[Cisspstudy] Bell-Lapadula?
gerritsjs
gerritsjs at gmail.com
Mon Sep 7 09:46:37 EDT 2009
What do you then define a system to be in a 'secure' state?
_____
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
On Behalf Of Clement Dupuis
Sent: Monday, September 07, 2009 3:26 AM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Bell-Lapadula?
With info this time:
A system state is defined to be "secure" if the only permitted access modes
of subjects to objects are in accordance with a security
<http://en.wikipedia.org/wiki/Security_policy> policy. To determine whether
a specific access mode is allowed, the clearance of a subject is compared to
the classification of the object (more precisely, to the combination of
classification and set of compartments, making up the security level) to
determine if the subject is authorized for the specific access mode. The
clearance/classification scheme is expressed in terms of a lattice. The
model defines two mandatory access control
<http://en.wikipedia.org/wiki/Mandatory_access_control> (MAC) rules and one
discretionary access control
<http://en.wikipedia.org/wiki/Discretionary_access_control> (DAC) rule with
three security properties:
Take care
Clement
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090907/7f0cb639/attachment.html>
More information about the cisspstudy
mailing list