MODEL OF IMPLEMENTATION OF MANAGEMENT OF ACCESS TO INFORMATION ASSETS IN THE CONCEPT OF ZERO TRUST

Abstract

Background. Controlling access to information assets is one of the key functions of information security. This task in one form or another must be solved both as a whole at the level of the entire information technology (IT) infrastructure of a company or organization, and in each local information system. Methods. Methods on existing approaches, the article develops a model for providing access to information assets, which allows implementing access control processes in a distributed IT infrastructure. A special feature of the model is an algorithm for dynamically determining the necessary security policies, taking into account the access of users with different privileges. Results. The model takes into account remote access at several conventional "levels" – access of the organization's clients, organization employees, as well as partners and contractors. Since modern information infrastructures of organizations have become complex and distributed, the model assumes the presence of a significant number of access points, including automated workstations in the infrastructure, remote automated workstations, various user and mobile access devices, as well as specific devices, such as effective access control should ensure centralized access of all users to information assets. Conclusions. The model provides for the implementation of a single access point, built on the basis of access models from the zero trust concept, for users and for "robots" – technical accounts used for inter-system interaction. The results of the study will make it possible to develop an architecture for remote user access to distributed information assets and organize access control and management processes based on dynamic determination of the level of trust in access subjects, which generally increases the security of organizations.