The safety problem with information circulating in corporate informationcomputer nets is urgent under conditions of presentday information society. The authors have developed a generalized functional model of the process of controlled access differentiation. At the same time come forward users identified by accounts as access subjects in the model and files of documentation formats are objects. Rules for the differentiation of a subject access to objects are specified as a matrix of powers taking into account marks of confidentiality. A distinguishing feature consists in that a container storing data is protected on basis of the method of indistinguishable obfuscation. The model developed allows storing data in a uniformed kind and ensuring a single method for an access to them. For safe storing is used a format of the protected container where information is stored in an obfuscated form. A container represents an executable file having a number of preset properties and functions allowing unambiguously the user identification, differentiation of an access to data (rights: to read, write, and assignation), assurance of the security for a confidence of the document implemented. The container format ensures its safe storing and transmission through a network.
information security, access differentiation system, obfuscation, isolated program environment, program code
1. Varnovsky, N.P., Current state of investigations in field of program obfuscation: definition of obfuscation durability / N.P. Varnovsky, V.A. Zakharov, N.N. Kuzyurin [et alii] // Proceedings of System Programming Institute of RAS: digizine. Vol. 26. - No 3. - pp. 167-198.
2. Devyanin, P.N., Models for Computer System Safety: textbook for college students / P.N. Devyanin. - M.: Academy, 2005. - pp. 144.
3. Sahai, A. How to Use Indistinguishability Obfuscation: Deniable Encryption / A. Sahai, B. Waters // CRYPTO ePrint 2011. - Mode of access: https://eprint.iacr.org/2013/454.pdf.
4. Lessard, M. Introduction to linuxcontainer(lxc) and Docker / M. Lessard // RedHatConf. -http://people.redhat.com/mlessard/mtl/presentations/jan2014/LXC-Docker.pdf.
5. Petazzoni, J. Container´s Anatomy / J.Petazzoni // Linuxcon. - http://events.linuxfoundation.org/sites/events/files/slides/Anatomy%20of%20a%20container.pdf.
6. Petazzoni, J. LXC, Docker and the future of soft-ware delivery / J. Petazzoni // Linuxcon. -http://events.linuxfoundation.org/sites/events/files/slides/lcna13_petazzoni.pdf.
7. Tool Interface Standard (TIS) Executable and Linking Format (ELF) Specification Version 1.2. -http://www.x86.org/ftp/manuals/tools/elf.pdf.