Implementation of a non-degenerate lattice of integrity levels within the hierarchical representation of MROSL DP-model

This article presents a new level of the hierarchical representation of the mandatory entity-role DP-model of access and information flows control in an OS of Linux set (MROSL DP-model). This model is a scientific base for the development and implementation of the secure access control in OS Astra Linux Special Edition. Four levels were earlier defined within the hierarchical representation of MROSL DP-model. Each lower level is an abstract system with elements which are independent of the new elements belonging to a higher level of the model. When is needed, a higher level inherits, corrects or complements lower level elements. The first level corresponds to the role-based access control (RBAC), the second level – RBAC and mandatory integrity control (MIC), the third level – RBAC, MIC and mandatory access control (MAC) with the information flows by memory, and the fourth level – RBAC, MIC and MAC with the information flows by memory and by time. The fifth level is the new level of the model. It corresponds to RBAC and MIC with the non-degenerate lattice of integrity labels. Only two integrity labels in the lattice are situated at the second level of the model: high label – for the system and privileged users and low label – for non-privileged users. Therefore, the fifth level of the model is essentially an alternative third level including an arbitrary set of integrity labels. The aim of the new level is to produce the modelling MIC by using the technology of the virtualization or as a part of a network domain architecture.