Гайдамакин Теор Основы Компьютерной Безопасности 2008 New

Télécharger au format pdf ou txt
Télécharger au format pdf ou txt
Vous êtes sur la page 1sur 212

-

« . . . »

« »

. .

2008
. .

2008 .
I.
............................................................ 6
1.1.
................................................................................... 6
1.1.1.
........................................................... 6
1.1.2. 9
1.1.3. ,
.................................. 12
1.2. . 15
1.2.1. ,
................................................................................ 15
1.2.2. ............................................................... 19
1.3.
.......................................................................................... 22
1.3.1.
................................................................ 22
1.3.2. -

.......................................................... 23
1.3.3.
................................................................................... 28
1.3.4. ............... 35

II.
..................................................................................... 43
2.1.
.......................................................................................... 43
2.1.1. .
............................................. 43
2.1.2. .............................................. 46
2.1.3. ......................................... 50
2.1.3.1. - - (HRU- ) .................. 50
2.1.3.2. ................................ 53
2.1.3.3. TAKE-GRANT............................................................. 56
2.1.3.4. TAKE-GRANT....................................... 67
2.2.
.......................................................................................... 72
2.2.1. .............. 72
2.2.2. - ................................. 77

3
2.2.3. - ......................... 80
2.3.
.......................................................................................... 86
2.3.1. . 86
2.3.2. .................................................................... 90
2.3.3. - ...... 106
2.4.
........................................................................................ 112
2.4.1.
- ............................. 112
2.4.2.
.......................................................................................... 115
2.4.3. - .................. 125
2.5. -
............................................ 133
2.5.1.
................................................................................... 133
2.5.2.
............................................................................. 135
2.5.3.
" " " " ....... 140
2.6.
............................................................................................. 143
2.6.1.
..................................................................... 143
2.6.2. - .................................. 144
2.6.3. ...................................................... 145
2.6.4. -
( ) ....................................................... 148
2.7.
( ) ........................................................... 152
2.7.1. , ....... 152
2.7.2. ................................................. 155
2.8.
............. 159
2.8.1.
.............................................................. 159
2.8.2.
........................................................................................... 162
2.8.3.
................................. 167

4
III.
....................................... 178
3.1. -
............................................................................ 178
3.2. -
............ 181
3.2.1. - -

........................................................................................................ 181
3.2.2. -
..................................................... 186

................................................................. 190
I. HRU ................................................................................. 190
II. TAM ............................................................................. 192
III. TAKE-GRANT ............................................................ 196
IV. TAKE-GRANT ....................................... 199
V. - ....................................................... 201
VI.
............................................................ 203
VII.
..................................................................................... 206
VIII. -
........ 209

.................................................................... 212

5
I.

1.1.

1.1.1.

, -
,
. -
,
-
, -
.
, -
, -
, -
.
, ,
,
, -
, -
, ,

, , -
.
-
70-
-
-
. , - -

.
( ) -
. , . . , . ,
. , . , . , . , . .,
-
. -
, . , .
. ,
.
6
, , ,
, -
– ,
, -
.
,
, -
-
,
" "
. -
-
.
70- -
, -
, -
,
, , -
. . -
,

1977 . . " -
".
-

, , -
" ", 1983 . -
, ,
- - , ( )
- -
,
80- 90- .
. , . , . , . ,
. .
90- -
.
, , . . , -
- -
.
. . . . -
,
-
-
7
. . . -
, -

. . . . . -
, -
-
. , . . -
-
- , -
, -
, -
.

-
. . ,
( )
. . . , . . -

. -

, , -
- .
( . . , . . ,
. . , . . , . . .) -

, ,

8
1.1.2.

-
( ) " -
", -
( , , , ) -
.
" -
" , – -
( ), ( )
( ).
" "
, " ",
- ¸
- ,
, ( ),
- , -
( ). , -
( ) -
( ) ( )
.
( -
), , , -
( , ) .
" " (
1
( , ) ), -
, , ,
, -
( ) " -
" :
- ;
- ;
- .
-
( ) ,
,

, ,
. , -
, , -

1
" , ".
9
( -
, . . ), -
,
( ).
( ) -
, , , . . , . .
, -
.
, . .
, , -
,
( ) , .
, , [ ] ( -
) ,

.
, . ., ,
, -
.
,
( , ) -
. " " -
" ".
-
( , )
.
-
, " ", , -
:
- ;
- .

( , , -
) ( -
).
( ) -
-
( , , ).
,
. ,
( , -
/ ) (
) . -
10
. , -
. . , ,
,
- ,
.
, -
- , -
-
, , ( -
)
( ).
, , , . .
( -
) , . . .
,
-
-
.

, ,
, ( ), -
, [ -
] .

11
1.1.3. ,

(
).
. , -
,
, -
, , -
( ,
), ,

( ).
. , -
, (
)
( ),
.
.
, -
- - , -
, , ,
, - .
.
-
– -
, - , -
, – -
, .
. -
. . ,
, , ( -
).
.
– ( -
), (
), ,
, ( -
( ) ),
( ) .

12
. -
,
, -
, -
, - .
, ,
-
, - , -
, -
, , -
, -
.
- -
-
( . . 1.1).

.1.1.

, -
, -
, ,
,
13
, -
( ), ,
,
-
.
-
,
. . -
- .
-
, -
, -
, -
.
-
, -
– -
, -
, , -
( ) , -
, -
- .
,
, -
( ) , -
, -
, ,
. -

- . , -
-
-
- -
( ) , , -
-
.

14
1.2.

1.2.1. ,

-
-
, -
, , ( )
.
-
, -
, , [ -
] / [ -
] .
-
( ) -
, ,
. , -
, -
( -
, . . ,
;
).
– -
( ),
, -
.
.1.2 -
( ) – -
, , ,
. .
, -
,
. ., -
.

15
.1.2. -
( )

( )
– ( ), .1.2,
( " - ").
( -
, / -
) - , , -
/ - ( . .
), , /
( . . ,
).
- -
-
,
, – :

O = O1 ∪ O2 , O1 ∩ O2 = ∅ .

( ) . / -
16
,
( ), , ,
. ,
( ) .
-
- -
, , ,
. . -
– -
( –" -
", , -
); – -
-
( –" ").
- -
( ) -
, –
. . -
-
, , -
/ , . .,

. , -
, -
( ) .
, -
,
/ .

. -
" " .
, -
-
, -
,
.
51275-
99 " . . , -
",
, [ ] -
. ,
17
, , , , . .1.3. -
/ 3- ( . .
).

.1.3. 51275-99

, ( -
) , -
, -
.
.

( ), -
( ) .
,
,
, ( -
) , ( ), -
( ),
, , . .
.

18
1.2.2.

, -
-
, , -
( ) .

.
.1.4.

.1.4.

.
-
.
-
( ),
-

. , -
19
- -
,
-2 -3
2•10 ... 4•10 . -
, , -
,
2- ( -
) .
,

( ). -

, ,
.
,
( )
- , , -
-
, .
-
.
1. ( -
- , « », -
,
, , . . -
, 10-12).
2. , ( -
,

, ).
3. ).
, , , -
. .
-
( ),
-
, -
( ,
,
).
4. ( -
, . .
" ", -
, -
20
,
" ", . .).
5. , ,
,
.
, , " -
" , -
,
, -
, , -
, .

21
1.3.

1.3.1.

-
. -
, -
, -
. -
( , , -
. .) .

,
, -
:
- -
( ),
;
- ( )
( -
, , );
- -
-
.
-
" ( )- ( )-
( )".
,
, -
, . -
- -
- .
, , -
, -
.

22
1.3.2. -

-
.
-
.
1. .
2. tk -
, -
:
- S;
- O.
1.3.1. -
, -
, , -
.
1.3.2. -
,
.
-
( . . -
) ,

( ) , -
.
, , tk ,
, .
3. -
, -
.
1.3.4. ,
, ,
, -
,
.
, -
. ,

,
, , -

23
( ).
, -
, , -
( -
)
( . . ).
4.
( ).
1.3.5. oi sm
sj ,
oi sm .
, sj , -
sm .

:
Create (sj, oi)→ sm –" oi sm -
sj ".
Create . ,
, ,
tk , -
tk + 1.
Create
, - . , -

-
, -
. – -
-
. -
Create (sj, oi)→ ∅ .
,
, ,
-
( ),
.
1.3.6. oi tk -
sm ,
tk+1 ( . . sm -
, oi ).
1.3.6 , - -
, -
.
,
24
, -
( ) -
( ),
- . -
, -
, -
. ,
- -
-
, . , -
,
, ( ) -
.
-
,
. , -
- .
5.
, .
1.3.7. oi -
oj oj , -
sm oi .
:
Stream(sm , oi)→ oj –" oi(oj) -
oj(oi) sm ( sm)".
-
– , , , . . o i o j, -
, , -
, , -
, (∅) ( ,
). , -
1.3.7
, , ,
, . . , . ., – -
, , , ,
. . .
, ( ),
,
( , ). -
, 1.35 1.3.6
,
:

25
• - ;
• - .
- ( )
( ,
). -
- ,
( , ,
).
, ( -
) ( ), , ,
, -
.
5, , -
1.3.7, ( ) -
. -
.
1.3.8. sm oj -
sm oj -
( ) oi ( . ., , oi -
sm ).
1.3.8
- -
. -
P -

( P
).
,
, P
PN PL :

P = PL ∪ PN,

PL ∩ PN =∅,

PL – , ( )
;
PN – ,
( , -
) .
, -

.
26
1.3.9. -
,
PL .
1.3.9 -
,
, , ,
, (
), ( -
). , 1.3.9 -

, , -

.
, , , ,
,
,
.

27
1.3.3.

,
-
, -
.
1.3.1. -
1
( )
2
.
-
. -
( )
( )
( ) , ,
. , 1.3.1 -
( ) ,
, ,
, , -
- -
.
1.3.2.
( , . .) -
( )- ,
.

" ". -
,
.1.5.
, ( ,
), ( , ),
, ( -
, )
( - , ),
( , , ). -
,
– . . 1.5. .

1
– -
.
2
– -
.
28
( - )
( )

.1.5. .

)
(

.1.5. .

,
, ,
/ ,
( ) – .
. 1.5. . , (
),
, -

. , -
( ) . -
, -

29
, -
( ) .
, -
-
, -
:
1. . ( -
) -
, -
.
2. .
.
1
3. . -
( - )
.
4. .
, -
2
.
, -
,
-
. -
.
1.3.3. , -
(
) ( ), ( )(
).
1.3.3 , , -
, , -
- .
.
1.3.1 ( 1.3.3). -
( ), -
– . . -
( ), ( )
.

1
, -
.
2
, ,
.
30
-
, -
, , -
1
. , -
-
, .
1.3.2 ( 1.3.3). -
,
,
.
,

.
-
.

. ,

-
, . . ( ) -
. .
1.3.3 ( 1.3.3). -
( ), -
-
-
.
, , -
, ,

,
-
.
, -

, -
1
, -
/ ,
.
31
.
( , , ) ( -
) .
1.3.9
, . .
, ,
.

-
( )
. " -
", , " " -
, , .
( ) – -
.
,
1
, – .
,
" ". -
- -
, " -
" ( - ) .
2
, , -
.
, , -
, 1.3.8, 1.3.9 - .
( ) . -
( ) PL -
( ) -
" ( )- ( )- ".

" - ", . .
" ( )-
( )" (" ") -
/ -

1
, " "
, –
( , . .) ( ) -
, -
.
2
, , , ,
, .
32
/ (Read, Write . .). , -
-
– ,
.
( ) .
( ) PL
-
( ), -
( ),
- -
"
- ( )- ".
, , -

. ,
-

.
. ( -
) PL
- –
,
, -
, -
-
"
– ".
,
, -
, , -
-
.
. ( )
1
PL -
– , " "( -
) ,
( ), -

1
, , - .
33
.
-
- , ,
, -
( ).
-
, -
.
, -
-
( ) , ,
, ,
, .

, ,
. -

" ( )- - ".
-
. -
,
( ), -
- .

- .
( -
, , . .) -
,
. -
- ,
, , , -
.

34
1.3.4.
- , ,
-
.
1.3.10.
,
( ) .

. , , -
. ,
, , , ,
, .

( ) ( )
, ,
. . ( . . ) ,
,
.

-
. . . -
( . . ) -
.
. . -

- .
.
, , -
( ) ,
, , -
. ,

- ,
– -
,
, , . -
, -

35
, ,
,
1
( ) .

:
• ;
• .
.
1.3.11. ( ) -
,
, ,
, P L.
1.3.12. ( ) -
, ,
-
- .
1.3.12, ,

. ,
, - , -
( ) -
- ,

. . 1.6.
, -
,
.
, -
( . .
). -
,
, , , .

1
, . . ( -
Create), , ( ) -
- ( ). -
,
( ),
,
.
36
( )

Stream(sm, oi)→ oj

sm oi
-
( - ) oj
sk
ol
C( )
Create(sm , sl)→ sk -

.1.6. (Stream) (Create)

, -
.
1.3.13. oi oj t
(oi[t] ≡ oj[t]), , .
1.3.13
, -
.
( -
) , -
, , , -
,
( . . ).

-
.
1.3.14. si sj t,
.
1.3.13 1.3.14 -
-
, , , .

37
1.3.4 ( 1.3.13 1.3.14). -
,
- .
-
- ,
, -
, . . -
- , -
.
, , -
, , ,
.
.
1.3.15. si sj
( ), -
( )
o ik ojl , , -
s i sj. o ik -
s j, o jl si.
, " " -
1.3.15 ( -
1.3.13) .

.
1.3.16. si sj -
(
), 1.3.15 -
.
-
.
1.3.1 ( 1). -

PL , -
.
. -
, -
- -
( )
38
. , -
, , -
,
( )
. .
1.3.1 -
,
,
( -
, ,
. .).
,
, -
.
1.3.17. -
, ,
-
- ,
.

" " ( ).
-
,

.
1.3.18. -
( ),
( -
) .
.
1.3.5. ( 1.3.18). -
( ) , ,
( ) .
1.3.6. ( 1.3.18). ( -
) , - (
)
( ) , ( -
).
-
.

39
1.3.2. ( 2).

, -
, ,
,
.
. 1.3.18 -

. -
, . -
-
, -
,
PL. .

, ,
-
, ,
( ) ( ).
, , -
,
-
.
, ,
, -
, -
, .
1.3.19. Create(sk, om)→ sl
,
t> t0 ,
Create, sl -
-
t0 , . . om[t] ≡ om[t0].
1.3.19 , -
-
, -
.
1.3.7. ( 1.3.19). 1.3.19
sl[t1] sl[t2] , t 1> t 0 t 2> t 0 .
t1=t2 .

40
, -
.
1.3.3. ( ). ,

, t0
, -
( ), t k > t0
( ).
.
t0
" " -
. , 1.3.19
1.3.7 ,
, -
. ,
. -
.
1.3.3 -
-
. , -
1.3.3 .
, ,
" ". , ,
,
.
( -
) -
( ) -
.
( -
) -
- .
, -
-
, -
. , 1.3.1 1.3.3,
-
( ) ( -
), -
. -
( )
. 1.3.15
41
-
, -
, ,
. , -
- -
-
( ,
, ,
, ),
- .
, -
,

42
II.
2.1.

, -
, . -

,
.
-
,
.
-
, , . .
, , -
, .

2.1.1. .

-
, -
, -
, .

60- .
– -50 ( 60- ), -
( 70- ), -
- ( 70- ), Take-Grant (1976 .). -
-
,
.

-
( , . .).
( ) -
" ( )- -
( )- ".

43
. -
, . -
,
.
,
( ) -
, -
.
, , -

, -
. .
1. ( ):
- U;
- R;
- S;
- A;
- E.
2. :

A×U×E×R×S . (2.1.1)

3. ,
.

q = (u, e, R', s) , (2.1.2)

u ∈ U, e ∈ E, s∈ S, R' ⊆ R (R'- ).
, -
.
,
(2.1).
4. -
.
4.1. U , -
u. A , -
. F(u)
u.

44
4.2. A P =F(e),
e . P =F(e) -
e.
4.3. A P =F(R' ), -
R'. P =F(R' ) -
R'.
, ,
D(q)
D(q) = F(u) ∩ F(e) ∩ F(R' ) .

4.4. , R'
D(q), . . r R'
D(q).
4.5. D(q) , -
( D(q)), -
r R'.

D(q) e.
-
, D(q) - F(u, q). F(u, q) -
u q.
4.6. (EAC), -
q,
F(u, q) r R',
R'' – .
4.7. EAC :
- , R'' R' ;
- .

,
, –
. ,
, , , -
R.
. ? -
.

45
2.1.2.
-
, -
. -
( ), -
, ,

. . 2.1.

o1 o2 … oj … oN
s1 w
s2 r

si r,w

sM e

: w –" ";
r –" ";
e –" ".

. 2.1.

" " -

.
, -
( ) -
– . . 2.1. ,
" -
- ( )- ".
1.3.3 -
,
. -
, ( ) , , -
,
- ,
.
46
– .
-
-
.
-
, , , .

,
, . -
,
– , ( . .
), -
( ) . -
,
, -
. ( )
- -
-
. -
. ." " UNIX- .

, " ",
, "
", .
, , -
,
, , ,
1
.
( , )
2
. , " -
"( ) -
,
-
( ), -
.
, -
,
1
" "- .
2
, , . .
" ", ,
, ,
( . . ),
.
47
.
, . . -
, :
• ;
• .

-
1.3.3 1.3.3
.
, -

, -
, , -
.
, -

( ) . -
, -
-
( – ), -

( – , . . ).
-
" " .
2.1.1. -
, , -
1
, ( -
).
, -

, , -
-
, -
.
-
:
2.1.1. ( )
.

1
, , ( ).
48
, -
- -
.
,
,
,
,

.
.
1
. , -
, , ,
( -
, ,
, , , -
). -
(
, ). -
" ",
.

,
.

, , -
, -
, HRU. -
.

1
, , .
49
2.1.3.

- -
. , , ,

( ), -
.

2.1.3.1. - - (HRU- )
.
1. :
- O (o1, o2, …, oM );
- S (s1, s2, …, sN ) ,
S ⊆ O;
- A,
R
(r1, r2, …, rK ), . . A[s, o] ⊆ R.
ri , A[s, o],
( ) -
.
, HRU -
. 1.3.2 - ,
" "
( . . S ⊆ O), , ,
, ,
.
2.
. -
Op :
- Enter r into A[s,o] – r A[s,o];
- Delete r from A[s,o] – r A[s,o];
- Create subject s – s( . . -
A);
- Create object o – o( . . -
A);
- Destroy subject s – s;
- Destroy object o – o.

Q = (S, O, A) Q'= (S',O',A').

50
. 2.1
.
3. -
:
Command α(x1, x2, …, xk)
if r1 in A[xs1, xo1] and ( )
r2 in A[xs2, xo2] and
.
. (2.1.3)
.
rm in A[xsm, xom]
then
op1, op2, …, opn ( , )

Qi -
αl , -
Qi -1

Qi = αl(Qi -1), (2.1.4)

,
, .
2.1

-
-
HRU

Enter r into A[s,o] s∈ S, S'=S, O'=O, A'[s, o] = A[s, o]∪{r},


o∈ O (s',o')≠( s,o) ⇒ A'[s',o']=A[s,o]
Delete r from A[s,o] s∈ S, S'=S, O'=O, A'[s,o]= A[s,o] \ {r},
o∈ O (s',o')≠(s,o) ⇒ A'[s',o']=A[s,o]
Create subject s' s'∉ S S'=S ∪{s'}, O'=O ∪{s'},
(s,o)∈S×O ⇒ A'[s,o]=A[s,o],
o∈O' ⇒ A'[s',o] = ∅,
s∈S' ⇒ A'[s, s'] = ∅
Create object o' o'∉ O S'= S, O'=O ∪{o'},
(s,o)∈S×O ⇒ A'[s,o]=A[s,o],
s∈S' ⇒ A'[s,o] = ∅
Destroy subject s' s'∈ S S'=S \ {s'}, O'=O \ {s'},
(s,o)∈S'×O' ⇒ A'[s,o]=A[s,o]
Destroy object o' o'∈ O \ S S'=S, O'=O \ {o'},
51
(s,o)∈ S'×O' ⇒ A'[s,o]=A[s,o]

4. -
Q0, -
α. :
2.1.2. ( HRU).
r, -
Q0= (S0,O0,A0) Q0 -
, r
A[s,o],
Q0 .

-
( -
). , (
) , , -
, , ,
Q0. ,
, -

, ( . .
Q0) .
, -
, .
2.1.3. , -
α opi .
HRU , -

.
2.1.1. , ,
-
r.
2.1.1 ,
. ,
, -
-
.
, ,
( Delete Destroy),
, Create, - ( -
). ,
.
52
2.1.2. r
(2.1.3) -
.
, 2.1.2 ,
HRU -
!!!
-
HRU
– , ,
, ,
" " . HRU " -
", -
. ,
-
.
, 70- ,

, , ,
.
, ,
,
" -
"( Type Access Matrix – TAM).

2.1.3.2.
1. :
- O (o1, o2, …, oM );
- S (s1, s2, …, sN ) ,
S ⊆ O;
- A, -
R (r1, r2,
…, rK ), . . A[s,o] ⊆ R;
- ( ) T
(t1, t2,…, tL ), ( -
). ( . . -
). , -
ft : O→T, -
.
2. ,
( -
):

53
- Enter r into A[s,o] – r A[s,o];
- Delete r from A[s,o] – r A[s,o];
- Create subject s of type t– s t;
- Create object o of type t – o t;
- Destroy subject s – s;
- Destroy object o – o.

Q = (S, O, A) Q'= (S', O', A').


. 2.2

.
3. , HRU,

,
:
Command α(x1:t1, x2:t2, …, xk:tk)
if r1 in A[xs1, xo1] and ( )
r2 in A[xs2, xo2] and
.
. (2.1.5)
.
rm in A[xsm, xom]
then
op1, op2, …, opn ( , ).

,
, . .
, -
. , -
,
.
4. -
,
, .
2.2

- -
TAM -

Enter r into A[s,o] s∈ S, S'=S, O'=O, ∀ o∈O ft'(o)= ft(o),


o∈ O A'[s,o]=A[s,o]∪{r},
54
(s',o')≠(s,o) ⇒ A'[s',o']=A[s,o]
Delete r from A[s,o] s∈ S, S'=S, O'=O, ∀ o∈O ft'(o)= t(o),
o∈ O A'[s,o]= A[s,o] \ {r},
(s',o')≠(s,o) ⇒ A'[s',o']=A[s,o]
Create subject s' of s'∉ S S'=S∪{s'}, O'=O∪{s'},
type ts ft '(s')=ts, ∀ o∈O ft'(o)= t(o),
(s,o)∈S×O ⇒ A'[s,o]=A[s,o],
o∈O' ⇒ A'[s',o] =∅,
s∈S' ⇒ A'[s,s'] =∅
Create object o' of o'∉ O S'=S, O'=O∪{o'},
type to ft'(o')=to, ∀ o∈O ft'(o)= t(o)
(s,o) ∈S×O ⇒ A'[s,o]=A[s,o],
s∈S' ⇒ A'[s,o] = ∅
Destroy subject s' s'∈ S S'=S \ {s'}, O'=O \ {s'},
∀ o∈O ft'(o)= t(o), ft'(s')=
(s,o)∈S'×O' ⇒ A'[s,o]=A[s,o]
Destroy object o' o'∈O \ S S'=S, O'=O \ {o'},
∀ o∈O' ft'(o)= t(o), ft'(o')=
(s,o)∈S'×O' ⇒ A'[s,o]=A[s,o]

2.1.4. ti α,
α :
"Create subject s' of type ti" "Create object o' of type ti".
ti .
,
-
" " ( -
). ( ) -
" ". -
T. ti tj
, α, ti
, tj .
, HRU,
( TAM) , Delete
Destroy.
2.1.5. TAM
, .
[29] , - -
( 2.1.2) -
TAM,
. -
55
-
-
. -
, -
,
-
. -
.
, ( ,
" ", " " ; "user", "administra-tor", "auditor"
) TAM -
" "
.

2.1.3.3. TAKE-GRANT
, -
, -
, TAKE-
GRANT, , 1976 .
TAKE-GRANT, -
- , -
.
.
1. Γ (O, S, E), -
( . . 2.2):
- O ;
- S , S ⊆ O,
:
- E (x, y, α) x
y α
α ⊆ R (r1, r2,…, rK ) ∪ {t, g}, -
– take (t –
- ) -
grant (g – -
).

56
o1

α1 α4
s1 • α2 o2 α5
⊗ • s2
α3 α6
α7 o3

.2.2. Γ TAKE-GRANT ( :•– , -


,⊗– , ,
α1 ⊆ R – )
HRU, -
, Γ
, ( ) -
.
2. ( . . ) -
4- .
2.1. " " – take(α, x, y, z) – . . 2.3.

Γ Γ' α
t β t β
• ⊗ ⊗ • ⊗ ⊗
x y z take(α, x, y, z) x y z

. 2.3. Γ " "–


x α⊆ z y ( -
: – Γ Γ' c ; x∈ S; y,
z∈ O)

2.2. " " – grant(α, x, y, z) – . . 2.4.

57
α
Γ Γ'
g β g β
• ⊗ ⊗ grant (α, x, y, z) • y ⊗ ⊗
y x z x z

. 2.4. x y α⊆ z

2.3. " " – create(β, x, y) – . . 2.5.

Γ Γ'
β
• ⊗
x• create(β, x, y) x y

. 2.5. x y 1
⊆ R (y –
, O'=O ∪{y})

2.4. " " – remove(α, x, y) – . . 2.6.

Γ Γ'
β β \α
• ⊗ ⊗
x y remove(α, x, y) •x y

. 2.6. x α⊆ y

1
. . t, g, {t, g}.
58
. 2.3
.
3.
- -
( Γ0 (O0, S0, E0) )

, -
. 2.3. -
-
,
-
.
:
- (
);
- ( ,
).
2.3
-
TAKE-
GRANT
take(α, x, y, z) x ∈ S, (x, y, t)∈ E, S'=S, O'=O,
(y, z, β )1∈ E E= E' ∪{(x, z, α)}
x≠ z, α ⊆
grant(α,x,y, z) x ∈ S, (x, y, g)∈E, S'=S, O'=O,
(y, z, β )∈ E E= E' ∪{(y, z, α)}
x≠ z, α ⊆
create(β, x, y) x ∈ S, y∉ O O'=O ∪{y},
S'=S ∪{y}, y–
E= E' ∪{(y, z, β )}
remove(α,x,y) x ∈ S, y∈ O, S'=S, O'=O,
(x, y, )∈ E, α ⊆ E= E' \ {(x,y,α)}∪{(x, y, β )}

3.1.
2
.
2.1.6. Γ0 (O0, S0, E0)
α⊆R " (α, x, y, Γ0)" -
, -

1
(x, y, α ) – x y α.
2
. . 3.1, 3.2 [18] .
59
Γ1 (O1, S1, E1), Γ2 (O2, S2, E2), …, ΓN (ON, SN, EN), ,
:
Γ0(O0,S0,E0) 1 1(O1,S1,E1) 2
… N
ΓN(ON,SN,EN) (x, y,α)∈ EN
c1, c2, …, cN – 2.1, 2.2, 2.3 2.4.
, x y α ⊆ R, -
(x, y, α) ∉ E0,
,
(Γ0, Γ1,…, ΓN) 2.1, 2.2, 2.3
2.4.
2.1.7. tg- ( -
tg- ), ,
t g( -
).
tg- , tg- -
.
.
2.1.3. Γ0 (S0,O0, E0), -
- , " (α, x, y, Γ0)" -
, :
2.1.3.1. s1,…,sm , (si, y, γi)∈E0
i=1, …, m α =γ1 ∪…∪γm.
2.1.3.2. Γ0 tg-
si i=1, …, m.
. m=1,

m>1.
m=1 2.1.3.1 2.1.3.2 -
:
2.1.3.1. s , (s,
y, α) ∈ E0.
2.1.3.2. x s tg- Γ0.
. " -
(α, x, y, Γ0)". 2.6
Γ1 (O1, S1, E1), Γ2 (O2, S2, E2),…, ΓN (ON, SN, EN) , :
Γ0 1 1 2
… Γ
N N
(x, y, α) ∈ EN, N ,
. . (x, y, α) ∉ EN -1. 2.1.3.1 2.1.3.2 -
N.
N=0 (x, y, α) ∈ E0. , 2.1.3.1,
2.1.3.2 .

60
N>0, ∀ k < N.
(x, y, α) ∉E 0 (x, y, α) ΓN
ΓN -1 N. ,
" " " ". N " "( " -
"), ∃ s′∈ SN -1: (x, s′, t) ∈ EN -1 (
(s′, x, g) ∈ EN -1), (s′, y, α) ∈ EN -1 N = take(α, x, s′, y) ( N = grant
(α, s′, x, y)).
: s′∈ S0 s′∉ S0.
s′∈ S0. " (α, s′, y, Γ0)",
N. , -
∃ s∈ S0: (s, y, α) ∈ E0 s′ s tg-
Γ0. , " (t, x, s′, Γ0)" (
" (g, s′, x, Γ0)"),
N. ,
∃ s′′∈S0: (s′′, s′, t)∈E0 s′′ x tg- Γ0(
(s′′, x, g) ∈ E0 s′′ s′ tg- Γ0). ,
∃ s∈ S0: (s, y, α) ∈ E0 x, s tg– Γ0. -
2.1.3.1 2.1.3.2 s′∈ S0 .
s′∉ S0. N ,
, -
. ,
:
1) - -
{t, g};
2) Γ0
;
3) ;
4) " "
.
, ∃ < N –1,
∃ s′′∈ S0: c = create({g, t}, s′′, s′), cN = take(α, x, s′, y)
" (α, s′′, y, Γ0)". ,
" (t, x, s', ΓM)" , s'' – -
Γ M, s', s''
x tg- Γ0. "
(α, s′′, y, Γ0)" , s s'' -
tg– Γ0. , ∃ s∈S0: (s, y, α) ∈ E0 x, s -
tg– Γ0. 2.1.3.1 2.1.3.2 -
s′∉ S0 . .

61
. 2.1.3.1 2.1.3.2 -
tg– , -
x s.
N = 0. , x = s, (x, y, α) ∈E0 "
(α, x, y, Γ0)" .
N = 1, . . ∃ s∈S0: (s, y, α) ∈E0 x, s -
tg- . x
s, -
, ( . . 2.7).

Γ0 Γ1 α


t

α • •
t

α •
x s y take(α,x,s,y) x s y
a)
Γ0 Γ1 α
g α g α
• • • • • •
x s y grant(α,s,x,y) x s y
)
Γ0 Γ1 •z Γ2 •gz
t,g g t,g α
t α t α t α
• • • • • • • • •
x s y create({t,g},x,z), x s y grant (α,s,z,y), x s α y
take(g,s,x,z) take(α,x,z,y)
)
Γ0 Γ1 •z Γ2 •z
t,g g t,g g α
g α g α g α
• • • • • • • • •
x s y create({t,g},x,z), x s y grant (α,s,z,y), x s
α y
grant(g,x,s,z) take(α,x,z,y)
)

. 2.7. tg- x s, -
Γ0 (x, y, α) ∈ EN
, N =1 " (α, x, y, Γ0)" -
.
N >1. z, tg–
x s, s Γ0.
N =1 -

62
Γ0 1 1 2
… K
ΓK : (z, y, α) ∈ EK tg– z x -
N –1, .
.
2.1.3, -
-
– - - - ,
,
( ) , ,
.

, ,
. " " -
.
2.1.8. Γ -
tg- ,
.
, , , -
, -
2.3.
2.1.9. Γ tg– ,
r * s-* r * gr s * r;* gs s * *
tg- t ,t ,t t ,t t , -
( ) .
2.1.10. Γ -
tg- , r * gr - ;
tg- t .
2.1.11. Γ -
tg- , r - ;
tg- t *.
.
2.1.4. Γ0 (S0, O0, E0)
" (α, x, y, Γ0)" ,
2.1.4.1, 2.1.4.2 2.1.4.3:
2.1.4.1. s1,…,sm , (si, y, γi)∈E0
i=1, …, m α=γ1 ∪…∪γm.
2.1.4.2. - x1',…, xm'
s1',…, sm' , :
- = i' i' i=1, …, m;
- si = si ' si' si i=1, … ,
m.
63
2.1.4.3. (xi', si' ), i=1,…,m, -
Ii1,…, Iiui, ui≥ 1, , xi'∈ Ii1, si'∈Iiui , -
Iij, Iij+ 1.
. m=1,

m>1.
– . . 2.8.
m=1 2.1.4.1, 2.1.4.2 2.1.4.3 -
:
2.1.4.1. ∃ s∈O0 : (s, y, α) ∈E0.
2.1.4.2. ∃ x', s'∈ S0 :
- = ' ' ;
- s = s' s' s .
2.1.4.3. I1,…, Iu , x'∈ I1,
s'∈ Iu, Ij Ij+ 1 j=1,…, u -1.
. " -
(α, x, y, Γ0)". -
Γ1 (O1, S1, E1), Γ2 (O2, S2, E2),…,
ΓN (ON, SN, EN), , : Γ0 1 1 2… N ΓN (x, y, α) ∈ EN,
N , . . (x, y, α) ∉ EN -1. -
2.1.4.1, 2.1.4.2, 2.1.4.3 N.

g t t t t α
⊗ ⊗ ⊗ ⊗ • ⊗ ⊗ ⊗
x x' s y
I1 t

t
• s' •
t

g t ⊗
t t t
I2 • ⊗ ⊗ ⊗ ⊗
I3
g •
t t t ⊗
• ⊗ ⊗

. 2.8. x α
y

64
N=0 (x, y, α)∈E0. , 2.1.4.1,
2.1.4.2, 2.1.4.3 .
N>0 ∀ k < N.
(x, y, α)∉E0 (x, y, α) ΓN
ΓN -1 cN .
x ∈ S0 x ∉ S0.
x∉S0, ∃ x1∈SN -1 : cN =grant(α, x1, x, y). -
N , 2.1.3,
, x1∈S0. :
1. " (g, x1, x, Γ0)" -
, N. -
2.1.4.1, 2.1.4.2, 2.1.4.3:
- ∃ x2 ∈ O0 : (x2, x, g) ∈ E0 ;
- ∃ x' ∈ S0, x2 ;
- I1,…, Iv, v≥1 , x1∈Iv , x'∈I1 ,
Ij Ij+ 1;
2. " (α, x1, y, Γ0)" -
, N.
2.1.4.1, 2.1.4.2, 2.1.4.3:
- s∈ O0 : (s, y, α) ∈ E0 ;
- ∃ s' ∈ S0 : s=s' s' s ;
- I1,…, Iu, (v-u) ≥ 1, , x1∈Iv, s' ∈ I1
Ij Ij+ 1, j=v,…, u-1.
, x', x2, x .
, x ∉ S0 ,
.
x∈S0, .1 2.1.4.2 2.1.4 -
. , -
, .
. 2.1.4.1, 2.1.4.2, 2.1.4.3 .
2.1.4.1 s, α
y. .2 2.1.4.2 s',
s,
s α y.
2.1.3 , , -
,
. 2.1.4.3 , -
. . 2.9
r gr s
t t. .1 2.1.4.2 2.1.4
x', x, , -
65
, x . -
.
2.1.4 , -
-
tg- , , , -
, 2.1, 2.2 2.3,

. -
, -
, ,
, -
. ,
-
.

Γ0 Γ1
g
t g t α t g t α
• ⊗ ⊗ • ⊗c • ⊗ ⊗ • ⊗
x a b s y create({t,g},x,z), x a b s y grant (g,x,b,z),
grant(g,x,a,b) t,g take(g,s,b,z)
⊗z

Γ2 Γ3 α
g g
t g t α t g t α
• ⊗ ⊗ • ⊗ • ⊗ ⊗ • ⊗
x a b s y grant (α,s,z,y), x a b s y
t,g g g take(α,x,z,y) t,g g g
z⊗ z⊗

r gr s
. 2.9. t t

,
(
grant), .
3.2.
x, y∈O0 – Γ0 (S0, O0, E0).
2.1.12. Γ0 (O0, S0, E0)
α⊆R " (α, x, y, Γ0)" -
, -
Γ1 (O1, S1, E1), Γ1 (O2, S2, E2), …, ΓN (ON, SN, EN) ,
:
66
Γ0 (O0,S0,E0) 1 1 (O1,S1,E1) 2
… N
ΓN (ON,SN,EN) (x, y,α)∈EN
c1, c2,…, cN – 2.1, 2.2, 2.3 2.4;
, ∃ (s, y, α) ∈ E0, ∀ z ∈ Sj , j=0,1,…, N :
c1 ≠ grant(α, s, z, y).
, 2.1.11 -
- -
, -
" ".
.
2.1.5. Γ0 (S0, O0, E0)
" (α, x, y, Γ0)" , -
2.1.5.1, 2.1.5.2 2.1.5.3:
2.1.5.1. (x, y,α) ∉ E0.
2.1.5.2. s1,…, sm , ( si , y ,
γi)∈E0 i=1, …, m α=γ1 ∪…∪γm.
2.1.5.3. " -
(t, x, si, Γ0 )" i=1, …, m.
. 2.1.4.
, 2.1.5
– -
, -
1
, , -
, , , -
" " -
t
.
, TAKE-GRANT -
, - -

-
.

2.1.3.4. TAKE-GRANT
TAKE-
GRANT TAKE-
GRANT,
2
-
.

1
. . , Γ0 "g" .
2

" ".
67
.
2.1.13. -

.
-
(
Read, Write) . ,
( ) , -
, , -

, , . -
-
.
TAKE-GRANT
.
1. Γ (O, S, E), -
:
- O ;
- S , S⊆O,
:
- (x, y, α) x
y α R,
( ) – Read Write.
2. -
( ) -
1
, -
, -
:
2.1. ( )– . . 2.10.

Γ Γ' w

• r ⊗ • r ⊗
x y x y

2
. 2.10. x ( ) ,
r y

1
-
TAKE-
GRANT " - ", -
" - ".
2
TAKE-GRANT [ ] -
[ ] ( ) - .
68
2.2. ( )– . . 2.11.

Γ Γ' r

w •
w ⊗
• ⊗
x y x y

. 2.11. x ,
w y

2.3. post (x, y, z) – . . 2.12.

w
Γ Γ'
r w r w
• ⊗ • post (x,y,z) • ⊗ •
x y z x y z
r

. 2.12. x ( ) -
z, r y, z -
w, z, ,
x
2.4. spy (x, y, z) – . . 2.13.

Γ Γ' w


r •
r ⊗ •
r •
r ⊗
x y z spy (x,y,z) x y z
r

. 2.13. x z, -
r y, , , -
r z, x
z
2.5. find (x, y, z) – . . 2.14.

Γ Γ' r


w •
w ⊗ •
w •
w ⊗
x y z find (x,y,z) x y z
w

. 2.14. x z, -
w y, , ,
69
w z, x
z

2.6. pass (x, y, z) – . . 2.15.

w
Γ Γ'
w r w r
⊗ • ⊗ pass (x,y,z) ⊗ • ⊗
x y z x y z
r

. 2.15. y r z -
x,
y w, , ,
( ) x z

3. -
( ) ( )
x y
x y, ,
2.1,…, 2.6 -
.

, ,
( ) ( ),
.
. ,
,
.
, ," "
:
• , -

( ) ( ), -
-" " -
;
• - ( ) -

.
,
70
(
) ( –
" - "
).

, , , -
- -
. -

,
. -
,
,
, -
.
-
– -
,
,
- , .
,
( Γ0) -
, .
TAKE-GRANT
, ,
, ,
-
.

71
2.2.

2.2.1.
, , -
, , -
, " "
. , ,

, , -
.
.
1. " -
"
-
. -
, .
( -
), -
. , . .
,
. . -
, . .
, -
,
,– . . .
2. -
-
, , . . , , -
.
-
, -
.
, ,
, . .
, , ,
, ,
.
, -
– ( )
( , , , , . . -

72
). " " , -
:
2.2.1.(no read up (NRU) – ).
( ), ( -
) ( -
).
2.2.2.(no write down (NWD) – ).
( ) -
(
).
-

:– -
,
. -

: – -
, -
-
.
-
-
:
• NRU,
NWD;
• , -
(
).
, ,
, ,
, NWD -
-
- ,
- -
-
.
,
( -
write) , ,
.
, , -
, , "
73
" ( . . ) -
, -
- . , -
-
1
.

.
.
2.2.1. L -
L(L, ≤, •, ⊗),
L– ;
≤– , -
L, -
2
, :
∀ l ∈ L: l ≤ l ( ),
∀ l1, l2 ∈ L: (l1≤ l2 ∧ l2≤ l1) ⇒ l1= l2 ( );
∀ l1, l2 , l3 ∈ L: (l1≤ l2 ∧ l2≤ l3) ⇒ l1≤ l3 ( );
•– , l1, l2 -
L :
l1 • l2 = l ⇔ l1, l2 ≤ l ∧ ∀ l'∈ L: (l' ≤ l) ⇒ (l '≤ l1 ∨ l'≤ l2) ;
⊗– , l1, l2
L :
l1 ⊗ l2 = l ⇔ l≤ l1, l2 ∧ ∀ l'∈ L: (l' ≤ l1 ∧ l'≤ l2) ⇒ (l' ≤ l) .
2.2.2. FL: X→ L
X=S∪O
L L.
FL : L → X
-1
-
Xi , :
X1 ∪ X2 ∪ …∪ XN = X ,
N- L);
Xi ∩ Xj ≡ ∅ , i ≠j ;
∀ x'∈ Xi ⇒ FL(x')= li , li ∈ L.
1
, , , .
write read-write, , " "
, , append –
.
2
L , -
- , L .
74
,
-
.
1. ,
Xi Xj , . . -
Xj Xi. -
Xi Xj -
Xij. , -
, ,
≤, .
2. ,
Xi Xj, , ,
Xj Xk.
, , ,
Xi Xk. , -
, ≤, .
3. .
,
. ≤ -
, . . -
≤.
4. , Xi Xj .
, , -
X', -
Xi Xj ,
Xi Xj , X'' ,
X' ,
Xi Xj . , X' -
Xi Xj .
5.
Xi Xj X', ,
Xi Xj X' , -
Xi Xj , -
X'' , , X' ,
Xi Xj . -
, X'
Xi Xj .
,
-
,
, , , -
NRU NWD, .

75
, -
. , -
-
( NRU NWD). -
, ,
,
,
-
, -
. -
-
.
, -
.

76
2.2.2. -
,
1972–1975 . . – -
MITRE Corporation
(D.Elliott Bell, Leonard J.LaPadula),
-
.
- -
.
1. Σ(v0 ,Q, FT) :
- O ;
- S ;
- R ( . . " " -
) – read write);
- A[s,o];
- L L ;
- FL: S ∪ O → L, S O
L;
- V,
(FL, A);
- v0 ∈ V;
- Q ( )
, ;
- FT : (V x Q) → V*,
V V* Q.
2. . -
, -
, :
2.2.3. (
) , -
, ,
-
:

∀ s∈S, ∀ o ∈O, read ∈ A[s,o] → FL(s) ≥ FL(o) .

2.2.4. (
1
*- ) , ,
,

:
1
: ss- – ,
*- – , ds- – ( )
.
77
∀ s∈S, ∀ o∈O, write ∈ A[s,o] → FL(o) ≥ FL(s) .

2.2.5. -
, , .
, , , -
NRU NWD ,
.
2.2.6.( - -
). Σ(v0 ,Q, T) ,
v0 , v0
Q, -
.
, -
" "( ).
2.2.1.(Basic Security Theorem). Σ(v0 ,Q, FT)
, :
1. v0 ,
2. FT , v, -
v0 -
Q , FT (v,q)=v*, v=(FL,A)
v*=(FL*,A*), -
s∈S o∈O
- read ∈A*[s,o] read ∈A[s,o], FL*(s) ≥ FL*(o);
- read ∈A[s,o] FL*(s) < FL*(o), read ∉ A*[s,o];
- write ∈A*[s,o] write ∉A[s,o], FL*(s) ≥ FL*(o);
- write ∈A[s,o] FL*(s) < FL*(o), write ∉A*[s,o] .
.
. , . -
v0 . , -
v, v0
Q, FT (v,q)= v*,
( ) .
, v* , -
2.2.3. v*
( ) , v* -
, 2.2.4. , -
.
. , .
v0, v, -
v0 Q.
v0 . , v0
, - v*, -
v: FT (v,q)=v*. -
78
FT . -
, , ( ,
) . , -
Σ(v0 ,Q, T). .
-
. -
-
NRU NWD
:
- - -
( )
,
;
- -
- ,
, -
-
;
- , - -
- ,
,

;
- -
- ,
,

.
,
, -
,
NRU NWD.
, ,
FT, ,
.
-
,
, , -
, , -
, " " (1983 .).
-
" " . " -
" ,
, -

79
NRU NWD. ,
, 2.2.3
2.2.4, , , -
2.2.6 .

2.2.3. -
-
, -
. -
, -
( ) -
, ,
-
. ,
- , Z-
, , , , -
-
(read write). Z-
-
, -
. , -
( ) , -
, .
, , -
.
Z- , , , -
- -

, . .
.
-
- ,
- , -
" " .
, -
( ).

FL: S ∪ O→ L -
FLs: S → L
FLo: O → L.

80
2.2.7. FT : (V x Q) → V -
, FT(v,q)=v* -
:
- read ∈A*[s,o] read ∉A[s,o], FLs(s)≥ FLo(o) FL = FL* ;
- FLs≠ Ls*, A=A*, FLo= Lo*, ∀s o,
FLs*(s) < FLo*(o), read ∉ A[s,o];
- FLo≠ Lo*, A=A*, FLs= Ls*, ∀s o,
FLs*(s) < FLo*(o), read ∉ A[s,o].
2.2.8. FT : (V x Q) → V -
, FT(v,q)=v* -
:
- write ∈A*[s,o] write ∉ A[s,o], FL s(s)≥ FLo(o) FL = FL* ;
- FLs ≠ FLs*, A=A*, FLo= FLo*, ∀s o,
FLs*(s) > FLo*(o), write ∉ A[s,o];
- FLo ≠ FLo*, A = A*, FLs= FLs *, ∀s o, FLs*(s) >
FLo*(o), write ∉ A[s,o].
2.2.9 ( ).
FT : (V x Q) → V ,
, .
-
2.2.8 2.2.9 ,
, - , -
( -
, . . -
, ,
), , - , , NRU
NWD , .
,
.
2.2.2. ( ). Σ(v0 , Q, FT)
,
v0 , -
.
Z-
, , , -
- . , -
2.2.7 2.2.8 , -
-
. , , , -
( . . -
), - .

81
-
.
2.2.10. (S), -
, -
, ( -
) .
-
.
2.2.11.
F : S ∪ O → (S)
( ) -
.
, F
1

, -
.
-
, , .
2.2.12. FT : (S x V x Q) → V
Σ(v0 , Q, T ) -
, t (s, v, q) = v*,
v = (FT, A) v* = (FT*, A*), -
:
∀ x ∈ S ∪O : FL*(x) ≠ FL(x), x∈ (S) .
2.2.10,
2.2.11 2.2.12
-
-
.
,
,
-
. ,
-
,
( ).
, -
-
. ,
, , ,

1
. ., , , .
82
,
. .
, , -
, -
Low-Water ark (LWM).
LWM -
. -
write , -
" ", . .
,
write -
reset.
-
, , (
NWD), reset, -

. reset -
NWD (
). , ,
" " ,
, NRU.
, -
( ) , -
- ,
, , -
. LWM
write . write

,
( ),

.
LWM , reset -
write -
- .
, ,
LWM, , -
-
, -

. "
" LWM .

83
- ,
, -
( ) .
, , ,
, -
, , -
. , ,
, ,
, -
( ) -
– ( ) ( -
).

, , /

, -
.
- -
, –
, ( ) .
-
.
2.2.13. FG: S → (S) \ ∅ -
S
SG = (S) \ ∅, -
sG ∈ S G.
A[s,o] -
, .
-
,
, . . NRU NWD, ,
, ,
. -
-
.
2.2.14. FLL: SG→ L -

SG L
, FLL(sG)
s, sG .
2.2.15. F L : S G→ L
H
-

SG L

84
, FLH(sG)
s, sG .
L H
FL FL -
( 2.2.4, 2.2.5 2.2.6)
- .
2.2.16.
,
,
, , FL
F LL ,
.
2.2.17. -
,
, -
, -
, FL -
H
FL .
, -
, -
, ,
.
,
, ,
.
-

( ).
, -
, , ,
-
.
, -
. , , -
" ",
" ".
, , -
, , , ,
" " -

, .

85
2.3.

2.3.1.

-
" " ,
– -
. , -
-
, -
" " .
, -
" " " " -
, -
1
. -
( -
, , ) -
. -
, . . -
. -

.
, , -

- ,
.
MLS- , -
,
, , -
-50,
, UNIX –
DTE. , -

, -
. ,

-
.

1
" ", " ", " - " . .
– , , . .
86
-
, . 2.16.

. 2.16.

-
, -
( ), , -
- ,
. -
:
• ( );
• ( );
• - ( ).
1
( , ,
. .),
( ) – . . 2/17.
-
, . . ,
.

1
- ( , -
. .) .
87
1
2 1
: 2, 3, 17
3

N 2
: 3, 4, 27, 45,
67

. 2.17.
-
, -
(" - "). -

– . . 2.18. -
, -

1.1 1.2
1
: 1.2, 1.1.1
1.1.1 1.1.2

2
1.1.2.1 1.1.2.2 1.1.2.3 : 1.1.2

. 2.18.

-
1
- ,
( , " "-" "-" "
" "-" "-" "-" " . .). , -
, ( ) -
.
– .

1
– – , .
88
. 2.19.
.

1: 3: 1
1.1 3.1 :
1.2 3.1.1 1.2_2.1.1_3.1.2_4.1
3.1.2

2: 4: 2
2.1 4.1
2.1.1 4.2 :
2.1.2 1.1_2.1.2_3.1.1_4.2

. 2.19.

( ) -
( ) -
:
2.3.1 ( ).
, , (
) .
,
, , -
. ,
( ) -
1
.
, , ,
, ( , -
), ,
. , , "
" , , -
, " " -
. , NWD
, , -
" ", -
:

1
, , . 1.1.3,
, , ( ) , ( ) -
, ,
.
89
• ( )
( ) ( ,
1
. .) ;

( )
,
,
( ) , -
.
-
( ) , -
-
.
2.3.2 ( ). -
,
" " .
-
, , -
, , , -
, -
, -
, . . -
.

2.3.2.
, -
-
.

( F [xi]) ,
(P , ⊆, ∪, ∩) T (P –
T ).
P -
- ⊆, -
xi
xj , F [xj] ⊆ [xi]. , -
, , -
.

1
- , , ,
( ) .
90
F [xi] F [xj] -
F [xi] ∪ F [xj] F [xi] ∩ F [xj], .
-
,
-
- .
2.3.8.
F 1[x] -
X=S∪O -
T ,
x∈X
τ∈T τ .
,
o -
τ ( )
o -
, τ. -
- ,
( ) -
.
.
2.3.9. -
F 2[x] -
X=S∪O -
T ,
x∈X
{τx1, τx2,…}, τx1, τx2,…
-
- .
-
, -
, -
T
.
, ,
.
, -
, -
- ,
,
-
.
91
o , -
{τo1, τo2,…}, . . ,
, -

- . -
o
, τo1, τo2,… .
- ,
, , -
, .

, ,
,
.

T ={τ1, τ2,…, τM}


≤, -
, .
T -
( ),
(τi, τj) -
.
T ( τ0 )
( ) ( . . 2.20), -
, (τi,
τj) sup{τi, τj}
inf{τi, τj}.

τ1
τ2 τ4
τ3
τ5 τ6 τ7 τ8 τ9

τ0

. 2.20. -

92
2.3.10. sup {τi1, τi2,…,
τik}= τi τi1, τi2,…, τik τi, -
-
τi1, τi2,…, τik.
2.3.11. inf {τi1, τi2,…,
τik}= τi τi1, τi2,…, τik τi, -
,
-
, 1
τi1, τi2,…, τik.
2.3.11 , τi1, τi2,…,
τik , . . -
, inf ,
,
. . , ,
{τi1, τi2,…, τik}. ( )
τi1, τi2, …, τik -
inf τ0,
, -
.
T ∅ = T ∪ τ0 (T ∅,
≤, sup , inf ),
-
-
.

≤ sup , inf -
- -
,
.
, (T ∅, ≤, sup ,
inf ).
.
2.3.12. (τi) -
τi τ j, -
T.

1
.
93
, τ j
(τj) , -
.
P -

.
.
2.3.1. -
⊆ { (τ1),
(τ2),…, (τM)}

{τ1, τ2,… τM}, .


. -
, τi ≠ τj -
(τi) (τj)
, . . . ,
τi → (τi) .
, ≤
τi τj (
) , . . (τi) (τj).
τi τj τi ≤ τj (τi τj). -
τi τj ,
,
(τj) ( ) (τi).
, :

(τi) ⊆ (τj) ,

τj τi.
τi τj , . . -
, ,
. ,
:

(τi) ∩ (τj) = ∅ .

, (τi) (τj) -
⊆.
, τi → (τi) -
.

94
, -
-
.

{τ1, τ2,… τM} { (τ1), (τ2),…


(τM)}, -

.
, ,
, .
.
- -
-
, -
. -

, -

. -
, -
-
.
. -
, . 2.20.
τ2 τ3 :
(τ2) = {τ5,τ6,τ7},
(τ3) = {τ3},
(τ2) ∩ (τ3) = ∅,
(τ2) ∪ (τ3) = {τ3,τ5,τ6,τ7} ≠ {τ3,τ5,τ6,τ7,τ8,τ9} = (τ1).

τ2 τ3 τ1, -

{τ3,τ5,τ6,τ7,τ8,τ9}.
.
2.3.2. - ∩ -
(τi) ∩ (τj) -
inf {τi,τj}.
. .
τi τj .
95
τi τj ,
τi ≤τj.
inf

inf {τi, τj}=∅ ( . . 2.20).


, , τi τj
-
(τi) ∩ (τj)= ∅.
inf
τi – inf {τi, τj}=τi.
, (τi) ∩ (τj) = (τi),
τi ≤ τj ,
(τi) ⊆ (τj).
, (τi) ∩ (τj) inf {τi, τj}

τi → (τi).
-
, sup , .
2.3.13. ∪ -
(τi), (τj) (τk) -
τk,
τi τj,
.
, 2.3.13
∪ sup . , ∪ ∩

. ,
( , ⊆, ∪ , ∩), (T ∅, ≤, sup ,
inf ).
( , ⊆, ∪ , ∩) -
-
-
.

.
2.3.14. ∨
{τk1, τk2,…, τkL} (L < M), , -

T ={τ1, τ2,…, τM},


96
τk
, {τk1, τk2,…, τkL}
, ( ) τk .
2.3.15. I ⊆T -
:
1) τ ∈T τ'∈I τ ≤ τ' τ ∈I , . . I -
;
2) {τk1, τk2,…, τkL} ⊆ I ∨ {τk1, τk2,…, τkL}=τk ,
I τk ∈ I ,
L ≤ M.
,
,
, . . , , , -
. -
, - ,
. . 2.21 -
.
-
, 2.3.9 -

( ), . .
-
.

τ1

τ2 τ3 τ4
τ6 I τ8
τ5 τ7 3
τ9
I 5

τ10 τ11 τ12 τ13 I 4


I 6
τ14 τ15 τ16 τ17 τ18 τ19 τ20
I 2
I 1

. 2.21.

97
, -
( )
I .
⊆ , -
, -
I .
, 2.3.15 -
.
.
2.3.3. ∩ -
.
, -
∪ , , -
, -
2.3.15. , ,
. 4.7, -
I 4 I 5, -
τ4, {τ8, τ9}.

2.3.14,
- –
∪ .
2.3.16. ∪ I i∪I j
- , -
,
, I i ∪ I j.
.
2.3.4. ∪
1
.
, . 2.21
: I 6 = I 1 ∩ I 2, I 3= I 4∪ I 5.
2.3.15, 2.3.3 2.3.4 .
2.3.4.1. -
(I , ⊆, ∩, ∪ ) -
⊆, -
∩ ( 2.3.16) -
∪ .
,
-
.

1
2.3.15.
98
-

-
. .
2.3.17. i -
{τi1, τi2,…, τiL} (L ≤ M) -
, T = {τ1, τ2,…, τM},
:
1) τ ik τ im
1

τ ik <> τ im, k ≠ m;
2) {τi1, τi2,…, τiL}
.

T ( ∈ T ).
,
.
.
2.3.18. ( )
,
( )
.
M⊆T . <M> , -
M, . . , -
M. , <M> -
, M.
2.3.19. τ I -
, τ'∈ I τ' ≤ τ, τ' τ -
.
A -
I . 4.18 , A -
I . , ,
4.18 , A -
. -
( ,
).
.

1
<> - .
99
2.3.5. , -
, ,
.
, -
. ,
.
, , -
. -
.
,
, (I , ⊆, ∩,
∪ ).
, , -
.
1
2.3.20. i -
j – {τj1, τj2,…, τj } ≤ {τi1, τi2,…, τiI}
J
, m=1,…,J k=1,…,I , τjm
≤ τik ( τjm τik ):
∀ τjm ∈ j, ∃ τik ∈ i, τjm ≤ τik .
, -
≤ , , . . -
.
, . 4.7,
:
{τ5,τ6} ≤ {τ2,τ3}, {τ3,τ5,τ6} ≤ {τ2,τ3}, {τ7,τ11} ≤ {τ2,τ3}, {τ13,τ17} ≤ {τ7,τ8},
{τ12,τ19} ≤ {τ7,τ8}, {τ9,τ10,τ13,τ14,τ16,τ18} ≤ {τ3,τ4,τ6}, {τ11,τ12,τ19} ≤ {τ3,τ4,τ6}
. .
.
2.3.3. -
⊆ -
≤ -
.
.
2.3.5 I i → i. -
, -
, , -
. , -
.

1
≤.
100
I j I i I j ⊆ I i. -
j i -
2.3.20, . . j ≤ i.
. j ≤ i.
{τj1, τj2,…, τj } - -
J
{τi1, τi2,…, τiI}. , , -
{τj1, τj2,…, τj } , -
J
{τi1, τi2,…, τiI}.
, I j
( ) ,
I i.
, I i→ i
.
≤, -
, -
, -
.
( 4.17),
( 4.20), -
.
2.3.21. ∪ τ
i ={ i1, τi2,…, τiI}
j = {τj1, τj2,…, τj }
J

= i∪ j -
:
1) -
, –

= {τi1, τi2,…, τiI} ∪ {τj1, τj2,…, τj } ;
J
∪' ∪
2)
1
, -


∪ ∪ ∪
(τk ∈ ∧ τk ∉ ) ≡ ( ∃ τm ∈ ∧ τm ≤ τk ∧ τm ≠ τk);

3)
∪'
-
∪'
-
.

1
.
101
– , -
, -
( -
2.3.19) -
.
.

2.3.6. = i ∪ j, -
4.21,
) ;

b) i j, . . i≤ ∧

j≤ ;
c) i j.
.

- . ,

2.3.17 .


, i j,
- . , 4.20

i j.
i j -

, -

( . . ). -
, -
. -
" " ,
. , -

i j, ,
.

.
2.3.22. i= {τi1,
τi2,…, τiI} j = {τj1, τj2,…, τj }
J

= i j
:

102
1) i ={ i1, τ τi2,…, τiI} -
1
'i, -
j = {τj1, τj2,…, τj };
J
2) j = {τj1, τj2,…, τj } -
J
'j ,
i ={ i1, τ
τi2,…, τiI};
3) -

= 'i ∪ 'j.
.

2.3.7. = i j, -
4.22,
) ;

b) i j, . . ≤ i ∧

≤ j;
c) i j.
.
2.3.17 i ={ i1, τ τi2,…, τiI}
j = {τj1, τj2,…, τj } .
J
'i 'j -
.

, = 'i ∪ 'j
V τ, V ={τ1, τ2,…}. -

{τ1, τ2,…} " " ,
2.3.17, , 'i ,
'j . ,
V ={τ1,τ2}, τ1∈ i , τ2∈ j – . . 2.22.

1
, , , . . ,
.
103
i τ j

τ1 τ2

. 2.22. -


, τ1 ,
2.3.22 τ j.

j V ={τ1,τ2} τ,
τ1 ≤ τ2,
2.3.17.

τ , , - , -
,

, i. - , τ∈ i -
, j - τ'∈ j , τ ≤ τ'. -

, -
i j.

, -
', i
∩ ∩
–( j ≤ '≤ ∧(
i) ≤ '≤ j ). (τ ≤ τ'≤ τ ) ∧ (τ ≤
(i)


τ'≤ τ ), (j)
τ∈ , τ'∈ ', τ (i)∈ i τ ∈ (j)
i. ,
, 4.17, τ i,

j. τ ≠τ' ≠τ (i) ≠τ (j), , , (τ '≤ τ ) ∧ (τ '≤


(i)

τ ) ∧ (τ ≤ τ'),
(j)
i, j -
(τ τ (i)
τ τ (j) ),
2.3.17. ,

τ =τ', ,
.
, ≤( -
2.3.20), ∪ ( 2.3.21) -
( 2.3.22) ,
2.3.5, 2.3.6 2.3.7, T
(T , ≤, , ∪ ), ( )
(I , ⊆, ∩, ∪ ). (I , ⊆, ∩, ∪ ) , , -
104
(T , ≤, , ∪ ),
, -
-
.

105
2.3.3. -
.
1. -
( -
).

T ={τ1,τ2,…, τM}, ,
.
2. X=S∪O -
T , -
.
F 2[x]
,
f , -
x∈X -
:

f [x]= i , (2.3.1)

x∈ S ∪ O , i∈ T .
3.
( tk ) (
tk+1).
( )
(X = S ∪ O), / –
.
– (w)
(r) , . 2.23.

(w) (r)
Stream(s)→ o Stream(s) ← o
o o

s s
, - , -
s s

. 2.23.

. -
, sm oi
106
oj , , sn -
oj ok, oi
ok sm sn – Stream(sm, sn, oi, oj)→ok .
( 1.3.2,
1.3.3), ( 1.3.4), , -
( 1.3.5), -
, -
. 2.24.

Create(sm, o) → s' Create(sm, o) → o'


o– - o–
r r
sm sm
w s'– w o'–

, - , -
- , -
sm s'

. 2.24.
, ,
, , , -
-
, – .
( ) -
-
, -
-
.
4.
-
2.3.2, -
Σ .
2.3.23. ,
:
- -
;
- .
5. ,
, -
107
-
, ,
2.3.23.
2.3.1. s o,
Stream(s)←o ,
, -
:

f [s] ≥ f [o] . (2.3.2)

2.3.2. s o,
Stream(s)→o ,
, -
:

f [o] ≥ f [s] . (2.3.3)

2.3.2 , o'
, -
, ,
- f [o'] ≥ f [s]. -
( )
( ).
.

, (
) .
6. ,
-
.
2.3.3. s o',
o,
, -
o,
o' ,
:

f [o] ≤ f [s] ≤ f [o'] . (2.3.4)

.
1
4.4 ,

1
-

108
(
Σ Σ ).
2.3.4. s s' -
o
,
- ,
, -
:

f [o] ≤ f [s] ≡ f [s'] . (2.3.5)

7. , -
( ), -
, ( -
, -
).

.
2.3.5. s
o1, o2,… s1, s2,… o
( ) ,
, -
, 2.3.1,2.3.2,2.3.3 2.3.4.
2.3.5 ,
, -
, -

. , , -
, , -
.
.
2.3.4. -
,
2.3.1, 2.3.2, 2.3.3, 2.3.4 2.3.5,
, -
2.3.23.
.
- , , 2.3.1…2.3.5 -
.

, . . -
.
109
- ,
, ,
.
,
-
– . . 2.25

o1→ o2 , - s1→ s2
s1
r o1 s1 w
s r o
w s2
, - o2 , -

s s2

. 2.25. ,

o1→ o2 :

f [s] ≥ f [o1] ∧ [o2] ≥ f [s] .

, :

f [o2] ≥ f [o1] .

, -
.

s1→ s2

f [s1] ≤ f [o] ∧ [s2] ≥ f [o] .

f [s2] ≥ f [s1] .

,
-
.
, -
o1→ o2 s1→ s2,
110
, . . , -
2.3.23.
, , -
- ,
-
.

111
2.4.

2.4.1.
-
-
( ) , -
( ), -
( ), ( -
).
, -
- , ,
, -
, -
. ,
, , -
, -
( , ). ,
- -
( -
), ( ), -
.
-
,
, -
. ,

( , , , -
, ), ,
-
( , -
).
,
, - -
- ,
- , -
.
70- –
80- -
IBM . 80-
- , -

112
1
MMS- ,

.
(Role-Based Access Control –RBAC).
, ,
-
– . -
.
2.4.1. -
,
, -
.
, , , -
- -
. ,
,
, -
( , , . .).
, , -
-
.
, -
( SELECT, INSERT, UPDATE,
DELETE), ( ) . -
SQL
( ) -
. -
,
.
, ó
, -
( , , , -
)

-
( , . .).
.
-
:
I. ( -
);

1
– Military Message System.
113
II. .
-
,
,
.
-
, -
, , :
1. -
( -
) ;
2. -
, -
.
,
-
,
, ,
- -
.

-
,
.

114
2.4.2.

.
1. :
- U;
- ℜ;
- P;
- .
P -
, , -
, ,
, -
.
2.
:
FPℜ : P x ℜ –
;
FUℜ : U xℜ – -
.
, F Pℜ FUℜ
.
FUℜ
– " - ",
-
, -
.
3.
:
fuser : → U – u=fuser(c)
u∈U, ;
froles : → R – = roles(c)
⊆ℜ , -
( ) c∈ ;
fpermissions : → P – = fpermissions(c)
⊆ P, ,
∈ ;
4. ( ) -
.

115
2.4.1. ,
u∈U, c∈ , -
( , ) p∈ P ,
:
p∈ ,
= fpermissions(c).
,

FUℜ -
, froles(c)
FUℜ .
, -
:

?
-
?

, , ( -
) .
-
:
• ;
• ( ) ( -
);
• ( -
);
• ;
• .
.

- - -
. -
, -
. . 2.26 -
- .

116
.

. 2.26. ( )

. -
-
–" " " ".
" " -
( ) ( -
) . -
,
, -
.
-
" ", -
( )
. .


F :ℜxℜ– , -
( ) -
≥, :
ρ1, ρ2 ∈ℜ, ρ1 ≥ ρ2, ρ1 ,
ρ2;
h
Uℜ : U xℜ – -
, ρ -
, ρ ', ρ:
∀ρ, ρ'∈ℜ, u∈U: ρ ≥ ρ ' ∧ (u,ρ) ∈ h
Uℜ (u) ⇒ (u,ρ') ∈ h
Uℜ (u);

117
h
roles : →R– ⊆ℜ, -
, (
) c∈ , :
h
roles(c) ⊆ {ρi | (∃ ρ'≥ ρi ( fuser(c), ρ')∈ h
Uℜ (u))} ;
h
permissions : →P – = h
permissions(c) -
⊆ P, = h
roles(c), -
∈ (
).

, -
FPℜ , . . -
-
. , -
- , -
.

, -
.
-
- , -
F Pℜ
:
• ;
• ;
• .
-
,
F Pℜ ( .
. 2.27):
h
Pℜ ( ρ j) = {pj1, pj2,…} ,
h
Pℜ ( ρ j) ∩ h
Pℜ ( ρ i) ∩ …= ∅ ,
h
Pℜ ( ρ j) ∪ h
Pℜ ( ρ i) ∪ …= P .
, . . ,
,
, -
- :
h
Pℜ ( ρ k) = h
Pℜ ( ki ) ρ ∪ h
ρ
Pℜ ( kj ) ∪…,
118
{ρki , ρkj , …} – - ρ k.

ρ1 ρ11 ρ111
FPℜ P1
P2
ρ112 ρ1121
F P3
ρ1122 P4

ρ1123 P5

ρ113
P7 P6
ρ12 ρ121
P
ρ122

h
ρ
Pℜ ( 12)=
h
ρ
Pℜ ( 121)∪
h
ρ
Pℜ ( 122) = P5 + P6 Pi ∩ Pj = ∅

. 2.27.

-
. -

. , ,
- , . . ,
:
h
Pℜ ( ρ j) ∩ h
Pℜ ( ρ i) ∩ …≠ ∅ .

, -
-
.

-
, :

119
h
Pℜ ( k) ρ ={pk1, pk2 ,…} ,
h
Pℜ ( ρ k) ∩ h
Pℜ ( i)ρ =∅ ,
{ρ k ≥ ρi}.
h h
roles permissions -
, -
c ρ k, -
, ρ k.
,
( ) ,
, , -
, ,
.
– - -
– -
( );
-
-
-
.
, -
, ,
, .
,
,
, ,
, , -
.
( )
,
.

( )

-
. -
-
. -
,
-

120
. ( )
,
1
.
-
" " . -
-
fexclusive(ρ), -
.
FUℜ :
:
(u, ρ)∈ FUℜ (u) ∧ ρ'∈ exclusive( ρ) ⇒ (u, ρ')∉ FUℜ (u) .

, , -
-
(
).
,
-
, . -
- -
, , -
.

( )
- -
-

.
,
, ,
- . ,
-
-
.

.
,
" "
fexclusive(ρ). , , - FUℜ ,
1
-
– ,
.
121
. . , ,
, .
-
-
, -
- . -
froles, -
-
:

∀ ρ1, ρ2∈ℜ, ρ1∈ roles(c) ∧ ρ2∈ ρ ⇒ ρ2∉


exclusive( 1) roles(c) .

" " " " .


-
, -
,
. ,
-
, ,
( )
.

,
, -
,
. -
p
FPℜ cardinality:P→N,
1
:

∀ pk | {ρm | (pk, ρm) ∈ FPℜ (pk )}| ≤ p


cardinality(pk ).

-
-
, , -
. .
cardinality: ℜ→N, -
, ,
FUℜ :
1
N– .
122
∀ ρk | {um | (ρk, um ) ∈ FUℜ (um )}| ≤ ρ
cardinality( k ).

-
, -
-
.

-
.

,
. ,
, ,
.
p
P prerequisite:P→ P, -
( )p ⊆P -
, -
F Pℜ :

∀ (p, ρ) ∈ FPℜ (p) ∧ p'∈ p


prerequisite(p) ⇒ (p', ρ) ∈ FPℜ (p) .

, , -

. -
, -
.

, -
.
ℜ prerequisite: ℜ→ , -
ρ ∈ℜ -
, FUℜ :
∀ (u, ρ) ∈ FUℜ (u) ∧ ρ '∈ prerequisite( ρ) ⇒ (u, ρ ') ∈ FUℜ (u) .

-
, -
FPℜ -
, -
,

123
, ,
.

, ,
-
, ,
- -
. ,
-
. -
-
, -
.

124
2.4.3. -
,
- , -
, -
.
- -
.
1. :
- O (o1, o2,…, oM ) ;
- U (u1, u2,…, uN );
- G (g1, g2,…, gK );
1
- R (r1, r2,…, rJ ) ;
- A ((N +K) x M),
-

R (r1, r2,…, rJ ), . . A[u, o] ⊆ R , A[g, o] ⊆


R.
2.4.2. -
, ( )
( ) -
.
, -
, " ", . . -
, -
. ,
-
,
, -
.
2.
:
FUG : U x G – ,
, -
.
, ,
" " " "
" - - ". -
,
-
1
, . 2.3, -
,
, -
.
125
( ), -
-
( ), -
. , -
, , ,
1
.
, FUG -
. , ,
,
-
, , , ,

, FUG .
3. - -

:
fgroups: U→ G – fgroups(u) =
= {gu1, gu2,…} ⊆ G , u
FUG ;
fusers: G → U – U = fusers(g)
U = {ug1, ug2,…} ⊆ U, g
FUG .
fgroups fusers -
" - -
",
FUG .
4. - -
( ) -
- .
2.4.2. ,
u∈U o∈O -
,
A[u,o]
A[g(u)i,o], FUG :
⊆ {A[u,o] ∪ A[gu1, o] ∪ A[gu2, o] ∪…},
{ gu1, gu2,…} = groups(u).

,
,
FUG.
1
,
. . , .
126
,
, ,
, ,
. -
, -
( , , . .), -
. , -
- , -
-
.
, -
- , -
, -
( 5.2).
,
-
, .
, , -
- ,
, . ( -
) -
( ) ( ) -
-
, . . , -
, " "
( )
" ( )- " ( , -
. .). -
-
, ,
.
,
-
.
-
( R) (
R) . -
. , Modify " ", . . Write
Read. , " "( -
) ( ) , -
. , R -
:

127
FRR : R x R - , ( -
)
≥ ,
r1, r2 ∈ R, r1 ≥ r2, ( ) r1 ,
r2 , . . , , -
r2 .

5.2 :

∀ r1, r2∈R, r1 ≥ r2 ∧ r2 ∈ ⇒ r2 ∉ ,

= {A[u, o] ∪ A[gu1, o] ∪ A[gu2, o] ∪…};


u o – , ;
{gu1, gu2,…} = groups(u) – ,
u.
- -
∪. <
-
, - -
- 2.4.2 -
:
= {A[u, o] ∪<A[gu1, o] ∪<A[gu2, o] ∪<…}.

, -
( , -
;
), -
( -
)
.
, -
, -
.
- -

- , -
.
, -
,
, , -
,
.
:
• ;
128
• , " -
".
-
" " .
, , , -
- -
- , , -
-
, -
.
" "

R.
.

, .

-
, , -
, . .
.
, , -
, -
. , , ,
, , -
. , -
– A , , ,
. , -
,
, , .
, G -

FGG : G x G - ,
( ) ≥ -
,
g1, g2 ∈ G, g1 ≥ g2, g1 g2 .

-
h
groups: G→ – groups(g) -
{gg1, gg2,…} ⊆ G , g -
FGG .

129
h
groups
fgroups fusers -
" - " ,
, . . "( -
+ )- ".
, ,
" " -
,
,
. ,
-
, ,
– . . 2.28.
-
, .

ρ1 g1 g2
g9

g3 g4 g5
ρ2 ρ3 ρ4 g10 g11 g12

ρ5 ρ6 ρ7 ρ8 ρ9 g7 g13 g14 g15

g6
g18
ρ10 ρ11 ρ12 ρ13 g8 g16
g17

. 2.28.

:
• , ( -
) ( . . 9.2);
• – , -
, -
, . . ; -
, ,
.
,
,
, " "
130
. , , -
, , , -
, -
1
( . . 2.29).
-

" ",
. -

,
,
,

, -

. 2.29.

2.4.3. g
g o
A[g, o],
, A[ggi , o],
FGG :

g(o) ⊆ {A[g, o] ∪<A[gg1, o] ∪< A[gg2, o] ∪<…},


h
{gg1, gg2,…} = groups(g).

, -
,
4.3:

⊆ {A[u, o] ∪< gu (o) ∪< gu (o) ∪<…},


1 2

, – .
131
gu (o) – 5.3 gi,
i
u.
, - -
-
-

. , -
-
, ,
" " , -
. ,
-
, -
- .

132
2.5. -

2.5.1.

, ,
, ,
.
1
2.5.1.
, -
( ) -
2
( ) .

, -
, ,
" " ( ).
, -
, -
. ,

, " "
.
" "– -
NRU
NWD.
, -
" " -
-
.
-
.
2.5.2.
,
-
-
NRU NWD.
, -

1
" ".
2
. . , -
- (
).
133
read/write ,
.
, NRU ,
" " , ,
, -
.

,
, " -
" , , , .
" " -
1
.

:
• ( -
);
• ( -
);
• (
2
).

,
, "
".

1
" ".
2
. . .
134
2.5.2.

-
. , -

.
. , . -
, -
.
-
- -
-
.

.
(HRU, TAKE-GRANT, -
) , -
-
. , -
( , ) , -
, ,
, , -
.
-
, , -
.
- .
1.
:
- H;
- L.
, -
, –
, , , (read/write) -
" ".
2. h∈H l∈L . -

" " :
2.5.3.
,

135
.
,
" "
-
. , -
, -
, -
.
, 3.20, -
:

p(h) >0, p(l) >0, p(h|l) >0 , (2.5.1)

p(h), p(l) – , , -
;
p(h|l) –
.
3. -
:
2.5.4. -
, ,
2.5.3.
-
(2.5.1) ,
, ,
. ,
p(h) > 0, p(l) > 0 :

p(l|h) = p(h, l)/p(h) = p(h|l)p(l)/p(h) , (2.5.2)

, p(h|l) > 0, , p(l|h) > 0.


p(l|h) , -

,
, . .
.

, –
" " -
.
,

136
, -
.
, -
.
4. -
:
2.5.5.
, ( -
) -
.
2.5.5 -
:

p(l|h) = p(l) . (2.5.3)

, , , p(h)>0, p(l)>0

p(h|l) = p(h) . (2.5.4)

-
(2.5.3) (2.5.4) :

p(lt|ht -1) = p(lt ) , (2.5.5)


p(ht|lt -1) = p(ht ) , (2.5.6)

h t , lt – ,
t.
(2.5.5) (2.5.6) -
, p (ht ) -
( , , -
) p(lt ),
. ,
( ) .
, ,
(2.5.5) (2.5.6) ,
-
. (2.5.5) (2.5.6)

,
, . , -
-
-
. ,
137
, -
-
, . , -
,
,
-
, , -
-
.
2.5.5 -
,
,
, .
2.5.6.
, -

.
2.5.6 , -

lt lt -1 -

ht -1:
p(lt|ht -1, lt -1) = p(lt|lt -1) . (2.5.7)
, (2.5.7)
:
p(ht -1|lt, lt -1) = p(ht -1|lt -1) , (2.5.8)
lt ht - 1,
lt ht + 1.
, -

,
.
-
2.5.6 -
.
2.5.7. -
, -
, 2.5.5, . . -
:
p(lt|ht', lt')= p(lt|lt') , (2.5.9)
138
t, t' = 0,1,2,…, t'< t.
, -
- -
- ,
,
.

139
2.5.3.
" " "
"

" "
(views) " ".
-
-
.
.
2.5.8. " " -

-
, ,

.
, " " ,
," " ," ",
, -
. -
, , .
,

, -
2.5.4 2.5.7.
, " " -
. -
, read ,
,
, , " " , -
" " ( ),
. , -
" " -
, .
" "
, " " -
-
, -
" " . -
, -
140
" " - -
" " ,
!
-

.
, " ", -
-
, , , ,
,
.
-
, " -
".
2.5.9. " " -
, -
-
-

(read, write, append, create,


delete . .) .
, " "
, ,
, . . " " -
, " " -
-
.
, -
,
.
-
(J. Goguen) (J. Meseguer), -
( ),
– GM- .
GM- -
, -
, -
- -
. -
- – ,
" " . -
" "
.
141
GM
(out), , -
, (traces)
.
, . . -
, -
(purge)
( ) , out
.
-
, " ", -
,
/ , -
.

142
2.6.

2.6.1.

, -
-
, , .
" " , -
, -
, . ,
( ) -
, . ,
- ,

(
).
-
, -
" ".
, ,
, , ,
. . , . . ,
[ ]
.
-

.
.
( ) .
.
,
.
. -
.
-
:
- , -
, -
, . . ;

143
- , -

;
- -
( ).

2.6.2. -
, -
, - -
" ", " " — « -
( ), - ».
.
1. D CDI ,
(constrained data items), UDI, -
(unconstrained data items).
D = CDI ∪ UDI , CDI ∩ UDI =∅
2. -
( ), -
, TP (trans-
formation procedures).
3. IVP , -
(in-
tegrity verification procedures).
4. TP,
IVP -
, « ( , )
».
.
1. IVP -

CDI.
2. TP -
, . . , -
( ) CDI,
.
1. TP -
CDI , 2
2. -
TP
TP
CDI ( . . « -TP- CDI»)

144
3. , 2, -
( . . -
).
3. ,
- TP.
4. TP ,
-
TP. – CDI,
.
5. TP UDI,
CDI .
4. ( )
, 2 2.
- ,
.

2.6.3.
( )
. - .
.
1.
- S
- O
- R( - read
write)
- Λ (
)
- F, S O Λ
- V, -
(F,A)
- v0
- Q
- T: (VxQ) → V,

2. ( ) -
« », . . -
(" -
" / ).
3. (
- :

145
- s∈S o∈O
, F(s) < F(o). -
(no write up - NWU) – , . .
(« ») ;
- s∈S o∈O
, F(o) < F(s). -
(no read down - NRD) – , . .
(« ») .
, - , -
, , -
. . -
-
.
. -

" " -
. -

. , ,
" ", .
.
- , -
. .
" ", -
(" ") -
. ,
" ", -
( " ")
. -
.
, -
. , , -
, " ",
,
,
.

( -
) -
- . .
-
.

146
1. .
– ,
. -
-
. . ,
, -
,
. – . .
2. ( -
/ ). - ,
-
( . ." "
" ").
3. , –
-
/ . -

( -
).

( ).
, ,
, -
, , ,
.

147
2.6.4.
- ( )
-
" – " -
.
-
.

.
. -
, " " ( -
SQL– ROLLBACK), -
( SQL– COMMIT).
- -
. , -
,
,
( - ) -
( )
, -
. -
:
• ;
• " " ;
• .
, -
. ,
- , , –
, , , ,
, -
.
" " -
. -

— . . .
" " , -
- ,
. ,
, , -
, ,
" " , . . " -

148
" . - ,
, -
, .
,
- ,
. , -
, ,
" " , . . .

, -
.
-
-
. ( )
, -
-
.
. -
:
̌ ( ) ;
̌ .

(Shared) (eXclusive). -
,
. -
. ,
. , ,
.

( -
) – 2PL (Two–Phase Locks).
.
( ) -
-
.
( ) – ( -
) .

. , " "
( ). -
" -
" ( , , -

149
, – ).
, -
, ( )
, -
-
– , – ). -
-
.

(Deadlock). -
, -
, .

, ,
, . -
, . . -
, . . ,
.
( -
) ( ).

, – –
. – –
, , -
– – -
. -
( ),
,
. -
,
( ) -
,
.
, , -
.
– , -
-
, , , -
. " "
" " ,
.

.
150
, , -
. -
" " -
( ). -
" " ,
:
• , , " " -
;
• ,
;
• ,
( , , " –
");
• , -
, -
, . . ;
• ,
( ) -
, ,
.
, -
, ,

. -
, , ,
.

151
2.7.
( )
2.7.1. ,
-
-
, :
- ( -
);
- ( -
, , -
- , -
" ", " " " " )
- - , -
, -
( , ) ( -
/ , , -
).
:
- -
( ) -
;
- , -
( )
.
-
, ( -
). . . " -
" -
2- (« ») , -
. .« », -
. -
-
,
« » .
, , -
, - ( -
), « -
» . « » -
« » .
, -
, . . , -
152
– ) , ) -

( ) .
/
. 2.30.

. 2.30. /

-
/ . 2.31.

. 2.31. /

153
,
( )
, -
, ( -
).

154
2.7.2.
-
-
, , ,
/ -
.

( ) .
, -
( ) , -
, -

. ,
-
/ ,
. -
-
( ) ,
,
, ,
.
, ,
-
, – -
:
̌

;
̌

.
,
, :
• (
);
• ( -
).
-
" ",
, , ,
. ., -

155
.
-
, ,
. -
,
,
" – ". ,
.
( ) -
-
. , , -
, ,
-
. , ,
,
( ) , , ,
.
.
, -
. -
, -
, . . .
.
( ) -
,
" – ", –
,
-
, .
-
-
. -
– ,
. , , -
, " -
" -
. -
, -
, , ,
, .

. -
156
.
. -
, -
-
.
, – -
, -
, " – ",
" " .
, -
.
. -
, . . -
.
, -
,
,
. , -
, , -
( ) -
-
.
-
, -
.
-
( ) -
, (
1
) .
,
.
, -
, -
, -
, -
. , -
. -

, ( ) -
. , -

1
. . (GUID).
157
. , , -
-
" ", -
, . -
, -
.
,
,
( , )
, -
.

158
2.8.

-
,
1
, .
-
.

2.8.1.

-
:
• -
- ,
, ,
- -
( ) ;

- ,
, -
( ) -
, -
;
• , -
( ),
, -
( ).

( / ,
- , , ,
. .), ( - -
) . -
-
,
-
, -
, , - -
. - -

1
" ",
.
159
- ( -
) -
. ,
,

. , ,

, , -
.
-
-
, . .
, -
" ".
, , -
-
" ".
2.8.1. ,
, -
.
,
( , . .)
,
. . .
( ) -
:
• -
(
);

;

( ) ( ) -
, -
.
( -
) , " - ", -
" " .
( )
( , ) -
.
,
. , -
160
, -
.
– ( -
), (
).
, ,
-
( ,
)
. ,

.
-

. ,
,
.

, -
( )
. , -
.
2.8.1.
,
( ).

-
-
, , -
, -
, .

161
2.8.2.

-
-
– . . 2.32:
• ;
• " - ".

Λ1 Λ2 Λ
( )

( -
- ) -

. 2.32.

, -
, -
(
) . , -
-
, . . -
( ).

( )
, . . , ,
.

-
-
. -
,

162
( ), -
( ).
. 2.32 -
( ) st, -
" ", . .
. -
-
( ) .
,
,
.
out
2.8.2. p = Stream(sm , oi)→oj -
sm Λ1 oj
Λ2 sm -
s (1)
t
(2)
s t Λ1 Λ2
oj ( ) oi
Λ1 ( . . ( ) oi , ( )
sm).
, -
,
. 2.33.

Λ1 Λ2
o(1)t o(2)t
s(1)t s(2)t
oi oj
sm

(1)
:s t s(2)t – Λ1 Λ2,
;
o(1)t o(2)t – s(1)t s(2)t -
( . .);
oi – , ( ) sm .

. 2.33.

, , ,
, (
), (
163
), -
( ).

-
2.8.2 , Λ1
- oj -
Λ2.
. ,
.
2.8.2. U -
{Λ1, Λ2,…, ΛK} -
{U1, U2,…, UK}
.
, , , 2.8.2
, , , -
- -
.
,
. , ,
,
, .
2.8.2, , -
,
, -
.

– -
, -
.
2.8.3.
Λ1 Λ2 -
,
-
.
:
• , , ,

̇ ;
̇ ;
• .

164
, , -
Λ1 Λ2
Λ2 -
Λ1, -
Λ1 Λ2
. " " -
( ) -
( -
Λ1 , , -
Λ1).

, , , -

( ) -
.
-
, -
. -
2.8.1 ,
( ) -

. -
-
. , -

, - -
" ", . .
, . -

, -

-
.

:
• ,
" " ;
• , -
, , ( -
) -
.

165
,
" ( -
)– ( )",
(
) -
.

-
.
-
1
" " ("Trusted Network Interpretati-on", 1987 .)
( -
) – NTCB (Network Trusted Computer Base).
2.8.2 -

. , ,
,
, ( ) .
. 2.33,
(1)
" sm(Λ1) - s t- s(2)t " -
Λ2 ,
Λ1.

, -
-
.
, , , -
, ,
. .
(Vijay Varadharajan) 1990 . , -
,
.
,
.

.
– . -
,
, ,
. , , -
- .

1
" ".
166
2.8.3.

,
, -
,
. , -
,
Windows NT/2000 - -
.
, , -
-
, , -
-
. -
- -
– ,
( ) , - ,
. . ( ),
, ,
( -
, ), . -
Windows NT/2000 -
-
.
, , -
-
.
- -
-
, -
, -
, -
Windows NT/2000.
1. -
:
- ( )
O (o1, o2,…, oM );
- U (u1, u2,…, uN );
- V(v1,v2,…, vL) – -
( , ), ,
. .;
- Z (z1, z2,…, zK ).

167
2.8.4.
,
, -
( ) .
, 2.8.4 -
, -
-
.
2. -
2.8.1 -
, ( -
-
, , ).
2.8.5. -
( ), -
z∈Z PL(z),
, -
( ) ,
, -
, -
( , ) :

PL(z) = P inL(z) ∪ P outL(z) , (2.8.1)

P inL(z) – ;
P outL(z) = P outL(z→) ∪ P outL(z←) –
z ∈ Z, -
z –
out
P L(z→)
z – P outL(z←).
, -
, -
:
• " - ";
• .
- , -
, ( )
, -
, ( )
. -
-
, -
168
. -
- ,
,
( , - , -
1
, . .) .

( )
.

, -
, -
, -
. -
. , -
,
( )
2
.
- -
.
, -
, -
-
.
3.
, :
fphys : V→ Z – z = fphys(v) z ∈ Z,
( )
v ∈ V;
fuser : U→ Z – z = fuser(u) z ∈ Z,
( ) -
u ∈ U;
ffobject : O→ V – v = ffobject(o) -
v∈ V, ( )
o ∈O.
, v = ffobject(o) z = fphys(v)
z = fiobject(o),
o∈O z ∈ Z, " -

1
" " .
2
" ".
169
"1 -
.
4. Z -
, -
:
FZZ : Z x Z - ,

≤, ,
z1, z2 ∈ Z, z1 "=" z2, z1 z2 -
( z1, z2 -
, ,
z1 z2,
2
, , z2 z1) –

P outL(z1→ z2) ≠ ∅ ∧ P outL(z1←z2) ≠ ∅ ; (2.8.2)

z1, z2 ∈ Z, z1 > z2, z1 z2 -


( z2
z1, z1 z2, , -
z1
z2, -
z2 z1 )–

P outL(z1→ z2) ≠ ∅ ∧ P outL(z1← z2) = ∅ ; (2.8.3)

z1, z2 ∈ Z, z1 "≠" z2, -


z1, z2 ( z1, z2 -
, , -
z1 z2
z2 z1) 3 –

P outL(z1→ z2) = ∅ ∧ P outL(z1←z2) = ∅ . (2.8.4)

, -
Z , -
, :

∀ z ∈ Z: z ≤ z ,

1
- , -
, . . 2.8.2 , -
- -
.
2
"=" ( ) ≤.
3
"≠" .
170
∀ z1, z2 ∈ Z: (z1≤ z2 ∧ z2≤ z1) ⇒ z1"="z2 ,
∀ z1, z2 , z3 ∈ Z: (z1≤ z2 ∧ z2≤ z3) ⇒ z1≤ z3 .

, , . . -
( ). -
(
) , ,
(
), -
( ). , , -
, , -

,
( ).
5.
:
̇" " ( )
;
̇
(
)
.
-
-
v ∈V (
z z z
V =
-1
phys(z)) –V ⊆V .
zu z

uz ∈U z (
-1
U z = user(z)), ( ) -
z ∈ Z, V zv:
z z z
UV : U x V – , -
v zu
∈V zu
v (
V zu
= z z
UV (u ), u ∈U , V
z z zu
⊆ V ), z

" " .
2.8.6. u∈ U " "
z = fuser(u) /
-
,
v zu ∈ V z -
:

u∈U z ∧ v zu∈V zu , (2.8.5)

171
- -1
U z= user(z);

V zu = z z
UV (u ).

, ,

, -
, -
( , -
, ).
, , -
, .
2.8.3. -

.
2.8.3
,
. , -
( )
, , ,
-
,
, -
/ .
6. ( ) -
:
out
UZ :
UxZ - -
" " z' ∈ ( Z = (Z \ user(u)),
(z' ≤ fuser(u))
-
( ) -
.
6.7. u∈ U
" " z' ∈ Z \ fuser(u) -
/
z'
z = fuser(u) z' -
u " " z' :

z ∉Z ∧ z ≥ z' ∧ z' ∈ out


UZ (u) , (2.8.6)

Z = Z \ user(u);
z = fuser(u).

172
1
/ -
( )
( ). -
-
,
.
, ,
-
,

. .
2.8.4. -
, -
:
-
( );
- , -
, ( );
- ( -
);
-
.
2.8.2 2.8.7 -
.
2.8.8. s'm(z')
( ) - - ,
u, z,
z'
" sm(z) - s t - s(z')t ",
(z)
-
(z)
z z' " oi(z) – o t –
o(z')t – oj(z') ",
sm(z) – , z
u, z = fuser(u) ;
(z) (z')
s t, s t– z z', -
;
(z) (z')
o t, o t– ,
(z) (z')
s t, s t z z', ;
oi(z) – z (fiobject(oi)= z), -
sm(z) ;
oj(z') – z' (fiobject(oj)= z').

1
.
173
7. -
-
, ( -
) :
PL = P inL(z1) ∪ P inL(z2) ∪…∪ PinL(zK) ∪ PoutL(z1) ∪ PoutL(z2) ∪ …∪ ∪ P outL(zK)
(2.8.7)
:
K K
P outL(zi) = U P outL(zi → zk) U U P outL(zi ← zk). (2.8.8)
i≠k i≠k
k=1 k=1
.
2.8.1. ( - -
). , -
(2.8.1)
, -
2.8.6, 2.8.7 2.8.8
2.8.2, 2.8.3, 2.8.4,
(2.8.7).
.
2.8.1, 2.8.2,
2.8.3, -
" " ,
-
,
( ) (2.8.1). ,
,
2.8.6 , -
, -
.
-
, 2.8.8
-
,
( )
.
-
(2.8.6):
̇ ;
̇ , -
.
,
(2.8.1),
174
,
, -
(2.82), (2.8.3) (2.8.4).
2.8.4 ( )

( ) .
, -
(2.8.1) -
, , -
(2.8.7).
, -
, 2.8.1, 2.8.2, 6.3 -
2.8.6, 2.8.7 2.8.8 ,

, -
.
2.8.1 , -
,
, ,
( ). ,
- -
,
.
-

, Windows NT/2000.
Win-
dows NT/2000.
– Windows NT/2000 -
2.8.4.
– "
" ( ) .
, -
,
.
( NTFS) – -
( ) . ,
-

Windows NT/2000 ,
. . -
175
(
). , ( ) -
( ) -
. -
NTFS ( -
) , -
.

-
, ,
. -
,
,
. -
( , , -
) , -
, . . , -

. -
. -
, , ,
. -

-
.
,
, -
. -
-
" ".
-
- . , -
. , -
, -
,
. -
-

,
. -
, -
-
. -
176
NRU
NWD. ,
-
,
, -
. -
-
-
.

177
III.

3.1. -

-
( . . 1.1.3),
( . .1.1.2) -
-
.
" "
( ) -
- , - -
.
- -
, 70- . . ." -
[ ]".

, . 3.1.

.3.1. 3-
.
G(P,O,Z,E,H) -
( ) ( -
) .
. .

178
. . ( " - -
").

G(P,O,Z,E,H) -
:
P(p1, p2 ,… pN ), pi – -
;
O(o1, o2 ,… oL ), oi –
;
NXL {eij},
e,j =1 i- j- -
, e,j = 0 ;
Z(z1, z2 ,… zM ), zi –
;
NXM H{hij}, hij – (
) i- j- .

, - -
.
- -
,
( ) -
, -
.
- ,
, :

U −U '
= L M

∑ oi + ∑ zk
, (3.1.1)
i =1 k =1

U–
;
U' –
.
U U' -
:
L N
U = ∑ o (1 − ∏ e
i =1
i
j =1
ij (1 − p j ))
(3.1.2)

L N M
U ' = ∑ oi (1 − ∏ eij (1 − p j (1 − ∏ (1 − h jk )))) (3.1.3)
i =1 j =1 k =1

179
-
-
, . . -
:
N M
P' = 1 − ∏ (1 − pi (1 − ∏ (1 − hik ))) (3.1.4).
i =1 k =1
, -
,
, .1.2.2, -
-
hij ( )
.

180
3.2.
-

3.2.1. - -

( )
- -
, ( .3.2).

.3.2. ( )

( -
, . .) .
(
). ,
, , -
.
, -
,
.
-
.
.3.3.
181
.3.3.

-
-
– . .3.4.

.3.4. -

182
(U,G,O,E) . . -
:
R – (NxMxK)-
( - -
, rnmk =1, , rnmk =0, -
, rnmk = -1, );
R – (LxMxK)-
;
– (MxM) ;
– ( Lx L) ,
(h ij=1, i- -
ij
, h =0, );
W – ( N x L)
(wij=1, i- j-
; wij=0, ).
,

, -
:
S
R| = R| ⊗ ( + I), (3.2.1)
S 2 n
= + +…+ ,
⊗ -
:
R| )ij=ri1(h 1j+δ1j) ∨'ri2(h 2j+δ2j) ∨' … ∨' riM (hSMj+ δMj) ,
S S

I– ;
δij – .
∨' -
,
rnm = - 1. rij ∨' r ji -
.
rij rji rij ∨' rji
1 0 1
1 1 1
1 -1 -1
0 0 0
0 1 1
0 -1 -1
-1 0 -1
-1 1 1
-1 -1 -1

183
, -
:
S S
R| =W⊗((( +I) ⊗R )⊗( +I)) (3.2.2)

, - -
:

R | =R | ⊕ R| =
S S S
= (R| ⊗ ( +I)) ⊕ (W⊗((( +I) ⊗R ) ⊗ ( +I))) (3.3.3)

⊕ - ,
( -
), .
r | r | r | ⊕ r|
1 0 1
1 1 1
1 -1 1
0 0 0
0 1 1
0 -1 -1
-1 0 -1
-1 1 -1
-1 -1 -1

,
.
, - -
, -
, -
.
, . . , -
, . .
( -
, ,
. .), -
.
- -
-
) –

184
K N M

K = ∑∑∑k
k =1 i =1 j =1
ijk , (3.3.4)

1
k ijk = (k ijk +k ijk )– -
L +1
i- j- k- ;
k ijk – i- j-
k-
;
k ijk – i- j-
k- ,
,
;
K, N, M, L – , , -
, .
k ijk -
1
R k| = Rk| ⋅ ( S
+ I) -
k- -
. ,

k ijk = (R k| ⋅( S
+ I))ij, (3.3.5)

R k| – -
-
k– .
-
k ijk k

k = W⋅((( S
+ I) ⋅R k )⋅( S
+ I )) . (3.3.6)

,
, ( ) -
, , -
,
/ , (3.3.5, 3.3.6) -
K , -
-
- .
1
.
185
3.2.2. -

-
,
, -
. -
-
.
-
. - -
-
, ,
. , -
, -
, -
,
.
-
.
,
- U (u1, u2,…, uN ),
O (o1, o2,…, oM )
R (r1, r2,…, rK), , , -
, , ,
.

.
3.2.1. -
, , -
, ,

.
( )
g
U
(G ,G
O
1, G O 2,…, G O K), -
U
(G ) -
(G
O
1, G O 2,…, G O K).
- -
- GU GO k
W ( . .3.2.1) R k, -
.
186
-
, .
gi gj -

N K M
1 1
σ ij=
2N

n =1
( wni ⋅ wnj + wni ⋅ wnj ) +
2 KM
∑∑ (r
k =1 m =1
imk ⋅r jmk +r imk ⋅r jmk )

(3.3.7)
w– w.
(3.3.7) w
W r Rk, w r, -
, -
, , , -
,
. σ ij
[0,1] , -
-
-

⎛ σ 11 σ ... σ ⎞
⎜ ⎟
12 1L

⎜ σ 21 σ 22 ... σ 2L ⎟

Ω = ⎜ ... ⎟. (3.3.8)
⎜ ⎟
⎜ σ L1 σ ... σ LL ⎟⎠
⎝ L2

σ ii W (9.33)
,
. , σ ij =σ ji . , Ω
.
Ω,
,
-
- .

– -
, R (r1, r2,…, rK)
O (o1, o2,…, oM), , -
-
, " " -
, .
, -
-
187
– (R i 1,
R i 2, …, R i K), , , -

K M
1
σ ij =
u
KM
∑∑ (r
k =1 m =1
imk
⋅r jmk
+r imk
⋅r jmk
), (3.3.9)

r imk – R -
.
σ u
ij Ωu -
, , -

.
-
.

( ),
( ). -
, -
, – , ,
-
.
, -
Ω, u
-
,
.
.
-
, . -
-
, -
( ) . -
, . . -
-
Ω u, -

.
-
-
.
, -
,
– . .3.5.

188
σu 1N

σ u
13 σu 3N
. . .
u1 σu u2 σ u u3 uN
12 23
σ u
2N

. 3.5. ( )

, -
-
,
. , " "
0 , 0.
-
,
, -
.
, Ωu
( -
),
, -
.

189
I. HRU
1.1.
: s1 ( , admin) s2 (
, user).
( ) o1 o 2,
s1 s2 , . o3 -
.
:

o1- secret o2 - no secret o3 - secret


s1 own,r,w,e r,w,e own,r,w,e
s2 - own,r,w,e -

,
HRU, .
1- . - s2 o2
o , r (read), w (write) e (execute)
s1 , - -
o s1 .
-
.
Command " " (s2,o ):
if "write" ∈ [s2,o2]
then
Create object o ;
Enter {"own", "read","write","execute"} into [s2,o ];
end if
if {"read","write"} ⊆ [s1, o2]
then
Enter {"read","write","execute"} into [s1,o ];
end if
end command
o1- secret o2 - no secret o3 - secret o - trojan
s1 own,r,w,e r,w,e own,r,w,e r,w,e
s2 - own,r,w,e - own,r,w,e

2- . s1 o , -
.
Command " " (s1,o ):
if {"read","write","execute"} ⊆ [s1,o ]
then
Create subject s ;
Enter {"read","write","execute"} into [s ,o2];
Enter {"read","write","execute"} into [s ,o ];
end if
if {"own", "read","write","execute"} ⊆ [s1,o1] and {"own", "read","write","execute"} ⊆
[s1,o3]
then

190
Enter {"read","write","execute"} into [s ,o1];
Enter {"read","write","execute"} into [s ,o3];
end if
end command
o1- secret o2 - no secret o3 - secret o - trojan
s1 own,r,w,e r,w,e own,r,w,e r,w,e
s2 - own,r,w,e - own,r,w,e
s r,w,e r,w,e r,w,e r,w,e

3- . ( ) -
s o3 o2, -
-
, .
Command " o3 s o2" (s ,o3,o2):
if "read" ∈ [s ,o3] and "write" ∈ [s ,o2]
then
Create object o';
Enter {"own", "read","write","execute"} into [s ,o'];
Enter "read" into [s2,o'];
Read (s ,o3);
Write (s ,o');
end if
Destroy subject s ;
end command
o1- secret o2 - no secret o3 - secret o - trojan o' ≡ o3 - secret
s1 own,r,w,e r,w,e own,r,w,e r,w,e -
s2 - own,r,w,e - own,r,w,e r

. , -
s1 o2 r.
-
.
.
o1- secret o2 - no secret o3 - secret
s1 own,r,w,e r own,r,w,e
s2 - own,r,w,e -

.
.
1- .
1- . - s2 , o2,
s1 .
Command " " (s1,s2,o2):
if "own" ∈ [s2,o2]
then
Enter {"write","execute"} into [s1,o2];
end if
end command
o1- secret o2 - no secret o3 - secret
s1 own,r,w,e r,w,e own,r,w,e
s2 - own,r,w,e -

191
, .
2- .
1- . - - s2 ,
w e o2,
- o4, ,
, s1 r, w -
e.
Command " " (s2, o4):
Create object o4;
Enter {"own", "read","write","execute"} into [s2,o4];
Enter {"read","write","execute"} into [s1,o4];
end command
o1- secret o2 - no secret o3 - secret o4- no secret
s1 own,r,w,e r,w,e own,r,w,e r,w,e
s2 - own,r,w,e - own,r,w,e
o o4 -
, .

II. TAM

2.1
,
, ( ) – u, ω ν .
s1 u - (s1: u).

α(s1:u, s2:ω, o1:ν):


Create object o1 of type ν ; u ν
Inter r into [s1, o1] ;
Create subject s2 of type ω ;
Inter r' into [s2, o1] ;
Create subject s3 of type u ; ω
Inter r'' into [s3, o1] ;
end α
o1 ν, r
s1 , - s2 ω s3 u,
r' r'' o1, .
. α .
.
α
ν, ω u , -
- u, ω, ν . u ν
-

– (u,ν), (u,ω), (u,u), (ω,ν), (ω,ω), (ω,u),


(ν,ν), (ν,ω), (ν,u). ω

, -

192
α
2 – (u→ω→ν→ u), (u→ω→u), (ω→v→ω), (u→v→u).

2.2.

,
TAM, : s1 a - (s1: )
(admin); s2 u - (s2: u) (user);
: o1 ν (secret) – (o1: ν),
s1 ("own"∈ rs1,o1), o2 η (no secret) – (o2: η), -
s2 ("own"∈ rs2,o2), o3 ν–
(o3: ν) o1,
s1 ("own"∈ rs1,o3). - ν
s1 ,
o2 ({"read","write","execute"} ⊆ rs1,o2).
-
. u η
. -
s2 -
o3.
.
1- . - s2 o2
o η, r, w e (execute)
s1, -
o s1 .
TAM .

α1(s1:a, s2:u, o2:η, o :η):


if "write" ∈ rs2, o2
then
Create object o of type η;
Enter {"own", "read","write","execute"} into rs2, o ;
end if
if {"read","write"} ⊆ rs1,o2
then ν
Enter {"read","write","execute"} into rs1, o ;
end if
end α1
α1 u η
η a, u η,
.
α1

(a,η), (u,η) (η,η).
2- . s1 o , -
. Command " " (s1,o ):

α2(s1:a, s :η, o1:ν, o2:η, o3:ν, o :η):


if {"read","write","execute"} ⊆ rs1, o
then
193
Create subject s of type a;
Enter {"read","write","execute"} into rs , o2;
end if
if {"own", "read","write","execute"} ⊆ rs1,o1 and {"own", "read","write","execute"} ⊆ rs1, o3
then
Enter {"read","write","execute"} into rs , o1;
Enter {"read","write","execute"} into rs , o3;
end if
end α2 ν
α2
a a, η, u ν, -
. -
u η
α2 -
– (a,a), (η,a), (u,a)
(ν,a).
, -
- (a→η), -
η
s1 .
3- . ( ) -
s a o3 ν -
o2 η, s2 u -
ν, .

α3(s :a, o3:ν, o2:η, o':ν):


if "read" ∈ rs ,o3 and "write" ∈ rs , o2
then
Create object o' of type ν ;
Enter {"own", "read","write","execute"} into rs , o' ;
Enter "read" into rs2,o1;
Read (s of type a, o3 of type ν);
Write (s of type a, o' of type ν);
end if
Destroy subject s of type a; ν
end α3
α3
ν a, η, ν,
. u η
α3 -

– (a,ν), (η,ν) (ν,ν).

, 2 - (a→ν→ a), 3 - (a→η→ν→ a).

2.3.

, -
TAM 2.2,
194
-
.
.
.
.
1- .
α aη η (no secret)
a (admin).
, η,
αaη a.
,
η, ν
a.
, α1
.
-
- u η
(a,η), ,
(a→ν→ a).

2- .
α ν
η.
,

ν, α
-
η. ν
ν η
.
, α3 -
.
u η

(η,ν), , -
(a→η→ν→ a).

195
III. TAKE-GRANT

3.1
,
0 (O, S, E), x y tg- .

0 (O, S, E)
α ⊗ s
t g t
x s1 s2 y

: x α
s y.

1- . s2 t (" ") y
α s – takes(α, s2, y, s).
0 (O, S, E) 1 (O, S, E)

α
1 (O, S, E)
α ⊗ s
t g t
x s1 s2 y

2- . s2 g (" ") s1
α -s – grants(α, s2, s1, s).
1 (O, S, E) 2 (O, S, E)

α α
2 (O, S, E)
α ⊗ s
t g t
x s1 s2 y

3- . x t (" ") s1 -
α s – takes(α, x, s1, s).
2 (O, S, E) 3 (O, S, E)

α α α
3 (O, S, E)
α ⊗ s
t g t
x s1 s2 y

x tg- y α
s.

196
3.2
tg-
t g, 3.1
s1 s2 .

0 (O, S, E)
α ⊗ s
t g t
x s1 s2 y

: x α
s y.

1- . 3.1 ( s2 t
(" ") y α s– takes(α, s2, y, s).
0 (O, S, E) 1 (O, S, E)

α
1 (O, S, E)
α ⊗ s
t g t
x s1 s2 y

2- . s1 z tg
g (" ") 2–
screate(tg, s1, z)
grants(g, s1, s2, z)

1 (O, S, E) 2 (O, S, E)

α
z
2 (O, S, E) tg g
α ⊗ s
t g t
x s1 s2 y

3- . s2 α s -
z, s1, t z α s
– grants(α, s2,z, s)
takes(g, s1, s2, z)

2 (O, S, E) 3 (O, S, E)

α α
α
z
3 (O, S, E) tg g
α ⊗ s
t g t
x s1 s2 y
4- . 3- 3.1.
197
3.3.

,
0 (O, S, E).

0 (O, S, E)
g grants(α, u, s, w)
s u α

⊗w

( ) α " "
( , t (" ") - -
).
s, u tg- .
: s α -
w u, , grants(α, u, s, w) -
.

1- . v, t u.
u t v.
1 (O, S, E) t v
g t
s u α

⊗w
2- . u s t v– grants(t, u, s,

t
2 (O, S, E) t v
g t
s u α

⊗w

t
3 (O, S, E) t v
g t
s t u α

⊗w
v).
3- . s v t u – takes(t, s, v, u).
4- . s ( ) u α w – takes(α, s,

t
4 (O, S, E) t v
g t
s t u α

⊗w

198
u, w).

IV. TAKE-GRANT

4.1.
α , -
0 (O, S, E),
0 (O, S, E)
r
r r
x s1 w s2 y
, " - "
: - rspy = 1, rpost = 2, rfind = 3 rpass = 4.

: " - " -
x y, .

1-
1- . spy(x, s1, s2).
r (=1)
1 (O, S, E)
r
r r
x s1 w s2 y
2- . spy(x, s2, sy).

r (=1) r (=1)
2 (O, S, E)
r
r r
x s1 w s2 y

-
1 + 1 = 2.

2-
1- . post(x, s1, s2).
r (=2)
1 (O, S, E)
r
r r
x s1 w s2 y
2- . spy(x, s2, sy).

r (=2) r (=1)
r
r r
x s1 w s2 y

-
2 + 1 = 3.
199
3-
1- . pass(s1, s2, y).
r (=4)
1 (O, S, E)
r r r
x s1 w s2 y

2- . spy( , s1, y).


r (=1) r (=4)
1 (O, S, E)
r r r
x s1 w s2 y

-
4 + 1 = 5.

200
V. -
Σ(v0,Q, FT), -
ΛL – l1, l2, l3; l1>l2> l3; l1>l3.
( ) :
u1 – ;
u2 – ;
u3 – ;
u4 – user, . . .
:
o1 – ;
o2 – " ";
o3 – " ";
o4 – " "( , )( ).

5.1.
, -
[u,o] .

1. ,
NRU NWD -
.
,
o2. fL(o2)= l1.
, - (
) . fL(o1)= l3.
o3 , . ,
,
. fL(o3)= l3.
" " , , ,
o2, . fL(o4)= l2.
2. , -
NRU NWD .
, -
, ,
. NWD, fL(u1)= l3.
, fL(u2)= l1.
-
( l1 l2). NWD, fL(u3)= l2.
,
fL(u4)= l3.
3. NRU NWD

o1 o2 o3 o4
r,w w r,w w u1
r r,w r r u2
'[u,o] =
r w r r,w u3
r w r,w w u4
201
4. , NRU NWD
( '[u,o]) .
, u1 ( ) u4
o2, o3 o4.
u3 ( ) o2
( , ).
," "
, NRU NWD.
o1 o2 o3 o4
r,w — r — u1
r r,w r r u2
[u,o] =
r — r r,w u3
r — r — u4

5.2.
-
:
I– ( ) o2.
II – o2 .
I II
?

1. II 5.1.
2. ( u2)
( u3).
, fL(o2)= l1.
, u3 , NRU NWD
fL(u3)=l1.
fL(u3)=l1 NRU NWD
( ) ( u3)
( o4).
I .
fL(o4)= l1.
I :
o1 o2 o3 o4
r,w — r — u1
r r,w r u2
I[u,o] =
r r,w r r,wr u3
r — r — u4

3. I II
– u3
o4, –
. I
r,w o2, o4
o2 o4, II
l2,
" - ".

202
VI.

. -
( ) -
:

τ1

τ2 τ3 τ4
τ5 τ6 τ7 τ8 τ9

τ10 τ11 τ12 τ13 τ14

τ15 τ16 τ17 τ18 τ19 τ20 τ21

T 1= {τ5,τ6}; T 2={τ11,τ12}; 3={τ3,τ8}; 4={τ6,τ8}; 5={τ12,τ13}; 6={τ13,τ9};


T 7= {τ15,τ16,τ14}.

6.1.

( , , ) -
:
T 2 T 1; T 7 T 4; 5 T 3; T 6 T 4.

.
T 2 ≤ T 1; T 7 ≤ T 4; 5 <> T 3; T 6 <> T 4

6.2.

:
T 3 ∪ T 5; 4 ∪ T 6; T 2 ∪ 3; 1 ∪ T 2; 4 ∪ T 7.
.
T 3 ∪ T 5
1. . - -
. -
{τ3,τ8,τ12,τ13};
τ13 ( )
τ8 - {τ3,τ8,τ12};

203
2. . - {τ3,τ8,τ12}, -
– . .
3. - T 3 ∪ T 5= {τ3,τ8,τ12}. , -
, . . -
- .

T 4 ∪ T 6
1. . {τ6,τ8, τ13,τ9}. τ13 τ8. {τ6,τ8,τ9}.
2. . τ 8 ,τ 9 τ4 .
τ 8 ,τ 9 . {τ4,τ6}.
3. -T 4 ∪ 6 ={τ4,τ6}.

T 2 ∪ T 3
1. . {τ11,τ12,τ3,τ8}. .
2. . {τ11,τ12,τ3,τ8}. .
3. -T 2∪ 3 ={τ11,τ12,τ3,τ8}.

T 1 ∪ T 2
1. . {τ5,τ6,τ11,τ12}. τ11,τ12 τ6. {τ5,τ6}.
2. . {τ5,τ6}. .
3. - 1 ∪ T 2={τ5,τ6}= T 1. ,

T 4 ∪ T 7
1. . {τ6,τ8,τ15,τ16,τ14}. τ14 τ8. τ15,τ16 τ6. {τ6,τ8}.
2. . {τ6,τ8}. .
3. -T 4∪ 7={τ6,τ8}= T 4.

6.3.

:
T 3 ∩ T 5; 4 ∩ T 6; T 2 ∩ 3; 1 ∩ T 2; 4∩ T 7.

.
T ∪ T 5
3
1. . {τ3,τ8}↔{τ12,τ13}. T 3={τ3,τ8} ,
( ) - T 5
={τ12,τ13}. . , - ∅.
2. . {τ3,τ8}↔{τ12,τ13}. T 5 ={τ12,τ13}
( ) -
T 3={τ3,τ8}. τ13 ( τ8). -
, - {τ13}.
3. . - .
- 3 ∪ T 5={τ13}.

T 4 ∩ T 6
1. . {τ6,τ8}↔{τ13,τ9}. -∅
204
2. . {τ6,τ8}↔{τ13,τ9}. - {τ13}.
3. . - 4∩ 6={τ13}.
T 2∩ T 3
1. . {τ11,τ12}↔{τ3,τ8}. - ∅.
2. . {τ11,τ12}↔{τ3,τ8}. - ∅.
3. . - 4∩ 6= ∅.

T 1 ∩ T 2
1. . {τ5,τ6}↔{τ11,τ12}. - ∅.
2. . {τ5,τ6}↔{τ11,τ12}. - {τ11,τ12}.
3. . - 1 ∩ T 2 ={τ11,τ12}. ,
.

T 4 ∩ T 7
1. . {τ6,τ8}↔{τ15,τ16,τ14}. - ∅.
2. . {τ6,τ8}↔{τ15,τ16,τ14}. - {τ15,τ16,τ14}.
3. . - 4∩ 7 ={τ15,τ16,τ14}.

205
VII.

7.1.
ℜ (ρ∈ℜ), -
. P (p∈P).

ρ1 ρ11 ρ111 p1

p2
ρ112 ρ1121
F p3
ρ1122
p4
ρ1123
p5
ρ113
p6
ρ12 ρ121
P
ρ122

( ,
, ).
ρ11.
.
, -
, .
, , p1,
, .

Pρ = Pρ ∪ Pρ ∪ Pρ = p1∪(Pρ ∪Pρ ∪Pρ )∪p5 =


11 111 112 113 1121 1122 1123
= p1∪((p1∪p2)∪(p1∪p3)∪(p1∪p4)∪p5= p1∪p2∪p3∪p4∪p5

206
7.2.
ℜ (ρ∈ℜ), -
. P (p∈P).

p1

ρ1 ρ11 ρ111 p2

p3
ρ112 ρ1121
F p4
ρ1122
p5
ρ1123 ρ11231
p6
ρ11232
p7

ρ11233 p8
P
ρ113 p9

ρ12 ρ121

ρ122

( ,
, ).
ρ11.
.
, -
, .

Pρ = p3 ∪ p4 ∪(Pρ ∪ Pρ ∪ Pρ )= p3 ∪ p4 ∪(p2∪(p1∪(Pρ ∪Pρ ∪Pρ ))∪ p2)


11 111 112 113 1121 1122 1123
=
= p3 ∪ p4 ∪( p2∪(p1∪(p6∪(p6∪p7)∪( p6∪(p7∪p8∪p9)))∪ p2=
= p1∪ p2∪p3 ∪ p4 ∪p6∪p7∪p8∪p9

7.3.
ℜ (ρ∈ℜ), -
. -
P (p∈P).

207
,
, ( -
) .

.
, p1 -
(p2 ≤ p1), , ρ 2, -
ρ1 ( ) - ρ2 ≤ ρ 1 .
-
. . .
- p5.
- p3, p4.
- p1, p2.
- p6, p7.
- p7, p8, p9.
,
. p7 ρ1122 ρ11231.

208
VIII. -

8.1.

o2

o1
o4
o3

o5 o6

H( – ; –
; 0) HS (
, . .).
.
o1 o2 o3 o4 o5 o6 o1 o2 o3 o4 o5 o6
o1 0 1 1 0 0 0 o1 0 0 0 1 1 0
o2 0 0 0 0 0 0 o2 0 0 0 0 0 0
H= o3 0 0 0 1 1 0 H2 = o3 0 0 0 0 0 1
o4 0 0 0 0 0 0 o4 0 0 0 0 0 0
o5 0 0 0 0 0 1 o5 0 0 0 0 0 0
o6 0 0 0 0 0 0 o6 0 0 0 0 0 0
o1 o2 o3 o4 o5 o6 o1 o2 o3 o4 o5 o6
o1 0 0 0 0 0 1 o1 0 1 1 1 1 1
o2 0 0 0 0 0 0 o2 0 0 0 0 0 0
H3= o3 0 0 0 0 0 0 HS= H+H2+H3= o3 0 0 0 1 1 1
o4 0 0 0 0 0 0 o4 0 0 0 0 0 0
o5 0 0 0 0 0 0 o5 0 0 0 0 0 1
o6 0 0 0 0 0 0 o6 0 0 0 0 0 0

209
8.2.

u1 u2, .

o2
u1 r,w,e
o1
o4
o3
r
u2 -r
w
o5 o6
-w,e

.
.

o1 o2 o3 o4 o5 o6 o1 o2 o3 o4 o5 o6
u1 1 0 0 0 0 0 u1 1 0 0 0 0 0
Rr= Rw=
u2 1 -1 0 0 1 0 u2 0 0 0 1 0 -1

o1 o2 o3 o4 o5 o6
Re= u1 1 0 0 0 0 0
u2 0 0 0 0 0 1

210
8.3.
,
u1, u2, u3 u4, g1, g2 g3.
, -
.

g1 r,w,e o2
r
g2 o1
u1 o4
r o3
-r
u2 r -r -w
w
u3 g3
o5 o6
u4 -w,e

.
u2.

.
K =(K k + K k)/N*M
k ijk= (R k| ⋅ ( + I))ij S

K k=W⋅((( S+I) ⋅R k)⋅( S


+I)) = W⋅(R k⋅( S
+I)) o1 o2 o3 o4 o5 o6
( S+I)= I u1 0 0 0 0 0 0 R r|
u2 0 1 0 0 0 0
u3 0 0 0 0 0 0
o1 o2 o3 o4 o5 o6
1 1 1 1 1 1 0 0 0 0 0 0
o1 u4
0 1 0 0 0 0
o2
0 0 1 1 1 1 o1 o2 o3 o4 o5 o6
o3 HS+I 0 0 0 0 0 0
0 0 0 1 0 0 u1 R r|
o4 0 1 0 0 0 0
0 0 0 0 1 1 u2
o5 0 0 0 0 0 0
0 0 0 0 0 1 u3
o6
u4 0 0 0 0 0 0

o1 o2 o3 o4 o5 o6 o1 o2 o3 o4 o5 o6
1 0 0 0 0 0 1 1 1 1 1 1
g1 R r| g1 R r|
1 -1 0 -1 0 -1 g2 1 0 1 0 1 0
g2
1 -1 0 0 0 0 1 0 1 1 1 1
g3 g3

o1 o2 o3 o4 o5 o6 o1 o2 o3 o4 o5 o6
u1 1 1 1 1 1 1 1 1 1 1 1 1
u2 2 0 2 1 2 1 R r| 2 1 2 1 2 1 R r| +R r|
u3 2 0 2 1 2 1 2 0 2 1 2 1
2 1 2 2 2 2 2 1 2 2 2 2
u4
K k=1,375 K =1,416666667 211
K u
=1,5
2
1. . . .: . ,
1980. – 264 .
2. . ., . . -
. .: , 1996. - 192 .
3. /
. . . . .: , 1996. - 302
4. . ., . ., . . -
: . . ., 1998.-
184 .
5. . ., . .
. - .: - , 2000. - 452 .
6. : .
/ . . , . . , . . .- .:
, 2000. - 192 .
8. . . -
. .: . .- 2001- 352 .
9. . . -
.- : - . - , 2003. – 328 .
10. . . : -
. – .: , 2004. – 240 .
11. . . : . -
.– .: . « », 2005. – 144 .

212

Vous aimerez peut-être aussi