Defining an access control model for a telecommunication system

The article presents a study and comparative analysis of modern access control models used in telecommunication systems. Three main models are considered: role-based access control (RBAC), attribute-based access control (ABAC), and privilege-based access control (PBAC). The bank's telecommunications infrastructure, including 800 workstations, 200 servers, 800 employees in the office area, and a data center with 50 servers processing critical applications, is used as an example. The bandwidth between the offices and the data center is 10 Gbit/s, and in the public area it is 1 Gbit/s. Active Directory with Kerberos support and a SIEM monitoring system are used to ensure security. The study assessed performance metrics such as response time, throughput, and resilience to peak loads. A security experiment was conducted that tested attack resilience, response flexibility, and protection levels under various system operating scenarios: under daily loads reflecting typical employee work; under peak loads occurring during periods of high resource usage (e.g., at the end of a reporting period); and under emergency loads associated with security incidents or equipment failures. This approach allowed us to identify differences in the effectiveness of access models in real operational situations.

1. Gadasin D.V., Schvedov A.V. Application of a Transport Task for Load Balancing in Conditions of Source Data Fuzziness. T-Comm. 2024;18(1):13–20. (In Russ.). https://doi.org/10.36724/2072-8735-2024-18-1-13-20

2. Gadasin D.V. Building a Binary Tree of the Minimum Prices. T-Comm. 2024;18(11):38–44. (In Russ.). https://doi.org/10.36724/2072-8735-2024-18-11-38-44

3. Dokuchaev V.A., Netrebko A.V., Maklachkova V.V., Mytenkov S.S. Mechanisms for Ensuring Data Security in Distributed Information Systems. Ekonomika i kachestvo sistem svyazi. 2025;(2):125–134. (In Russ.).

4. Vorona V.A., Tikhonov V.A. Sistemy kontrolya i upravleniya dostupom. Moscow: Goryachaya liniya-Telekom; 2010. 272 p. (In Russ.).

5. Singh Ja., Rani S., Kumar V. Role-Based Access Control (RBAC) Enabled Secure and Efficient Data Processing Framework for IoT Networks. International Journal of Communication Networks and Information Security. 2024;16(2). https://doi.org/10.17762/ijcnis.v16i2.6697

6. Sagidova M.L. Modern Access Control and Management Systems. International Journal of Humanities and Natural Sciences. 2022;(9–1):64–68. (In Russ.). https://doi.org/10.24412/2500-1000-2022-9-1-64-68

7. Kozlov A.E. Control System and Access Control in the Enterprise: Concept, Characteristics and Basic Requirements. Bulletin of the Voronezh State Technical University. 2019;15(1):42–47. (In Russ.). https://doi.org/10.25987/VSTU.2019.15.1.006

8. Volkovitskii V.D., Volkhonskii V.V. Sistemy kontrolya i upravleniya dostupom. Saint Petersburg: Ekopolis i kul'tura; 2003. 164 p. (In Russ.).

9. Dokuchaev V.A., Maklachkova V.V., Boiko A.A. The Problem of Updating Data in CRM Systems. Ekonomika i kachestvo sistem svyazi. 2025;(1):45–57. (In Russ.).

10. Dokuchaev V.A., Maklachkova V.V., Statev V.Yu. Digitalization of the Personal Data Subject. T-Comm. 2020;14(6):27–32. (In Russ.). https://doi.org/10.36724/2072-8735-2020-14-6-27-32