P.N. Devyanin - Dr. Sc. (Eng.), Associate Professor, ULV IB

MAC and RBAC security DP-model (with realization roles as entities) of operating systems (OS) of Linux sets (MROSL DP-model) design for argumentation of security access control of Russian secure OS Astra Linux Special Edition. This article represents results of adaptation MROSL DP-model to conditions of functioning this secure OS and sequence to realization of its mechanism access control in concordance rules of model. Basic attention of this article focuses on most important examples of such relative «approximation» theory and practice of production secure OS. Including, realization roles and administrative roles as analogues entities or containers, separation all elements of model on de-jure elements (demanding realizations in OS) and de-facto elements (security OS used only for theoretical research, for example, for description conditions of creation of illegal information flows), inclusion in model typical elements of OS of Linux sets, realization special MAC and MIC attributes of containers such as Container Clearance Required (CCR), tasks for each accounting record user of individual roles and individual administrative roles are discussed. All elements of MROSL DP-model are considered with two points of view. At first, they analyze with point of view of their program realization in OS Astra Linux Special Edition. At secondly, they considered, taking into account prospects of further mathematical substantiation within the limits of model of properties modeled by OS (for example, formulations of algorithmically checked security conditions with use for this purpose only monotonous rules of transformation systems states). Experience of practical working out and realization of MROSL DP-model may be useful at creation of other secure OS with high level of trust to their security.