Metrics of semantic proximity of a user's request as a security criterion in a thematic hierarchical access control model

The increasing scope of application of mobile technologies and devices as elements of distributed systems to enhance the efficiency and convenience of access to various information systems and digital services has made it necessary to improve methods and mechanisms for information protection and information security. One of the main security mechanisms is access control. Features of traditional (discretionary and mandatory) access control model application in distributed information systems (IS) when using mobile systems (MS) as elements are analyzed. Thematically, hierarchical model is proposed as the most effective model that meets the required security policy. For this access control model, an ontological method for forming trust rights to access objects is proposed based on the use of semantic proximity metrics. When using traditional thematic hierarchical access control models, the logical information architecture of IS resources forms a thematic hierarchical classifier (categorizer). The Hasse diagram introduces order relations in the thematic classifier on the security grid to form trust-thematic powers of IS users. Constructing Hasse diagrams on a security grid that includes several security levels is a rather complex algorithmic task. When constructing trust-thematic powers of users in order to avoid uncertainty due to the incompleteness of the constructed Hasse diagram and overestimation of the granted powers when forming access rights, it is proposed to use the semantic proximity of the user access request and the thematic heading of the hierarchical classifier. An analysis of existing approaches to the formation of semantic proximity metrics has shown that proximity measures based on the hierarchy of concepts can be used as the best metric for setting the user’s trust authority.

1. Aristov M.S., Shishin O.I., Rapetov A.M., Krymov A.S., Egorov A.D. Review and brief analysis of the current state of mobile communications using the example of GSM networks. Spectekhnika i svyaz'. 2014;1:2–6. (In Russ.).

2. Rapetov A.M., Shishin O.I., Aristov M.S., Kholyavin V.B., Savchuk A.V., Zhorin F.V. Methods for gaining access to data stored on a mobile device and processed by it. Spectekhnika i svyaz'. 2014;1:7–12. (In Russ.).

3. Barkalov Yu.M., Nesterov A.D. Peculiarities of information security in mobile devices running the Android operating system. Herald of Daghestan State Technical University. Technical Sciences. 2019;46(2):71–80. DOI: 10.21822/2073-6185-2019-46-2-71-80. (In Russ.).

4. Harrison M.A., Ruzzo W.L., Ullman J.D. Protection in Operating Systems. Communications of the ACM. 1976;19(8):461–471.

5. Landwehr C.E. Formal models for computer security. ACM Computing Surveys. 1981;13(3):247–278.

6. Gulov V.P., Kosolapov V.P., Sych G.V., Khvostov V.A. Management organization access to medical information systems using the methods semantic proximity. System analysis and management in biomedical systems. 2021;20(2):79–87. DOI 10.36622/VSTU.2021.20.2.010. (In Russ.).

7. Skiena S. Implementing Discrete Mathematics: Combinatorics and Graph Theory with Mathematica. Reading, MA: Addison-Wesley, 1990. 362 p.

8. Guarino N. Formal Ontology and Information Systems. Proceedings of FOIS’98. Trento, Italy; 1998. p. 3–15.

9. Palagin O.V., Petrenko M.G. Architectural and ontological principles of building intellectual information systems. Mathematical machines and systems. 2006;4:15–20.

10. Resnik P. Using information content to evaluate semantic similarity in ontology. Proc. of the 14th Int’l Joint Conference on Artificial Intelligence, 1995. p. 448–453.

11. Palagin O.V., Petrenko M.G. A model of the categorical level of the linguistic and ontological picture of the world. Mathematical machines and systems. 2006;3:91–104.

12. Kryukov K.V., Pankova L.A., Pronina V.A., Sukhoverov V.S., Shipilina L.B. Measures of semantic proximity in ontology. Management problems. 2010;5:1–14.

13. Rada R., et al. Development and Application of a Metric on Semantic Net. IEEE Trans. on Systems, Man and Cybernetics. 1989;19(1):17–30.

14. Leacock C., Chodorow M. Combining local context and WordNet similarity for word sense identification. WordNet: An electronic lexical database. Cambridge, MA: MIT press, 1998. p. 265–283.