کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
4961351 | 1446511 | 2017 | 8 صفحه PDF | دانلود رایگان |
The frequency of unauthorized actions to information systems (IS) in the process of their integration is steadily increasing, which inevitably leads to huge financial and material losses. According to statistics, internal users of IS, commit more than half of all violations. All of this forms “a dangerous group of risk”. Existing approaches for IS security are mainly provided by specialized tools of differentiation of user access to information resources. At the same time each user is assigned certain rights, in accordance with which it is permitted/prohibited local access to information is stored in PC, or remote access via communication links to information available on other PC.After analyzing we identified 2 major vulnerabilities: tools of differentiation of local access are not able to provide protection against the actions of offenders are not directly related to obtaining unauthorized access to IS resources and tools of differentiation of remote access does not provide protection from network by internal users of the system.The results of this research will lead to an improvement of the process of ensuring effective protection against threats to information security in the IS.
Journal: Procedia Computer Science - Volume 104, 2017, Pages 35-42