ARCHITECTURE OF A MODULAR EXPERT SYSTEM FOR VERIFICATION OF SECURITY POLICIES IN MULTI-TIER INFORMATION ENVIRONMENTS
DOI:
https://doi.org/10.35546/kntu2078-4481.2026.1.39Keywords:
information security, expert system, policy verification, modular architecture, multi-tiered environment, access controlAbstract
The article considers the problem of security policy verification in multi-level, distributed and dynamic information environments. The limitations of traditional centralized approaches are shown in the context of the increasing complexity of modern information systems and the number of interconnected policies. The feasibility of using modular expert systems to increase the flexibility, scalability and adaptability of security policy verification processes is substantiated. The emphasis is on the need for formalized policy representation and automated detection of conflicts and gaps in access rules. The proposed approach is focused on use in heterogeneous environments with a multi-level security control structure. The aim of this study is to develop an architecture for a modular expert system for verifying security policies in multi-level information environments. The research is based on the use of methods of formalization of security policies, logical analysis of access rules and modular design of expert systems. Experimental modeling and comparative analysis with existing solutions were used to evaluate the effectiveness of the proposed approach. An architectural model of an expert system with independent verification modules synchronized through a centralized controller is proposed. Experimental results confirm an increase in the speed of policy verification, improved scalability, and reduced knowledge update time compared to traditional approaches. The scientific novelty lies in the combination of a modular approach with a hierarchical model of the information environment for verifying security policies. The proposed architecture provides consistent verification of policies at different levels without interfering with the internal logic of individual modules. The results obtained confirm the effectiveness of the modular expert system for application in complex information environments. The proposed approach can be used as a basis for creating tools for automated control and analysis of security policies in critical information systems.
References
Burke, Q., Mehmeti, F., George, R. at al. Enforcing multilevel security policies in unstable networks. IEEE Transactions on Network and Service Management. 2022. Vol. 19. No. 3. P. 2349–2365. DOI: https://doi.org/10.1109/TNSM.2022.3176820
Rozlomii, I. O., Naumenko, S. V. Architecture and functional features of secured next-generation database management systems with serverless and edge computing support. Systems and Technologies. 2025. Vol. 69. No. 1. P. 130–137. DOI: https://doi.org/10.32782/2521-6643-2025-1-69.16
Akello, B. O. Organizational information security threats: Status and challenges. World Journal of Advanced Engineering Technology and Sciences. 2024. Vol. 11. No. 1. P. 148-162. DOI: https://doi.org/10.30574/wjaets.2024.11.1.0152
Sikman, L., Sarajlic, N. Modelling of fuzzy expert system for an assessment of security information management system uis (university information system). Tehnički vjesnik. 2022. Vol. 29. No. 1. P. 60–65. DOI: https://doi.org/10.17559/TV-20200721154801
Panzer, M., Gronau, N. Designing an adaptive and deep learning based control framework for modular production systems. Journal of Intelligent Manufacturing. 2024. Vol. 35. No. 8. P. 4113–4136. DOI: https://doi.org/10.1007/s10845-023-02249-3
Розломій, І., Фауре, Е., Науменко, С. Методи аутентифікації у вбудованих системах з обмеженими обчислювальними ресурсами. Measuring and Computing Devices in Technological Processes. 2025. Vol. 1. P. 29–35. DOI: https://doi.org/10.31891/2219-9365-2025-81-4
Babak, V., Babak, S., Eremenko, V., Kuts, Y., & Zaporozhets, A. Protection of Measurement Information from Unauthorized Access. In Information-Measuring Systems: Theory and Application, 2025, Cham: Springer Nature Switzerland, pp. 409–458. DOI: https://doi.org/10.1007/978-3-031-89406-0
Forsyth, E., Horne, R. Clark-Wilson policies in ACP: controlling information flow between solid apps. In CEUR Workshop Proceedings, Leuven, Belgium, May 2–3, 2024. Vol. 3947, pp. 100–108. URL: https://ceur-ws.org/Vol-3947/short14.pdf
Singh, M. P., Sural, S., Vaidya, J., Atluri, V. A role-based administrative model for administration of heterogeneous access control policies and its security analysis. Information Systems Frontiers. 2024. Vol. 26. No. 6. P. 2255–2272. DOI: https://doi.org/10.1007/s10796-021-10167-z
Ferreira, L., Silva, D. C., Itzazelaia, M. U. Recommender systems in cybersecurity. Knowledge and Information Systems. 2023. Vol. 65. No. 12. P. 5523–5559. DOI: https://doi.org/10.1007/s10115-023-01906-6
Iatrellis, O., Stamatiadis, E., Samaras, N., at al. An intelligent expert system for academic advising utilizing fuzzy logic and semantic web technologies for smart cities education. Journal of Computers in Education. 2023. Vol. 10. No. 2. P. 293–323. DOI: https://doi.org/10.1007/s40692-022-00232-0
