AUTHORIZATION METHOD BASED ON THE DECOMPOSITION OF NUMBERS INTO SIMPLE MULTIPLIERS
UDC 004.421.2:511.344
-
Kurylets Anastasiya Vitalievna – assistant lecturer, the Department of Software Engineering. Belarusian State Technological University (13a, Sverdlova str., 220006, Minsk, Republic of Belarus). E-mail: oav@belstu.by
-
Smelov Vladimir Vladislavovich – PhD (Engineering), Associate Professor, Head of the Ddepartment of Information Systems and Technologies. Belarusian State Technological University (13a, Sverdlova str., 220006, Minsk, Republic of Belarus). E-mail: smw@belstu.by
-
Goranin Nikolaj – DSc, Associate Professor, the Department of Information Systems. Vilnius Gediminas Technical University (11, Sauletekio str., 10223, Vilnius, Republic of Lituania). E-mail: nikolaj.goranin@vgtu.lt
Key words: information security, authorization, authorization system, authorization subject, authorization object, privilege, role.
For citation: Kurylets А. V., Smelov V. V., Goranin N. Authorization method based on the decomposition of numbers into simple multipliers. Proceedings of BSTU, issue 3, Physics and Mathematics. Informatics, 2021, no. 1 (242), pp. 43–47 (In Russian). DOI: https://doi.org/10.52065/2520-2669-2021-242-2-43-47.
Abstract
The article is devoted to the description of the authorization method based on the decomposition of numbers into simple somno-residents. The article presents a formal description of the authorization system, which includes subjects and objects of authorization, as well as algorithms for the authorization procedure. The proposed authorization system provides for a single type of privilege that describes the relationship between the subjects and objects of the system and can be interpreted in binary form: available / not available or allowed/denied. The concept of composite objects is introduced, access to which is determined by the permission of access to other authorization objects. The principle of constructing a hierarchy of authorization objects is considered. The concept of a role as a named set of privileges is introduced, an algorithm for assigning a role to an authorization subject is described. The description of the authorization system is accompanied by examples that explain the principles of its operation, as well as assessments indicating the boundaries of its application.
References
- Hoffman L. Sovremennyye metody zashchity informatsii [Modern methods of information security]. Moscow, Sov. radio Publ., 1980.
- Ayerland K., Rosen M. Klasicheskoye vvedeniye v sovremennuyu teoriyu chisel [A Classical Introduction to Modern Number Theory]. Moscow, Mir Publ., 1987.
- Material iz Natsional’noy biblioteki im. N. E. Baumana [Material from the National Library N. E. Bauman] [Electronic resource]. Available at: https://ru.bmstu.wiki/ACL_(accessed 23.09.2020).
- Newman S. Sozdaniye mikroservisov [Building Microservices]. St. Petersburg, Piter Publ., 2016.
- Predlagayemyy standart RFC 7519 [Proposed Standart RFC 7519] [Electronic resource]. Available at: https://tools.ietf.org/html/rfc7519 (accessed 10.10.2020).