BUILDING A MODEL OF THE INTEGRITY OF INFORMATION RESOURCES WITHIN AN ENTERPRISE MANAGEMENT SYSTEM

In addressing the integrity of documents in modern information systems, the focus is on protecting them from unauthorized user changes. At the same time, the solution to the problem of ensuring the preservation of the composition, content, and interaction of documents has almost not been considered. However, such a task often has to be solved during the operation of information systems, as well as enterprise management systems handling unstable business processes. To address this issue, an approach has been proposed to unify solutions to the task related to the integrity of paper-based documents circulating within an enterprise management system, as well as electronic documents and stored information system data. The existing service registry models have been analyzed, aimed to formally describe the resources of the information system and an enterprise management system based on this information system. Models of elements of the unified information resource registry have been modified, and a model for ensuring the integrity of an enterprise's information resources has been developed. The proposed improvements make it possible to use current and multi-tested methods to address the integrity of information resources. Experimental testing of improved models of a unified information resource registry has been carried out. The task of ensuring integrity was considered for a regulatory document that should change its name and its composition as a result of external and internal factors. It has been shown that the application of the proposed results makes it possible to solve the task of ensuring the integrity of information resources such as paper-based regulations of an enterprise management system, within the framework of a unified registry of information resources by existing database management systems


Introduction
The concept of "information resource" (IR) is multi-faceted; its definition depends on the subject area. In information systems (IS), for example, a resource refers to the tools used by IS to process information [1]. IR in IS can be represented in two main ways: in the form of data and in the form of documents. At the same time, the IS focuses on factual documents that reflect in the system the events that take place in the life of an enterprise [2]. Therefore, most IS IR descriptions, as well as operations over these resources, are based on a limited number of basic formal models.
However, approaches to addressing an important problem such as the integrity of IS IR are now fundamentally different. In [3], the task of ensuring the integrity of data is stated as the task to ensure that data within a database (DB) are correct (as much as possible). Declarative solutions to this problem are predicates that describe limitations in integrity and yield "TRUE" values in verification. The integ-rity of IS resources refers to the state in which their change is intentionally carried out by entities entitled to it. At the same time, the composition, content, and organization of IS resource interactions are maintained [1].
As a result of this discrepancy, there are unresolved issues related to ensuring the correct composition, content, and organization of interaction between IR of different nature. In particular, unique solutions are required in order to organize verification of the correct composition, content, and organization of interaction among various documents, as well as documents and IS database. Therefore, it is a relevant task to develop new and modify existing solutions to unify the integrity of IS IR.

In addressing the integrity of documents in modern information systems, the focus is on protecting them from unauthorized user changes. At the same time, the solution to the problem of ensuring the preservation of the composition, content, and interaction of documents has almost not been considered. However, such a task often has to be solved during the operation of information systems, as well as enterprise management systems handling unstable business processes. To address this issue, an approach has been proposed to unify solutions to the task related to the integrity of paper-based documents circulating within an enterprise management system, as well as electronic documents and stored information system data. The existing service registry models have been analyzed, aimed to formally describe the resources of the information system and an enterprise management system based on this information system. Models of elements of the unified information resource registry have been modified, and a model for ensuring the integrity of an enterprise's information resources has been developed. The proposed improvements make it possible to use current and multi-tested methods to address the integrity of information resources. Experimental testing of improved models of a unified information resource registry has been carried out. The task of ensuring integrity was considered for a regulatory document that should change its name and its composition as a result of external and internal factors. It has been shown that the application of the proposed results makes it possible to solve the task of ensuring the integrity of information resources such as paper-based regulations of an enterprise management system, within the framework of a unified registry of information resources by existing database management systems
Keywords: information system, document, information resource, integrity of the resource, predicate, service registry processing of users' electronic medical records. However, the focus of the issue of IR integrity is on authentication of sources of documents and ensuring that documents are protected from hacking. For example, in order to ensure the integrity of electronic medical cards in the cloud, a verifiable scheme of encryption of signatures based on attributes using blockchain is proposed in [10]. It is also suggested that each electronic medical card transaction be stored as a transaction in a public blockchain, which ensures that such cards cannot be changed. However, the possibility of changing the composition and content of the electronic medical card is not considered in [10] due to the emergence of new diagnostic methods and tools.
Paper [11] proposes a solution to the integrity problem for a centralized repository of electronic medical records. However, the solution offered is based on two-way authentication for authorized users, verifying the signature of an incoming request, and notifying the threat system. The issues of ensuring the integrity of the electronic medical card's composition and content after the changes and additions have been made to it remain unresolved.
Their review of the above publications suggests that modern solutions to the problem of ensuring the integrity of IR possess the following features: a) they are aimed mainly at solving the problems of authentication of sources of documents and protection of documents from unauthorized hacking; b) they are based on assumptions about the stability of the array of documents within IS, and the invariability of the composition and content of documents during the long-term IS operation; c) issues of the correctness of the content of documents in IS are solved exclusively at the level of databases that organize the storage of factual data from documents of various kinds.
The integrity issues related to IS IR, which automate the time-changing processes at an enterprise, should be recognized only partially resolved. The lack of models and methods to ensure that the composition and content of documents as sources of input, intermediate, and output information within an IS is recognized as a major unresolved part of the issue of integrity. All this suggests that a study on improving the integrity model of IR within an enterprise management system (EMS) is appropriate.

The aim and objectives of the study
The aim of this study is to build a model of IR integrity within EMS. As a result of this work, the model should ensure the integrity of paper-based documents as a form of EMS IR in the face of constant impact on their composition and content caused by external or internal factors. That could make it possible to ensure the integrity of EMS IR using standard means regardless of the nature of these resources.
To accomplish the aim, the following tasks have been set: -to build a model of the unified registry (UR) of EMS IR by modifying the IS service registry model set by the standard UDDI v. 3.0.2; to test the possibility to ensure the integrity of IR in the face of the impact on these resources caused by external and internal factors. approaches, models, methods, and ways to solve the problem that are not tied to specific subject areas. For example, paper [4] considers the system architecture to test the integrity of the blockchain-based electronic document platform using the pre-checking method of electronic documents. However, there is little or no consideration of changes in [4] in the set of documents caused by improved business legal frameworks or business process scenarios. The reason for this is the [4] presentation of the integrity of documents only from the point of view of the interpretation [1] of the concept of the integrity of IS resources. Therefore, the purpose of study [4] is limited to the development of ways to prove the stability of electronic documents in the blockchain platform.
Separately, within the framework of this approach, the development and improvement of methods for verifying electronic and printed documents are being considered. [5] proposes a document verification method designed to ensure authenticity, integrity, accessibility, and avoiding authorship. However, the main purpose of this method is to prevent the falsification of documents. The task of ensuring the integrity of documents as a variant of IS IR is not considered in [5].
The second area is to study particular cases of solving the problem of ensuring the integrity of documents in both the IR of specific IS or IS for a specific subject area. However, in most publications, the proposed solutions consider the use of already known methods and techniques to ensure the integrity of documents for various purposes. For example, the solution to the problem of ensuring the integrity of the user's activity audit log in the Skyline app is considered in [6]. This application is designed to create targeted methods of mass spectrometry and quantitative data analysis. To protect the integrity of the audit log, the use of built-in hashes is recommended in [6]. The solution to the task of ensuring the integrity of the composition and content of the audit log of activities was not considered in [6].
The description of the SPROOF platform for decentralized processing and management of digital documents in education is presented in [7]. In this case, however, the solution to the task of ensuring the integrity of documents is based on the use of hashes and the mechanism of keys. The solution to the problem of ensuring the integrity of the composition and content of the documents, taking into consideration their possible changes over time, has not been given in [7]. The reason for this is the initial assumption that the composition and content of the digital documents on which the results are based are unchanged.
The mechanism of keys is the basis for the solution to the integrity of the biometric electronic identification system, the architecture of which is proposed in [8]. In addition, a biometric electronic ID system is proposed to verify user authentication in [8]. However, the cited study's materials are based on the assumption that all documents remain unchanged for a long time. This assumption may be true for areas where the composition and content of documents considered as IR have not changed for a long time. An example of this subject area is the non-cash financial transactions discussed in [9]. Therefore, one of the key components of such transactions considered in [9] is the integrity of the data, rather than the integrity of the documents. The possibility of changing the composition of bank transactions was not considered in [9].
The greatest focus in modern research is to ensure document integrity in various e-health ISs. In this case, the emphasis now is on issues related to the filling, storage, and

The study materials and methods
The definition of "integrity of IS resources" given in [1] divides the task of ensuring the integrity of IR into two separate sub-tasks: a) the sub-task of ensuring the change of IR by IS entities entitled to do so (sub-task No. 1); b) the sub-task for ensuring the preservation of the composition, content, and organization of the interaction of IS resources and other IS resources (sub-task No. 2).
It should be noted that in the DB theory, these two subtasks are the following separate tasks [3]: a) the task of protecting data to prevent unauthorized users from accessing them; b) the task of maintaining the integrity of data to prevent their destruction when accessed by authorized users.
These tasks are generally solved for each specific DBMS. Therefore, we shall proceed from the assumption that an IS database is the main tool for storing an enterprise's data. Storage of data in the form of paper documents is be considered only as an auxiliary tool of the current EMS. Using this assumption, it is possible to represent the IR integrity model as a set of predicates similar to the DB integrity model [3].
Most ISs use service registries to store metadata on services that form output documents based on data from input documents. Many of these registries continue to be based on a model set by the UDDI v. 3.0.2 standard [12]. This model is represented in [13] by the category M rfs in the following form: where uddi bE L is the subcategory describing the uddi:busines-sEntity aggregate of the UDDI standard data model; uddi bS L is the subcategory describing the uddi:businessService aggregate of the UDDI standard data model; uddi bT L is the subcategory describing the uddi:bindingTemplates aggregate of the UDDI standard data model; uddi tM L is the subcategory describing the uddi:tModels aggregate of the UDDI standard data model; is the mapping that establishes a hierarchy of "one to many" subordination for the elements of categories uddi bS L and , uddi pA L respectively. A detailed description of the model elements (1) is available in [13].
Using the IS Service Registry Model (1) to formally describe the EMS IR makes it possible to represent any document as an element that may refer to one of the following subsets: a) a subset of IS service input documents; b) a subset of IS service output documents; c) a subset of documents not implemented by exploited IS services. Such a representation makes it possible to formally describe any document as a special case of the functional EMS service. Then one can use the element uddi bS L of model (1) to describe documents as a variant of IR. This element takes the following form: where serviceKey is the identifier of a copy of the uddi:businessService element published in the service registry; bS_ Name is the data aggregate that lists the names of this copy of the uddi:businessService element; bS_description is the data aggregate that is a list of descriptions of a given copy of the uddi:businessService element; bS_categoryBag is the data aggregate that is a set of data structures that make it possible to categorize a given copy of uddi:businessService element using existing business aspects classification systems; bS_ signature is the data aggregate that is a list of digital signatures certifying the authenticity of a given copy of the uddi: h is the morphism co-cones that establish a hierarchical "one-to-many" relationship between the parent copy of the serviceKey object and the children's copies of the objects bS_ Name, bS_description, bS_categoryBag and bS_ signature in the subcategory , An ontological approach is used to describe the bS_description aggregate. In accordance with this approach, the bS_description aggregate describing the concept K j of any service can be represented as a tuple in the following form: where bS_description(K j ) is the model of the bS_description aggregate used to formalize the concept K j of the service used in IS; n j is the attribute that describes the unique designation of concept K j ; x j n is the attribute that describes the unique designation of the x-th attribute x j a of concept where N is the number of attributes in the K j concept description; x j T is the attribute that describes the type of the x-th attribute of x j a of concept K j ; ( ) j k K K R is the set of tuples of the attributes that establish the fact of the existence of connections of different types (association, aggregation, composition, generalization, dependence) between concept K j and concept K k , whose each element takes the form given in [13]: where n r is the unique link between concept K j and concept K k ; { } , y y j j n T is the subset of the attributes of concept K j that participates in the formation of link , S is the attribute that describes the degree of participation of the concept K k instances in the formation of the link ; is the set of the tuples of attributes that establish the identity between concept K j and concept K k , whose each element takes the form given in [13]: where Id φ is the monomorphism identifier that establishes the identity between concept K j and concept K k ; n k is the attribute that describes the unique designation of concept K k , which is identical to concept K j ; (R jk ) is the set of the links described by tuples (4), which involve concept K j and concept K k . Then, in accordance with the theoretic-multiple model of the service proposed in [14], the bS_description aggregate used to describe any i-th service s i , takes the following form given in [13]:

5.
Results of studying a model of the enterprise management system resource integrity

1. Building a model of the unified registry of information resources within an enterprise management system
The specified sub-tasks to ensure the integrity of a variety of IS IR is only possible if declarative descriptions of these resources are unified. To this end, it is necessary to build a model of EMS IS IR by modifying the model of the IS registry set by the standard UDDI v. 3.0.2. The purpose of this modification is to adapt the service registry model to describe the metadata of documents on paper that are not implemented in IS but are used in EMS. This is possible if one represents the document on paper as a service with the following features: a) the input structures of the service's data are the same as its output data structures; b) the value of the accessPoint object of model (1)  Then any document on paper can be described by model (2). In this case, the elements of model (2) are defined as follows: the serviceKey element is the document template identifier as an uddi:businessService element published in the registry; the bS_ Name element is the data aggregate that describes the document template name list as a copy of the uddi:businessService element; the bS_description element is the data aggregate that is a list of descriptions of the document template as a copy of the uddi:businessService element; -the bS_categoryBag element is the data aggregate that is a set of data structures that make it possible to classify a document template as a copy of an uddi:busi-nessService element using existing business aspects classification systems; -the bS_signature element is the data aggregate that is a list of digital signatures (or other modifications) that certify the authenticity of copies of a document created on the basis of a document template as a copy of an uddi:businessService element.
To solve sub- where serviceKey i is the value of a serviceKey element that uniquely identifies the i-th document; bS_signature i is the electronic digital signature of a person claiming to be the author of the i-th document.
Then the solution to sub-task No. 1 can be represented in the form of the following algorithm.
Step 1. Determine the value of an element bS_ Name m for a document that is being modified.
Step 2. Determine the value of an element serviceKey i provided bS_ Name i =bS_ Name m .
Step 3. Identify the subject of the control system, claiming the right to modify the document.
Step 4. Determine the digital signature bS_ signature i (or other rights to modification) of the subject identified in Step 3.

( )
, _ 1, rmd i i P serviceKey bS signature = recognize the right to modify a document titled bS_ Name m by the subject identified in Step 3.
Otherwise, the right to modify a document titled bS_ Name m by the subject identified in Step 3 is denied.
Complete the algorithm. To solve sub-task No. 2, it is proposed to modify the descriptions of the aggregate bS_ Name of model (2), as well as aggregates (3) and (6). To this end, we introduce two additional attributes τ b and τ b , whose values set the date and time of the start and end of using concept K j to describe the service. Then the description of the aggregate bS_description(K j ) takes the following form: The use of expression (6) to describe documents on paper not implemented in IS is based on the above features of representation of such documents. Then, taking into consideration modification (8) of the aggregate bS_description(K j ), expression (6) to describe such EMS IR as a document on paper d i , takes the following form: The modified model (6) would take, in a general case, the following form: We shall introduce similar attributes into model (2) to describe the service life of a document in general. Then the bS_ Name aggregate of model (2) takes the form: bS Name Name (11) where Name is the name of a service or document on paper; τ s b is the time the service or paper document titled Name starts being operated; τ s e is the end of the service or a paper document titled Name.
Applying the standard declarative and reference limitations to the integrity of any DBMS makes it possible to solve sub-task No. 2 to describe the composition, content, and organization of EMS IR interactions. This statement is based on the representation of any concept as an element of the structure of a paper document in the form of a variable in the relation { } , .
xt xt ip ip n T Thus, the EMS IR integrity model would be a set of the following predicates: a) predicate (7), whose value is determined for paper and electronic documents within EMS; b) a set of standard predicates that declaratively define the integrity model for descriptions (2), (10), and (11) of paper and electronic EMS documents.

2. Checking the possibility to ensure information resource integrity within an enterprise's management system
To verify our results, we shall consider the task of ensuring the integrity of the IR within the management system at the Kharkiv National University of Radio Electronics (NURE). As an example of the paper document, we shall consider the regulatory document "Standards of time for planning and accounting of educational, methodological, scientific, organizational, and pedagogical work for the scientific and educational employees (SEEs) at NURE". A given document contains a list of different rules and their values that are applied when tackling the task of planning the individual activities by SEEs at NURE. The responsibility for ensuring the integrity of this document lies with the NURE academic department. Decisions to change a given document are approved by the Rector of NURE.
The description of the document under consideration as of 01.03.2021 is given in Tables 1, 2. Tables 1, 2 are fragments of universal relationships that describe the implementation of models (2) and (10)  h of model (2) were omitted, whose implementation is determined using the serviceKey element as a key. Similarly, Table 2 omitted the service attributes used as keys to link the descriptions of concepts and their attributes. In 2020, the policy of the Ministry of Education and Science of Ukraine on the financing of higher education institutions was changed, which became an external factor. An internal factor was the change in the composition of the document "SEE Individual Plan". In particular, information about the employee's pedagogical plans for the upcoming academic year was excluded from the document. In addition, an additional internal factor was the change in the organizational structure of NURE. These factors predetermined the need to modify the composition and content of the document in question. Accordingly, the task of ensuring the integrity of a given document as an IR of the NURE management system has arisen.
A task force led by Vitaly Nikolayevich Tkachev, Assistant Rector for IT, was set up to develop a new version of the document. As a result of the implementation of this management decision, the bS_signature aggregate in Table 1 acquired additional values ( Table 3).
The introduced changes, based on models (2) and (11), to the content of the document in question have allowed us to successfully resolve sub-task No. 1 when modifying a given document. V. N. Tkachev began to be perceived by the registry as a subject entitled to modify the document with serviceKey=103. Consequently, predicate (7) for entries describing the draft of the new composition of a given document and being put into the registry on behalf of V. N. Tkachev accepts true values.
During the modification, the document changed its title, composition, and content. As a result of this change, the metadata about this document in the registry took the form shown in Table 4. Table 3 The result of value modification for the bS_signature aggregate The following descriptions of the composition of a given document have been changed: a) we determined the values of attribute "03.06.2021", t ipe τ = for the following concepts: -"Standards of the number of students for lecture activities, academic group, training group for the planning and accounting of educational work"; -"Standards of time for the planning and accounting of the training and methodological work by SEEs"; -"Standards of time for the planning and accounting of the organizational and pedagogical work by SEEs"; -"Standards of time for the planning and accounting of the methodological and organizational work by lecturers at the Department of Foreign Languages"; -"A list of additional types of methodological, organizational, and pedagogical work by lecturers at the Departments of the Faculty of Education of Foreign Citizens at NURE and the norms of time to implement them"; b) for the concepts of "Standards of time for the planning and accounting of the training work by SEEs," "Time standards for the planning and accounting of the methodological, scientific, and organizational work by SEEs responsible for the social and psychological service Table 2 The original description of the composition of the document in the registry  at NURE", and "Time standards for the planning and accounting of the methodological, scientific, and organizational work by SEEs at Gender Education Centre", the value for attribute τ t ipe was left empty; c) the following new concepts have been introduced: -"Standards for the number of applicants for higher education in the academic group, the study group, lecture activities for the planning and accounting of educational work"; -"Standards of time for the planning and accounting of the methodological work by SEEs"; -"Standards of time for the planning and accounting of the organizational work by SEEs"; -"A list of additional types of methodological work by SEEs at the Department of Foreign Languages and the norms of time for planning and accounting"; -"Standards of time for the planning and accounting of the organizational work by SEEs at Department of Physical Education and Sport"; d) for the new concepts introduced, the "03.06.2021", t ipe τ = attribute values were determined; the τ t ipe attribute value was left empty.
As a result of these changes, registry records reflecting the current composition of the document in question have taken the form shown in Table 5. Table 5 The current description of the composition of the document in the registry   The changes made make it possible to successfully solve sub-task No. 2 and ensure that the composition of the document in question as an IR within the NURE management system is maintained. Other functions of sub-task No. 2 are addressed, in this case, by standard DBMS techniques, which implement the proposed integrity models. These functions include ensuring that the content is preserved and versions of the document interact with each other and with other IS resources.

Discussion of results of building a model of the information resource integrity within an enterprise's management system
The solutions developed to ensure the integrity of EMS IR are based on the assumption that modern enterprises should be automated. According to this assumption, EMS should be based on automated IS. Only then is it possible to combine descriptions of different IRs based on UR. To this end, during our study, we worked hard to modify the existing model of IS service registry based on the UDDI v. 3.0.2 standard. The results of this modification are represented in the form of models (8) to (11). A feature of these results, which distinguishes UR from existing IS service registries, is the possibility to store both descriptions of IS services and descriptions of paper documents within EMS. The implementation of such a registry is supposed to be in the form of a special database, which stores descriptions of documents on paper, as well as functional IS services that interact with the IS database.
The resulting models have allowed us to represent a solution to the task of ensuring the integrity of EMS IR as a set of standard predicates-limitations of integrity, to which predicate (7) is added. A given predicate protects IR from change by an unauthorized subject.
The proposed solution to the IR integrity problem is limited to the condition of separate solution of sub-tasks No. 1 and No. 2. This means that mechanisms to protect IR from misrepresentation by unauthorized actors in the management system must be separated from the mechanisms for managing the integrity of these resources. This limitation is in line with the existing approaches and the technique to solve the above sub-tasks at present. However, any improvement in the methods and techniques to ensure the integrity of IR could transform this limitation into a drawback of the proposed integrity model.
Constructing and operating UR would require additional work and time to fill in the registry with descriptions of documents and services. However, these costs would be offset by a reduction in the cost of dealing with such tasks during IS operation as defining requirements for new IS services based on paper documents; the optimization of the composition and content of documents and services within EMS; the optimization of document turnover within EMS.
Another drawback of the resulting IR integrity model is its focus on an enterprise's employees as authors of EMS documents. That raises problems in integrating service metadata that describe IS database users, as well as an enterprise's personnel data. Modern approaches to these challenges are a possible topic of further research into the integrity of IR.

1.
We have built an EMS IR UR model by modifying the IS registry model set by the UDDI v. 3.0.2 standard. The resulting modification model makes it possible to solve the sub-tasks of ensuring the integrity of IR, regardless of their implementation in the IS of a given enterprise. These subtasks are solved, in this case, by standard, proven methods, which greatly improves the reliability of such a solution. The IR UR model essentially implies supplementing, with a special predicate, a standard set of predicates that declaratively determine the model of integrity on the improved models of IR UR elements.
2. The developed IR integrity model has been tested. The verification was carried out when solving the task of ensuring the integrity of the regulatory document "Standards of time for the planning and accounting of the educational, methodological, scientific, organizational work by SEEs at NURE". This document has undergone changes due to the simultaneous influence of external and internal factors. The results of our testing suggest that the sub-task to ensure the integrity of EMS IR can be solved by the standard DBMS methods, within which the IR UR is to be implemented. Continuation of Table 5