Currently, the dominant methodology used in the development of applications and information systems is the object-oriented approach. In this paper, the authors consider a model of the relationship of entities when describing the virtual environment of information interaction of scientific and educational organizations. The main link of interaction is the portal, which is considered as a set of interconnected sections (access objects) with a hierarchical tree structure of subordination. For each section of the portal, only one access rule can be assigned, which applies to the entire branch of the object tree due to the mechanism of inheritance by child objects of the access rights of the parent object. For a child object, the rights inheritance mechanism can be disabled, and new access rules can be assigned, which will be inherited by its descendants. Set theory and mathematical logic are used as a mathematical apparatus for describing a set-theoretical model of a protected virtual environment for information interaction between scientific and educational organizations [1, 2]. The protected virtual environment is built based on the existing hardware and software infrastructure using public portals and communication channels, that is, it is a completely virtual structure of information interaction [3, 4].

The authors have developed a model of a secure virtual environment for managing information exchange in scientific and educational organizations. A full description of the model, an assessment of its effectiveness, occupy more than a hundred pages of text. Due to the limited volume of publication, only the main points of the development of the model are given below.

To build a model of a secure virtual environment for the administration of information exchange of scientific and educational organizations, it is necessary to map into the information space the elements and their interconnections of the organizational and technical association of the subjects of information interaction within the framework of associations, consortia or network structures implementing joint projects and solving common problems.

When creating such a mathematical model, there is a problem of applying the classical concept of the set-theoretic apparatus, implying a single instance of each element of the set. This does not provide a simple description of the elements of the secure virtual administration environment [8, 9, 14, 15]. 2.2.

Consider regulatory bodies, external actors, members of the association and their units, employees, as well as a security policy defined for each subject as subjects of information interaction within associations, consortia or network structures. For real (physical) subjects of information interaction, the main entities can be identified that describe their characteristics as a set of subjects O. This set is reflection onto a set P, which is a set of virtual objects that exist only within the protected environment, represented by Figure 1.

Thus, a secure virtual environment provides the integration of heterogeneous distributed information and computing resources belonging to different subjects, under the control of a single administrative center that implements the functions of secure information interaction within the framework of a single management model and security policy [10, 12, 13].

The work uses a relatively new concept of a multiset, which is an extension of the classical definition of a set and allows the inclusion of the same element in the set several times. The concept of a multiset is actively used in computer science, artificial intelligence, and decision theory. Description of database elements, access rights and their interaction, description of string data, arrays, database elements, requires entering indices (identifiers), which assumes an unambiguous position of elements in some sets. In computer science, for this purpose, the concept of "tuple" is introduced into mathematical formalism, corresponding to an ordered set of fixed length. Within the framework of set theory, tuples can be inductively associated with sets [5].

The authors in this paper denote sets, multisets, and tuples in uppercase letters, and their elements in lowercase.

The set of subjects and entities O of information interaction within associations, consortia or network structures of scientific and educational organizations, together with a set of virtual objects P, form a protected virtual environment of their interaction, which is a set S = { O , P }, while the set of objects O is an injection into P : O → P. The authors define the sets O and P as tuples, the elements of which are sets of typed data, tuples, or multisets.

The authors have defined the basic elements of the O and P tuples: O = < oi >, i = 1..7 ; P = < pj >, j = 1..10, where o1 – regulatory bodies, o2 – external actors, o3 – associations, o4 – members of the association, o5 – divisions of the association, o6 – employees of the division of the association, o7 – security policy of the association, p1 – institution, p2 – management server, p3 – access server, p4 – user domain, p5 – portal resource, p6 – access sections, p7 – access level group, p8 – access rights, p9 – account, p10 – site request.

The elements of the O and P tuples contain a description of the structural elements and methods of information interaction between research and educational organizations in a secure virtual administration environment. The authors performed a description of all elements (about 200) of the O and P tuples, including: ● description of the set of subjects of the protected virtual environment; ● description of the set of regulatory documents; ● a description of the set of elements of the protected virtual environment; ● mathematical description of the relationship between objects of the protected virtual environment.

For example, for o4 = < o4i >, i = 1..5, where o41 – tuple with the names of union members, o42 – tuple with an identifier of a union member, o43 – tuple with a legal address, o44 – tuple with bank details, o45 – tuple with the roles of members of the association.

Let us consider as an example of a mathematical description of the model of interaction between individual objects of the virtual environment for the administration of information exchange of scientific and educational organizations and the execution of session authentication requests [6, 7, 11].

When performing session requests with authentication in the portal, it can be formally defined as a tuple H = < A, C, D >, where A = {ai} – set of access control nodes A ∈ P3, i = 1..n ; C = {cj} – set of network control nodes C ∈ P2, j = 1..m ; D = {di} – set of user domains in the D ∈ P4 network. A custom domain means a uniquely named group of users, which is represented by a tuple: dj = < Ui, D'i >, where Ui – set of users of the i-th domain, i = 1..n , D'i – subset of domains in the network with trusted domain relations dj, D'i ⊆ D and di ∈ D'i. Each user domain corresponds to a specific network access control node and vice versa, A ↔ D. In each user domain dj, there is a subset of currently authorized users U'i ⊂ Ui. The network control node is a tuple cj = < S0, R0, D >, where S0 – set of all active user sessions of the portal network; R0 – set of all identified requests on the network.

An access control node can be represented as a tuple: ai = < Si, Ri, D'i >, where Si – set of active users of the access control node's sessions, Ri – set of identified requests to the access control node. Session Access Model:

∀ ai : ∃ sik ∈ Si , u'qz ∈ U'q , dq ∈ D'i ⇒ Tf : sik → u'qz , (1) where ai – access control node, u'qz – the z-th authorized user of sik session of dq domain, q = 1..n , Tf – function of matching the user and his session.

A user request for a secure virtual information interaction environment is considered identified when it is possible to determine its initiator based on condition (1) for an active session:

∀ rikx ∈ Ri : ∃ sik ∈ Si ⇒ E : rikx → sik , (2) where rikx – is the request x to the i-th node containing the label k of the user session, E – function of identifying the user session on request, and the relation FA determining the permission of the user to access the resource: ∃ FA : U × R → {true, false}.

Thus, to identify a user session (2), it is necessary and enough to have session data only on the access control node that processes the request.

Objects of access to information resources of the protected virtual environment for the administration of information exchange of scientific and educational organizations will be called sections P6. Each section of the qz network has a unique identifier z, so the set of sections Q can be represented as follows [4]:

Q = { qz }, z ∈ Z , (3) where Z – set of identifiers of sections of the corporate portal network.

Each access object, except for the root one, which is considered the portal itself, has a single parent object and any number of child objects.

Each section qz is characterized by one or another access level nz, based on which the access rights to the corresponding information resources are established. The minimum level of access to the section of the corporate portal network is set by the number 0, the maximum – by the number M.

The set of all registered users of the corporate portal network can be represented as a set Y. The elements of the set Y are users uw:

Y = { uw }, w ∈ W , (4) where w – unique identifier of the user uw; W – set of corporate portal user identifiers.

One of the main attributes of the uw user is his mw access level, which determines the privileges of this user in working with sections of the corporate portal network. The user access level mw can take on a certain value from the set { 0 , 1 , … , M }. The higher the value of mw , the more access rights to sections of the corporate portal network user uw has.

To group users according to the level of their privileges (access rights) in the system, access privilege groups are used. The set of such groups can be represented as a set G, whose elements are the privilege groups g0 , g1 , … , gM :

The set of all registered users of the corporate portal network can be represented as a set Y. The elements of the set Y are users uw:

G = { gm }, (5) where m – is the user access level, m ∈ { 0 , 1 , … , M }.

There is a rigid hierarchy of subordination between privilege groups. Each group with a higher privilege level inherits from the group with the previous privilege level value. This makes it possible for high-privileged users to access sections with lower access privileges.

A set of system users is divided into disjoint subsets using access privilege groups, that is, a user can belong to only one access privilege group:

⋂ ∈[0, ] = ∅, (6)

User access to sections of the network of portals is carried out in accordance with the access rules. Each such rule prescribes one of two possible actions: "allow" or "deny" user access to the section.

We denote the set of actions for user access to sections of the corporate portal network by X. The elements of the set X are actions xwz :

X = { xwz }, w ∈ W , z ∈ Z . (7)

Each action of access xwz of the user uw to the section qz takes the value xwz = 1 ("allow") or xwz = 0 ("deny"), depending on the values of the access levels of the user and the section of the corporate portal network. If the user's access level is greater than or equal to the section's access level, then in accordance with the rule, the user can access the section, otherwise, it is denied:

X = { xwz | ( mw ≥ nz ⇒ xwz = 1 ), ( mw < nz ⇒ xwz = 0 ) }, mw, nz ∈ { 0 , 1 , … , M }. (8)

In this case, the access rule begins to play the assigned role in the entire branch of the tree, which is formed by this object. For this, the system provides a mechanism for inheriting the access level of the parent object by child objects.

For each child section, the access level inheritance mechanism can be disabled, and a new access rule can be assigned, which will apply to it and all its descendants [6]. In the new rule, the access level for the section must be the same as that of the parent object, or higher than the access level of the parent object:

Xb = { xwb | ( mw ≥ nb ⇒ xwb = 1 ), ( mw < nb ⇒ xwb = 0 ) }, (9) nb > na , mw, na ∈ { 0 , 1 , … , M }. where Xb – the set of user access actions to the qb section; xwb –the action for user uw to access qb partition.

It should be noted that each session of a user authorized in the system has a unique identifier that allows you to determine which user belongs to a request to the portal:

H = {hwzt}, w ∈ W , z ∈ Z , t ∈ T , (10) where H – set of sessions of using information resources of the corporate portal network; hwzt – identifier of the user uw access session to the information resources of the P6z section at time t; T – set of values of points in time counted when taking into account requests for user access to sections of the corporate portal network.

The session identifier hwzt in (10) is a concatenation of the values P9w1 , P10,i,3 , t , where i is the value of the counter of requests to the site at a relative time t:

The homomorphism of formula (11) can be used to execute the operator for concatenating the indexes of the section and the portal.

In a protected virtual environment, in relation to the applied task of organizing information exchange of scientific and educational organizations within the framework of the implementation of complex projects, three levels are distinguished: ● processes of information interaction, the basis for the implementation of which is a distributed database; ● infrastructure - a network of portals; ● information security, which is determined by the adopted policy.

The implementation of the described model of a protected virtual environment involves the construction of a distributed software package, which is divided into three layers: ● presentation layer; ● application layer (middle layer); ● data layer.

The presentation layer on Figure 2 provides interaction with the user and contains the components of the complex interface. Only the simplest program logic is brought to this level, which is responsible for displaying information and network interaction with the application layer.

The middle layer Figure 3 is represented by the application server, which contains the core program logic. Application servers are designed so that adding additional instances to them provides horizontal performance scaling of the software suite and does not require changes to the application program code.

The data layer includes source access components that encapsulate data storage mechanisms. This role is played by the data management application programming interface (API).

The organizational and structural diagram of a large scientific and educational consortium can reach significant sizes and include many branches. In this regard, an approach based on Binary Decision Diagrams (BDD) is used to implement access to protected information and computing resources.

Using BDD to represent data structures avoids linearizing the inheritance hierarchy.

BDD represents a Boolean function as a root acyclic graph. In BDD, nodes with the same function value are combined. If at each BDD level all vertices have the same label (the same variables), then such a BDD is called ordered or OBDD. OBDD vertices are arranged in levels, each level corresponds to one variable that marks the vertices located at this level. Binary decision diagrams are used as a compact form of Boolean function representation. This representation is useful in many cases when need to repeatedly calculate the values of a function for different sets of values of its arguments.

The authors obtained relationships for all elements of the tuples O, P and their components.

The resulting model was used to build a secure virtual environment for scientific and educational organizations as an authentication algorithm and control user access to portal resources. In the full version of the model of a protected virtual environment for the administration of information exchange of scientific and educational organizations, the authors considered a model of a network of corporate portals and an assessment of the effectiveness of managing information exchange in this network based on probabilistic indicators. This made it possible to assess the performance of the project of the developed software and hardware solutions for the virtual environment for the administration of information exchange of scientific and educational organizations.

[1] S. Leng, Algebra, In Russian, Moscow, 1968. [2] N. K. Vereshchagin, and A. Shen, Lectures on mathematical logic and theory of algorithms, In

Russian, Moscow, 2012. [3] S. A. Lazarev, and A.V. Demidov, The Concept of Construction of a Control System of an Information Exchange in The Network of Corporate Portals, Information Systems and Technologies, 2010, no. 4(60), pp. 123–129. URL: http://oreluniver.ru/public/file/archive/isit%204-2010.pdf. [4] S. A. Lazarev, I. S. Konstantinov, and O.V. Mihalev, Realization of a single model session access in the distributed network portals, Vestnik komp'iuternykh i informatsionnykh tekhnologii (Herald of computer and information technologies), 2014, no. 6, pp. 44–49. doi: 10.14489/vkit.2014.06.pp.044-049. [5] K. Hrbacek, T. Jech, Introduction to Set Theory, Third edition, revised and expanded, 1999. [6] Т. Takagi, and М. Sugeno, Fuzzy identification of systems and its applications to modeling and control, IEEE Transactions on Systems, Man, and Cybernetics, vol. 15, no 1, 1985, pp. 116–132. doi:10.1109/TSMC.1985.6313399. [7] H. Blaine, The Threat Landscape of PKI: System and Cryptographic Security of X.509, Algorithms, and their Implementations, Proceedings of the Romanian Academy, Series A, vol. 14, 2013, pp. 286–294. URL: https://academiaromana.ro/sectii2002/proceedings/doc2013-3s/02HEIN.pdf. [8] M. Benantar, Access control systems: Security, identity management and trust models, Springer

US, 2006. doi:10.1007/0-387-27716-1. [9] S.-K. Chin, Access control, security, and trust: A logical approach, CRC Press, 2010.

doi: 10.1201/9781439894637. [10] K.-C. Li, X. Chen and W. Susilo, Advances in cyber security: Principles, techniques, and applications, Springer Singapore, 2018. doi: 10.1007/978-981-13-1483-4. [11] E. Al-Shaer, X. Ou and G. Xie, Automated security management, Springer International

Publishing, 2013. doi: 10.1007/978-3-319-01433-3. [12] A. Sadiqui, Computer network security, Wiley, 2020. doi: 10.1002/9781119706762. [13] K. Al-Begain, M. Zak, W. Alosaimi and C. Turyagyenda, Cyber Security and Threats: Concepts,

Methodologies, Tools, and Applications, IGI Global, 2018. doi: 10.4018/978-1-5225-5634-3. [14] R. Matulevičius, Fundamentals of secure system modelling, Springer International Publishing, 2017. doi: 10.1007/978-3-319-61717-6. [15] A. Wong and A. Yeung, Network infrastructure security, Springer US, 2009. doi: 10.1007/978-14419-0166-8.