R.A. Dorokhin¹, O.A. Bezrodnykh², S.N. Smirnov³, V.A. Maystrenko4

1,3 Bauman Moscow State Technical University (Moscow, Russia)

2,4 Omsk State Technical University (Omsk, Russia)

The paper considers the task of studying the features of the protection system of the operating system Astra linux 1.6 SE (Further OS

Astra 1.6 SE). The basic principles of access control, functional features of protection modules, settings of some configuration files of the operating system, as well as types and features of classification marks are revealed. The result of this work is the proposal for the implementation of the possibility of configuring the basic access control mechanisms without using a graphical shell, the study of the principle of operation of these mechanisms, as well as the use of the features of kernel modules, configuration files for the design of a security system for computer facilities by information protection units. This operating system has a specific feature of the structure of the security system, since it includes mechanisms for mandatory access control, allowing access to be denied or allowed depending on the user's authority. The exchange and processing of information occurs with the use of classification labels, which make it possible to delimit information flows of different mandated contexts. These labels are written in accordance with GOST R 58256-2018 “Information security. Information flow control in the information system. Format of classification marks”. The paper analyzes traffic in different mandated sessions, and also considers the behavior of information flows regarding interaction in a network of computers with the installed OS Astra linux 1.6 SE and the security system configured on it. In this case, the exchange of data will occur both with users in the same sessions and in different ones that differ between computers.

Dorokhin R.A., Bezrodnykh O.A., Smirnov S.N., Maystrenko V.A. Analysis of the features of the protection system of the domestic specialpurpose operating system. Dynamics of complex systems. 2021. T. 15. № 1. Р. 38−47. DOI: https://doi.org/10.18127/j19997493-202101-04 (In Russian)

1. OPERACIONNAYA SISTEMA SPECIAL'NOGO NAZNACHENIYA «ASTRA LINUX SPECIAL EDITION» Rukovodstvo administratora. Ch. 1. RUSB.10015-01 95 01-1. 2018. 319 s.
2. OPERACIONNAYA SISTEMA SPECIAL'NOGO NAZNACHENIYA «ASTRA LINUX SPECIAL EDITION» Rukovodstvo po KSZ. Ch. 1. RUSB.10015-01 97 01-1. 2018. 172 s.
3. Osnovy i nastrojka PAM [Elektronnyj resurs] // IBM Developer. -URL: http://www.ibm.com/developerworks/ru/library/lpam/index.html (24.11.2020).
4. Yadernaya zashchita v Astra Linux SE 1.6 i kak ee vklyuchit'. Yadro Hardened.
5. [Elektronnyj resurs] // habr.com. -URL: https://habr.com/ru/sandbox/141410/ 6.      Metka bezopasnosti: struktura i sostav [Elektronnyj resurs] // Astra.wiki. URL: https://wiki.astralinux.ru/plugins/servlet/mobile?contentld=27361820#content/view/48763550 (24.11.2020)