User Access Domains (Chapter 4, Subsection 4.3.6) and Process Access Domains (Subsection 4.3.7) are kept in linsec_usr and linsec_task structures (Section 5.5) respectively.
Process Access Domains are represented in linsec_task in terms of AD Elements rather than AD Groups for two main reasons:
User AD settings are kept in linsec_usr both in terms of AD Groups and in terms of AD Elements. While linsec_usr is stored on stable storage (in config files) and while it is kept in LinSec kernel configuration buffers there is no need to represent User ADs in terms of AD Elements (except User Default R-W AD which is configured in terms of AD Elements) as no AD operations are performed on the structure as such. Once a copy of linsec_usr is requested (linsec_get_user function, kernel/linsec_buffs.c), to be referenced from a struct user_struct (Section 5.5), AD Group representation of User ADs is expanded into corresponding AD Element representation which is stored in hash tables5.4 of the linsec_usr copy returned.