Abstract

The access control mechanism is the basis for ensuring the security of system software (OS or DBMS). In accordance with the requirements of regulatory documents of domestic regulators for certified information security tools, as a scientific basis for the implementation of such a mechanism, a formal access control model that meets the GOST R 59453.1-2021 criteria should be developed. Such a formal model for the Astra Linux operating system certified for the highest protection classes and assurance levels is the mandatory entity-role model of access and information flows security control in OS of Linux family (MROSL DP-model). Taking into account the introduction of new elements into the access control mechanism of the Astra Linux and in order to ensure a more accurate correspondence of the model description to this mechanism, the development of scientifically based technologies and practices for the development and verification of formal models, the MROSL DP-model is regularly revised. Another such revision of the model now has been completed for two levels of its hierarchical representation, corresponding to role-based access control (representing discretionary access control, traditional for the OS of Linux family) and mandatory integrity control, reflecting the most significant changes in the Astra Linux release 2023. The article analyzes the main results of this revision, within which: functions that define new entity labels are introduced, the composition and descriptions of the de-jure rules for transforming system states, administrative and negative roles are changed, the wording is corrected and several statements are re-proved, and other changes are made in the model description.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.