About results of designing hierarchical representation of mrosl DP-model | Applied Discrete Mathematics. Supplement. 2016. № 9.

About results of designing hierarchical representation of mrosl DP-model

This article describes new approach to the hierarchical representation of mandatory entity-role DP-model of secure access and information flows control in OS of Linux set (MROSL DP-model). Existing "monolithic" description of MROSL DP-model is the basis of the access control mechanism in secure OS Astra Linux Special Edition. However, "monolithic" description of MROSL DP-model has considerable size and complexity. It is inconvenient for scientific analysis, verification and further development, as well as for its direct application in OS Astra Linux Special Edition. For this reason, a hierarchical representation of MROSL DP-model is completely revised, and we can describe it through its levels. Thus, each lower level of MROSL DP-model is an abstract system, whose elements are independent of the new elements belonging to a higher level of MROSL DP-model. When it is necessary, a higher level inherits, corrects or complements the lower level elements. There are four levels in this hierarchical representation of MROSL DP-model. First level corresponds to role-based access control (RBAC), second level - RBAC and mandatory integrity control (MIC), third level - RBAC, MIC and mandatory access control (MAC) with information flows by memory, and fourth level - RBAC, MIC and MAC with information flows by memory and by time. New levels of lateral "branches" may be added to MROSL DP-model in the future. Some alternative levels can be: alternative third level - RBAC, MIC and a model of hypervisor, or alternative fourth level - RBAC, MIC, MAC with information flows by memory and a model of RBAC in a network.

Download file

Counter downloads: 405

Keywords

компьютерная безопасность, формальная модель, иерархическое представление, Linux, computer security, formal model, hierarchical description, Linux

Authors

Name	Organization	E-mail
Devyanin P. N.	UMC FUMO IS IN	peter_devyanin@hotmail.com

Всего: 1

References

Девянин П. Н. Модели безопасности компьютерных систем. Управление доступом и информационными потоками: учеб. пособие для вузов. 2-е изд., испр. и доп. М.: Горячая линия - Телеком, 2013. 338 с.

Девянин П. Н. Необходимые условия нарушения безопасности информационных потоков по времени в рамках МРОСЛ ДП-модели // Прикладная дискретная математика. Приложение. 2015. №8. С. 81-83.

Девянин П. Н., Куликов Г. В., Хорошилов А. В. Комплексное научно-обоснованное решение по разработке отечественной защищенной ОССН Astra Linux Special Edition // Методы и технические средства обеспечения безопасности информации: Материалы 23-й науч.-технич. конф. 30 июня-03 июля 2014г. СПб.: Изд-во Политехи. ун-та, 2014. С.29-33.

Операционные системы Astra Linux. http://www. astra-linux.ru/

Astra Linux. https://ru.wikipedia.org/wiki/AstraX_Linux

Девянин П. Н., Кулямин В. В., Петренко А. К. и др. О представлении МРОСЛ ДП-модели в формализованной нотации Event-B // Проблемы информационной безопасности. Компьютерные системы. 2014. №3. С. 7-15.

Devyanin P., Khoroshilov A, Kuliamin V., et al. Formal verification of OS security model with Alloy and Event-B // LNCS. 2014. V.8477. P. 309-313.