On the problem of representation of the formal model of security policy for operating systems

On the problem of representation of the formal model of security policy for operating systems

In connection with the process of implementation by the Federal Service for Technical and Export Control of Russia "Information Security Requirements for Operating Systems", the work analyzes the ways of fulfilling the requirements of the functional component ADV_SPM.1 "Formal Securit...

Full description

Bibliographic Details
Main Author: P. N. Devyanin
Format: Article
Language:English
Published: Ivannikov Institute for System Programming of the Russian Academy of Sciences 2018-10-01
Series:Труды Института системного программирования РАН
Subjects:
информационная безопасность
политики безопасности
формальные модели
Online Access:https://ispranproceedings.elpub.ru/jour/article/view/274
id doaj-7aecdf5bf6094155b76fbc30a69150dd
record_format Article
spelling doaj-7aecdf5bf6094155b76fbc30a69150dd2020-11-25T01:15:40Zeng Ivannikov Institute for System Programming of the Russian Academy of SciencesТруды Института системного программирования РАН2079-81562220-64262018-10-0129371610.15514/ISPRAS-2017-29(3)-1274On the problem of representation of the formal model of security policy for operating systemsP. N. Devyanin0Федеральное учебно-методическое объединение высших учебных заведений России по образованию в области информационной безопасностиIn connection with the process of implementation by the Federal Service for Technical and Export Control of Russia "Information Security Requirements for Operating Systems", the work analyzes the ways of fulfilling the requirements of the functional component ADV_SPM.1 "Formal Security Policy Model", including defining the language, depth and detail of the presentation of the access control policy and information flows. Among other things, proposals are given on the composition of the main elements of the model, the use of tools for its verification. The practical possibility of applying the proposed approaches is considered by the example of the presentation of the description and verification of the mandatory entity-role security model for logical access control and information flows as the basis of the access control mechanism in the special-purpose operating system Astra Linux Special Edition.https://ispranproceedings.elpub.ru/jour/article/view/274информационная безопасностьполитики безопасностиформальные модели
collection DOAJ
language English
format Article
sources DOAJ
author P. N. Devyanin
spellingShingle P. N. Devyanin
On the problem of representation of the formal model of security policy for operating systems
Труды Института системного программирования РАН
информационная безопасность
политики безопасности
формальные модели
author_facet P. N. Devyanin
author_sort P. N. Devyanin
title On the problem of representation of the formal model of security policy for operating systems
title_short On the problem of representation of the formal model of security policy for operating systems
title_full On the problem of representation of the formal model of security policy for operating systems
title_fullStr On the problem of representation of the formal model of security policy for operating systems
title_full_unstemmed On the problem of representation of the formal model of security policy for operating systems
title_sort on the problem of representation of the formal model of security policy for operating systems
publisher Ivannikov Institute for System Programming of the Russian Academy of Sciences
series Труды Института системного программирования РАН
issn 2079-8156
2220-6426
publishDate 2018-10-01
description In connection with the process of implementation by the Federal Service for Technical and Export Control of Russia "Information Security Requirements for Operating Systems", the work analyzes the ways of fulfilling the requirements of the functional component ADV_SPM.1 "Formal Security Policy Model", including defining the language, depth and detail of the presentation of the access control policy and information flows. Among other things, proposals are given on the composition of the main elements of the model, the use of tools for its verification. The practical possibility of applying the proposed approaches is considered by the example of the presentation of the description and verification of the mandatory entity-role security model for logical access control and information flows as the basis of the access control mechanism in the special-purpose operating system Astra Linux Special Edition.
topic информационная безопасность
политики безопасности
формальные модели
url https://ispranproceedings.elpub.ru/jour/article/view/274
work_keys_str_mv AT pndevyanin ontheproblemofrepresentationoftheformalmodelofsecuritypolicyforoperatingsystems
_version_ 1725151839955976192

Similar Items