I am glad to help. Let me walk through the general approach for
security between subjects and objects as well as clarifying the
answers for the specific questions.
To clarify for "usrhlp" and others reading this for the first time,
the general name for the type of classification and access control
mechanisms you are referring to is often called "Multi Level Security"
(MLS). In an MLS, the system is controlling access by programs (and
users / subjects) to the files (or objects) on the system based some
relatively simple methods such as:
o information at a higher level cannot be accessed at a lower level,
as a result, a subject cannot read files above their "maximum"
o information at a lower level should not be stored at a higher level
[though your example explicitly allows this]
A lot of the basic research on this was done in the late 1970's and early 1980's.
is a good reference for publications made during that period. There
are plenty of other references available, a search for a phrase such
multi level security
B1 computer security
computer security model
To answer the specific questions in light of the clarification you made:
I'll use cl(O) to refer to O's security level & cl(S) to refer to S's
security level. I will use wcl(S) to refer to the same concept you've
described as well.
 Reading objects below S's read security level.
if cl(O) < cl(S) then
Let me note that if cl(S) = b, then S cannot read ANY object on this
system (due to the inequality check). Let me also note that if cl(O) =
t, that object cannot be read by ANY subject (ditto).
Why - because cl(S) represents the upper limit on data (the O's) that S can read.
 Writing data based on data "read" up to this point.
a. Initial value
wcl(S) = b
Why - because that's the lowest security level.
b. After reading object O
if cl(O) > wcl(S) then
wcl(S) = cl(O)
Why - if O is a at or below wcl(S), we don't need to update wcl(S). If
you read a higher classification level than wcl(S) [and less than
cl(S) since you could read it], then you need to increase wcl(S) to
Note that since your definition of wcl(S) means that S must write to
cl's higher than wcl(S), the minimum level you can write to is "b+1"
or higher. Also note in the answer to  you cannot read data at
level "t" - so the highest level of object that can be read is "t-1"
which would set wcl(S) to "t-1", requiring writes to level "t" - which
is data that cannot be read (or "write only data")!
Note - for a proper answer in the third part - you must remember ALL
the objects read by S to this point - perhaps in a list associated
 Adding "forget"
I can't easily express this in pseudo code, but let's walk through the solution.
Note that unlike the answer to , wcl(S) with the presence of
"forget" depends on the maximum level of ALL the objects read to the
current time by S. The simple solution I provided for  needs to be
augmented to implement forget by remembering the objects read to the
current time. Based on that, let's say you have a list like
[O1, O2, ..., O10]
to remember that you've read objects O1 through O10. wcl(S) is the
maxiumum of cl(On) of those objects. When you "forget" an object like
O3, you need to remove O3 from the list, yielding
[O1, O2, O4, O5, ..., O10]
and wcl(S) will now be computed as max(cl(On)) for the remaining
objects in that list.
The same comments added to the end of  also apply to this solution as well.
Please make a clarification request if some part of the answer is
unclear or if you need additional information on some part of the
answer. I would be glad to help.
Good luck with your work.