DEVELOPMENT OF ROLE-BASED ACCESS CONTROL ALGORITHMS IN INFORMATION SYSTEMS OF COMMERCIAL BANKS

Abstract

This thesis is devoted to the issues of access restriction and access rights management in information systems of commercial banks . The study covers the structure and mechanism of operation of two main algorithms aimed at correctly granting users access rights to the information system and preventing unauthorized access - access rights granting and access restriction checking algorithms. The process of assigning permissions to users based on the role-based access control (RBAC) approach is described, and the relationships between users, roles, and resources are analyzed. Also, the possibilities of ensuring the confidentiality and integrity of information in information systems through the use of RBAC and ABAC models and integration with the Bella–LaPadula security model are substantiated. The results of the study serve to increase the efficiency of access management in information systems of commercial banks, strictly control permissions , and strengthen the level of information security.