ATTRIBUTE-BASED ACCESS CONTROL IN CRM AND ERP CLASS INFORMATION SYSTEMS

Abstract

Efficient process management in a company these days cannot do without automation. Using CRM and ERP systems helps to increase efficiency, automation, and optimization of most of the processes in the enterprise. When implementing a CRM or ERP system, each company mandatory think about ensuring the security of its data and therefore ensuring clear and reliable control over access to all data in the system. In this paper, we analyzed two of the most common access control policies today - the role-based access control policy (RBAC) and the attribute-based access control policy (ABAC). Attribute-based access control is called the future access control because it ensures the implementation of complex policies and the dependence of the decision to allow or deny access not only on the user's role, but also on other parameters of the subject, object, and environment, it provides much more opportunities to implement flexible access control policies. We also analyzed the existing access control policies of the ERP system - Microsoft Dynamics AX and CRM systems - Microsoft Dynamics CRM, their specific features. A number of requirements that are not covered by the current implementation of access control in these systems but can be satisfied by an attribute-based access control policy have been formed. The work has developed its own system of attributes, specific to these systems, which can be used to develop a solution to implement an access control policy based on attributes to CRM and ERP systems on the Microsoft Dynamics 365 platform. A universal solution was also developed to implement an access control policy based on attributes for the Microsoft Dynamics CRM system, which can be used both as a replacement for the existing role-based access control system and also together to improve the efficiency of the access control system.