Proceedings of ISP RAS

On the problem of representation of the formal model of security policy for operating systems

P.N. Devyanin (FEMA HE IS, Moscow, Russia)


In connection with the process of implementation by the Federal Service for Technical and Export Control of Russia "Information Security Requirements for Operating Systems", the work analyzes the ways of fulfilling the requirements of the functional component ADV_SPM.1 "Formal Security Policy Model", including defining the language, depth and detail of the presentation of the access control policy and information flows. Among other things, proposals are given on the composition of the main elements of the model, the use of tools for its verification. The practical possibility of applying the proposed approaches is considered by the example of the presentation of the description and verification of the mandatory entity-role security model for logical access control and information flows as the basis of the access control mechanism in the special-purpose operating system Astra Linux Special Edition.


information security, security policies, formal models


Proceedings of the Institute for System Programming, vol. 29, issue 3, 2017, pp. 7-16.

ISSN 2220-6426 (Online), ISSN 2079-8156 (Print).

DOI: 10.15514/ISPRAS-2017-29(3)-1

Full text of the paper in pdf (in Russian) Back to the contents of the volume