ² Scientific Research Institute of Mechanics, Lomonosov Moscow State University, Moscow, 119192, Russian Federation

Corresponding author: Bukhonov Vladimir Yu., Postgraduate Student, Faculty of Mechanics and Mathematics, Lomonosov Moscow State University, Moscow, 119991, Russian Federation E-mail: bukhonovvyu@gmail.com

Received on August 02, 2016

Accepted on September 05, 2016

This paper presents the results of the gap analysis of three modern access control models — Attribute Based Access Control (ABAC), developed by Hu, Ferraiolo, Kuhn, Schnitzer, Sandlin, Miller, Scarfone from NIST; Entity Based Access Control (EBAC), developed by Bogaerts, Decat, Lagaisse, Joosen; Chain-Relation Based Access Control (ChRelBAC), developed by authors of these paper. The short descriptions, including formal definitions and basic concepts, are given for each model. As such, in this paper the authors analyze them in reference to content management in multiuser systems, based on "user-user", "user-resource" and "resource-resource" relations. Results of the analysis are presented in this work. The capabilities of the models practical usage in Scientometrics are compared as applied to information-analytical system "ISTINA". Main functions of this system include gathering and processing information about the results of scientific and educational activities in big organization for management decision-making. The experience of working with "ISTINA" as a typical multiuser scientometric content management system has allowed the authors to formulate requirements and criteria, which were used for comparative analysis of ABAC, EBAC and ChRelBAC.

Keywords: access control, entity, relations, attributes, chains of relations, Chain-Relation Based Access Control, Attribute Based Access Control, Entity Based Access Control

pp. 547–558

For citation:
Vasenin V. A., Itkes A. A., Bukhonov V. Yu., Galatenko A. V. Access Control Models in Multiuser Scientometric Content Management Systems, Programmnaya Ingeneria, 2016, vol. 7, no. 12. pp. 547—558.