|
Mathematical Foundations of Computer Security
About modeling of MIC and MAC in PostgreSQL within framework of the MROSL DP-model
P. N. Devyanin Academy of Cryptography of Russian Federation
Abstract:
It is an urgent task to use complex software programs in the OS Astra Linux. Especially when these software programs implement their own access control. Firstly, an appropriate technical implementation is required for interfacing access control in software with OS Astra Linux mandatory integrity control (MIC) and mandatory access control (MAC). Secondly, it is important to ensure confidence in the security of such combination of access control of software programs and the OS Astra Linux. This is also necessary to ensure the safety of informational flows by memory or by time. The important example of such regular of the OS Astra Linux software program is PostgreSQL with initially implemented role-based access control (RBAC). Recently, certification of the OS Astra Linux was held on demand of the protection profile of general-purpose OS of the first (highest) protection class. The mandatory entity-role DP-model (MROSL DP-model) was developed and was verified in the course of the certification. This model is the scientific basis for the development of OS Astra Linux access control. This says about the feasibility of preparing to meet similar requirements with respect to PostgreSQL. In this regard, the results of the completion of the formation MIC, MAC and RBAC for PostgreSQL within framework of hierarchical representation of the MROSL DP-model are considered in the article. It is said about introducing changes in the levels for the OS Astra Linux and also about additions to sufficient conditions of security of access control.
Keywords:
computer security, formal model, access control, PostgreSQL.
Citation:
P. N. Devyanin, “About modeling of MIC and MAC in PostgreSQL within framework of the MROSL DP-model”, Prikl. Diskr. Mat. Suppl., 2019, no. 12, 161–165
Linking options:
https://www.mathnet.ru/eng/pdma460 https://www.mathnet.ru/eng/pdma/y2019/i12/p161
|
|