Russian Federation
student from 01.01.2023 until now
St. Petersburg, Russian Federation
UDC 004.056
The practical implementation of the role-based access control model (RBAC) in contemporary information systems, particularly those within higher education institutions, has increasingly become a critical security concern. To enhance the security of an information system utilizing the RBAC model, it is essential to impose further restrictions on role usage. This approach will enable the limitation of the number of roles within the system’s architecture by introducing constraints on user privileges during their session. Purpose: to modify the role-based access control model by introducing role exclusion constraints to enhance the security of information systems within higher education institutions. Methods: both static and dynamic mutual exclusion methods for managing roles, along with static and dynamic quantitative limitations on role possession and access privileges. Results: a role-based access control model featuring mutually exclusive roles has been created, and a software implementation of a test model has been successfully carried out. Practical significance: this research is expected to enhance security standards in the deployment of role-based access control models within information systems that feature intricate role architecture.
role-based access control, model of mutually exclusive roles, access control policy, information security
1. Rolevaya model' razgranicheniya prav // Blog kompanii «Solar». 2023. 31 maya. URL: http://rt-solar.ru/products/ solar_inrights/blog/3481 (data obrascheniya: 08.11.2025).
2. Rahmetov R. Rolevaya model' bezopasnosti i ee otlichiya ot atributnoy modeli upravleniya dostupom // Blog kompanii Security Vision. 2024. 26 avgusta. URL: http://www.securityvision.ru/blog/rolevaya-model-bezopasnostiieye-otlichiya-ot-atributnoy-modeli-upravleniya-dostupom/ (data obrascheniya: 08.11.2025).
3. Devyanin P. N. Modeli bezopasnosti komp'yuternyh sistem: uchebnoe posobie dlya studentov vuzov. M.: Akademiya, 2005. 144 s.
4. Gaydamakin N. A. Teoreticheskie osnovy komp'yuternoy bezopasnosti: uchebnoe posobie. Ekaterinburg: Ural'skiy gos. un-t im. A. M. Gor'kogo, 2008. 212 s.
5. Zmeev A. A. Modeli i metod razgranicheniya dostupa v obrazovatel'nyh informacionnyh sistemah na osnove virtual'nyh mashin: avtoreferat diss. … kand. tehn. nauk: 2.3.6 / Zmeev Anatoliy Anatol'evich [Mesto zaschity: Sankt-Peterburgskiy Federal'nyy issledovatel'skiy centr Rossiyskoy akademii nauk]. Tver', 2022. 23 s.
6. Demurchev N. G. Proektirovanie sistemy razgranicheniya dostupa avtomatizirovannoy informacionnoy sistemy na osnove funkcional'no-rolevoy modeli na primere vysshego uchebnogo zavedeniya: avtoreferat diss. … kand. tehn. nauk: 05.13.19 / Demurchev Nikita Georgievich [Mesto zaschity: Taganrogskiy gos. radiotehnicheskiy un-t]. Taganrog, 2006. 18 s.
7. Raeckiy A. D., Shlyanin S. A., Ermakova L. A. Realizaciya razgranicheniya prav dostupa v informacionnoy sisteme «Portfolio SibGIU» // Kibernetika i programmirovanie. 2019. № 2. S. 44–54. DOI:https://doi.org/10.25136/2644- 5522.2019.2.18530.
8. Razgranichenie prav pri dostupe k servisam i resursam elektronnoy informacionno-obrazovatel'noy sredy vuza / A. Yu. Uzharinskiy, A. I. Frolov, V. N. Volkov [i dr.] // Prepodavanie informacionnyh tehnologiy v Rossiyskoy Federacii: materialy Devyatnadcatoy otkrytoy Vserossiyskoy konferencii: sbornik nauchnyh trudov (onlayn, 19–20 maya 2021 g.). M.: 1S-Pablishing, 2021. S. 166–168.
9. Struktura i organy upravleniya // Peterburgskiy gos. un-t putey soobscheniya Imperatora Aleksandra I URL: http://www.pgups.ru/struct (data obrascheniya: 15.11.2025).
10. Sevast'yanova L. Stroim rolevuyu model' upravleniya dostupom. Chast' pervaya, podgotovitel'naya // Habr. 2020. 09 iyulya. URL: http://habr.com/ru/companies/solarsecurity/articles/509998 (data obrascheniya: 09.11.2025).
11. Attribute Based Access Control NIST SP 1800-3 Practice Guide Original Draft / B. Fisher, N. Brickman, S. Jha [et al.]. National Cybersecurity Center of Excellence, National Institute of Standards and Technology, 2016. 532 p. URL: http://www.nccoe.nist.gov/sites/default/files/legacy-files/abac-nist-sp1800-3-draft.pdf (data obrascheniya: 08.11.2025).
