APPLIED ASPECTS OF COMPUTER SCIENCE
G. P. Akimova, A. Yu. Danilenko, E. V. Pashkina, M. A. Pashkin, A. A. Podrabinovich, I. V. Tumanova Mandatory Control in Automated Information Systems
IMAGE PROCESSING METHODS
CONTROL SYSTEMS
CONTROL AND DECISION-MAKING
G. P. Akimova, A. Yu. Danilenko, E. V. Pashkina, M. A. Pashkin, A. A. Podrabinovich, I. V. Tumanova Mandatory Control in Automated Information Systems
Abstract. 

The article discusses access control and integrity control using mandatory algorithms. Currently, these approaches to ensuring information security are not widely used in the development of automated information systems due to restrictions on their implementation. The authors proposed a change in these restrictions, replacing them with a number of rules that allow more accurately take into account the business logic of operating organizations. This approach allows to significantly expand the application of mandatory control in all types of information systems.

Keywords: 

information security, automated information systems, mandatory access control, mandatory integrity control.

DOI 10.14357/20718632200301

PP. 3-12.
 
References

1. Bell D.E., La Padula L.J. Secure Computer Systems: Unified Exposition and Multics Interpretation. - Bedford, Mass.: MITER Corp., 1976. - MTR-2997 Rev. 1.
2. Biba, K. J. Integrity Considerations for Secure Computer Systems, MTR-3153, The Miter Corporation, June 1975.
3. Sredstva vychislitel'noy tekhniki. Zashchita ot nesanktsionirovannogo dostupa k informatsii. Pokazateli zashchishchennosti ot nesanktsionirovannogo dostupa k informatsii. Rukovodyashchiy dokument FSTEK. [Computer facilities. Protection against unauthorized access to information. Indicators of security against unauthorized access to information. FSTEC guidance document]. http://www.fstec.ru/_docs/doc_3_3_003.doc.
4. Ob utverzhdenii trebovaniy o zashchite informatsii, ne sostavlyayushchey gosudarstvennuyu taynu, soderzhash-cheysya v gosudarstvennykh informatsionnykh sistemakh. [On approval of requirements for the protection of infor-mation not constituting state secrets contained in state information systems. Order of the FSTEC of Russia].
5. Ob utverzhdenii sostava i soderzhaniya organizatsionnykh i tekhnicheskikh mer po obespecheniyu bezopasnosti personal'nykh dannykh pri ikh obrabotke v informatsionnykh sistemakh personal'nykh dannykh. [On approval of the composition and content of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems. Order of the FSTEC of Russia].
6. Mandatnaya model' upravleniya dostupom (MAC): obzor i primeneniye v prikladnykh sistemakh. [Mandatary Access Control Model (MAC): overview and application in application systems]. https://habr.com/en/company/avanpost/blog/482060/, available 05.02.2020.
7. Akimova G.P., Danilenko A.Yu., Pashkina E.V., Pashkin M.A., Podrabinovich A.A., Soloviev A.V., Tumanova I.V. 2019. Podkhod k avtomatizatsii delovykh protsessov nauchnoy organizatsii. Chast' 2. Obespecheniye informatsionnoy bezopasnosti. [An approach to the automation of business processes of a scientific organization. Part 2. Ensuring information security]. Sistemy vysokoy dostupnosti. [High Availability Systems]. 2: 20-31. DOI 10.18127 / j20729472-201902-02.
8. Danilenko A.Yu. 2020. Bezopasnost' sistem elektronnogo dokumentooborota: Tekhnologiya zashchity elektronnykh dokumentov. Izd. 2-ye, dopolnennoye. [Security of electronic document management systems: Technology for the protection of electronic documents. Ed. 2nd, supplemented]. Moscow: LENAND. 240 p.
9. Operatsionnaya sistema QP OS. [The operating system QP OS]. https://cryptosoft.ru/qpos.html.
10. Sistema upravleniya bazami dannykh QP DB. [Database Management System QP DB]. https://cryptosoft.ru/PO1.html.
11. Operatsionnaya sistema spetsial'nogo naznacheniya «Astra Linux Special Edition». Rukovodstvo po KSZ. Chast' 1. [The special-purpose operating system "Astra Linux Special Edition". KSZ Guide. Part 1]. Moscow: RUSB. 10015-01 97 01-1. 2018.
12. SELinux Documentation. https://www.nsa.gov/what-we-do/research/selinux/documentation/
13. Steve Riley on Security. Mandatory integrity control in Windows Vista. https://docs.microsoft.com/en-us/archive/blogs/steriley/mandatory-integrity-control-in-windows-vista.
14. Matthew Conover. Analysis of the Windows Vista Security Model. https://pdfs.semanticscholar.org/08b8/e93db85403bec019ff091048c4342a72d301.pdf.
 
2020 / 03
2020 / 02
2020 / 01
2019 / 04

© ФИЦ ИУ РАН 2008-2018. Создание сайта "РосИнтернет технологии".