IMPROVING ACCESS RESTRICTIONS IN COMMERCIAL BANKS INFORMATION SYSTEMS USING A MODIFIED ROLE-BASED METHOD
loading.default
item.page.files
item.page.date
item.page.authors
item.page.journal-title
item.page.journal-issn
item.page.volume-title
item.page.publisher
Bright Mind Publishing
item.page.abstract
This article considers the issue of eliminating the existing shortcomings of the role-based access control (RBAC) method, which is widely used in the process of access control in information systems of commercial banks. In order to reduce these shortcomings, a modified (hybrid) approach based on a combination of RBAC and attribute-based access control (ABAC) methods is proposed. The proposed method allows determining access rights taking into account the roles of users, as well as their attributes, resource attributes and system attributes. The article develops a mathematical model of the modified method, a set of basic parameters and an algorithm designed for information systems of commercial banks. The proposed approach increases flexibility in the use of bank information resources, enhances the level of security and reduces the risk of unauthorized access.