[Cisspstudy] Bell-Lapadula?
Clement Dupuis
clement.dupuis at cccure.com
Mon Sep 7 06:25:39 EDT 2009
With info this time:
A system state is defined to be "secure" if the only permitted access modes
of subjects to objects are in accordance with a security
policy<http://en.wikipedia.org/wiki/Security_policy>.
To determine whether a specific access mode is allowed, the clearance of a
subject is compared to the classification of the object (more precisely, to
the combination of classification and set of compartments, making up
the *security
level*) to determine if the subject is authorized for the specific access
mode. The clearance/classification scheme is expressed in terms of a
lattice. The model defines two mandatory access
control<http://en.wikipedia.org/wiki/Mandatory_access_control>(MAC)
rules and one discretionary
access control <http://en.wikipedia.org/wiki/Discretionary_access_control>(DAC)
rule with three security properties:
Take care
Clement
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090907/32503f89/attachment.html>
More information about the cisspstudy
mailing list