Development of access control system to documents in ADMS for publishing houses

Author(s) Collection number Pages Download abstract Download full text
Sabat V. I., Мацюк В. В., Musiiovska M. M., Каневська Н. І. № 2 (61) 68-74 Image Image

The basic means of access control to electronic documents are analysed, on the basis of which the system of access control in automated document management systems (ADMS) for publishing houses is offered.

The work on creating a system for document access control at a publishing house can be divided into three main areas: 1) the organization of work with documents and information contained in them; 2) the development of means of identification for all users of ADMS and methods of granting them certain powers; 3) ensuring the monitoring of the work of ADMS by the relevant security services. All areas of work with documents must be agreed in advance and prescribed in the security policy of the organization in the form of procedures for working with documents – from the beginning of their creation, working with them and to further destruction or archiving.

The organization of work with documents begins at the stage of their creation, when the classified information contained in the documents is determined and in accordance with it, each document is given a certain level of secrecy in the accompanying information to the document. The security services apply a certain level of protection to each document according to its level of secrecy. This process is carried out using the tools and procedures provided in the security policy of the organization (passwords, encryption, digital signature, etc.).

The development of methods and means of identifying users of the organization begins with the creation of a new user profile in the document access control system. In accordance with the powers granted, users in the security system are granted a certain level of access to documents. All users of ADMS should be acquainted with the rules of work with documents and with the duties and responsibilities in case of their violations.

Security services develop databases for documents and users, rules for user iden­tification and authentication in ADMS and procedures for granting each entity of a pub­lishing house a level of access to documents according to their level of secrecy. In the process of functioning of the publishing house, the security and access to documents services should systematically monitor the ADMS protection system for the presence of vulnerabilities and develop a strategy for the prompt resumption of its work in case of incidents.

Keywords: document access control systems, automated document management systems, methods of identification and authentication of a person.

doi: 10.32403/1998-6912-2020-2-61-68-74

  • Durniak, B. V., Sabat, V. I., & Shvedova, L. Ye. (2016). Upravlinnia povnovazhenniamy v systemakh zakhystu informatsii. Lviv : UAD (in Ukrainian).
  • Durniak, B. V., Sabat, V. I., Shvedova, L. Ye., & Bilak, Yu. Yu. (2011). Rozrobka struktury systemy upravlinnia povnovazhenniamy: Zbirnyk naukovykh prats IPME im. H. Ye. Pukhova NAN Ukrainy, 58, 192–200 (in Ukrainian).
  • Durniak, B. V., Sabat, V. I., & Shvedova, L. Ye. (2011). Struktura systemy upravlinnia pov­novazhenniamy. XXKh naukovo-tekhnichna konferentsiia «Modeliuvannia» : tezy kon­ferent­sii (12–13 sichnia 2011 r.). Kyiv, 60–61 (in Ukrainian).
  • Durniak, B. V., Sabat, V. I., & Shvedova, L. Ye. (2010). Metody formalnoho opysu system upravlinnia povnovazhenniamy na osnovi vykorystannia matematychnoi lohiky: Zbirnyk naukovykh prats IPME im. H. Ye. Pukhova NAN Ukrainy, 57, 267–275 (in Ukrainian).
  • Sabat, V. I. (2004). Metody zakhystu dokumentiv v systemakh dokumentooborotu: Komp’iu­terni tekhnolohii drukarstva, 12, 297–305 (in Ukrainian).
  • Durniak, B. V., Sabat, V. I., & Shvedova, L. Ye. (2011). Zahalna orhanizatsiia vykorystannia informatsiinykh zasobiv dlia stvorennia systemy upravlinnia povnovazhenniamy: Zb. nauk. pr. IPME NAN Ukrainy, 59, 200–207 (in Ukrainian).
  • Hutsaliuk, M. V. (2005). Identyfikatsiia fizychnykh osib yak protydiia orhanizovanii zlo­chyn­nosti ta teroryzmu: Borotba z orhanizovanoiu zlochynnistiu i koruptsiieiu (teoriia i praktyka). Kyiv, 11, 36–48 (in Ukrainian).