Information Flows Formalization for BSD Family Operating Systems Security Against Unauthorized Investigation

Today there is an increase in the number and complexity of cyberattacks on critical infrastructure. This has led to the actualization of security systems that are critical to national security. Software, including operating systems, is considered a resource of critical information infrastructure of the state, which is usually built on secure operating systems (UNIX, BSD family, Linux). However, any operating systems and user software have flaws and security issues at different levels. It is important to model information flows in operating systems, which will more effectively identify threats to information security, implement preventive and countermeasures. From these positions, the analysis of modern research in the direction of operating systems security and user software has been carried out, which allows to identify several basic areas, including the study of the impact of malware on operating systems and user software; vulnerability analysis; threat and risk research. The analysis shows that the issues relate to the peculiarities of construction and information processes of particular operating systems, as well as the lack of adequate mathematical models that can be applied to different security systems to obtain quantitative characteristics to compare the parameters of security systems. In addition, structural and analytical models of information flows of the BSD family of operating systems are developed, which makes it possible to formalize the information processes of the studied operating system and develop effective preventive and countermeasures. Besides, the mathematical model of quantitative evaluation of software systems for information security operating in user mode has been improved. This model will be useful both for comparison of existing software information security systems, and for the analysis of changes in security algorithms of software information security systems.