Key points are not available for this paper at this time.
This article presents a granular access protection model for confidential information, combining PGP (Pretty Good Privacy) and RBAC (Role-Based Access Control) technologies. The aim of the research is to develop and justify a model that ensures a high level of security through efficient data encryption and flexible role-based access management. The article examines the research objects, which include modern information systems processing confidential data, and the subject of the study, which encompasses encryption and access control methods. To achieve the stated goal, an analysis of modern approaches to data encryption and access management was conducted, their advantages and disadvantages were studied, and current issues related to data security at rest were identified. A protection model combining PGP and RBAC was developed, implemented in real conditions, and tested to evaluate its efficiency and usability. PGP usage ensures data security at rest and during transmission, while RBAC allows flexible configuration of user access rights. Research results demonstrated that the proposed model provides a high level of security, flexible access management, and improved system performance. The use of public and private keys for encrypting symmetric keys further enhances protection by preventing unauthorized data access. Defining roles and privileges for each user ensures authorized access to confidential information, minimizing the risk of accidental or malicious data access. Despite the complexity of encryption and key management processes, the system showed high performance, optimized encryption and decryption processes, and effective user role and privilege management. The proposed model proved its effectiveness in ensuring a high level of security and flexible access management for confidential data.
Kolmahin et al. (Wed,) studied this question.