[Cisspstudy] Bell-Lapadula?
An.Dang at do.treas.gov
An.Dang at do.treas.gov
Mon Sep 7 14:53:02 EDT 2009
Clement,
Thank you for the information. If we run into "bad" questions like this ... Which I don't doubt... should we leave the answer blank or go with the "best" answer and darken in the best guestimate.
I was told to circle in something is better than leaving it blank at the Review Seminar.
Thanks.
----- Original Message -----
From: cisspstudy-bounces at cccure.org <cisspstudy-bounces at cccure.org>
To: cisspstudy at cccure.org <cisspstudy at cccure.org>
Sent: Mon Sep 07 09:49:53 2009
Subject: cisspstudy Digest, Vol 15, Issue 11
Send cisspstudy mailing list submissions to
cisspstudy at cccure.org
To subscribe or unsubscribe via the World Wide Web, visit
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
or, via email, send a message with subject or body 'help' to
cisspstudy-request at cccure.org
You can reach the person managing the list at
cisspstudy-owner at cccure.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of cisspstudy digest..."
Today's Topics:
1. Re: Bell-Lapadula? (Clement Dupuis)
2. Re: Bell-Lapadula? (gerritsjs)
3. Re: Bell-Lapadula? (gerritsjs)
4. Re: Bell-Lapadula? (Clement Dupuis)
----------------------------------------------------------------------
Message: 1
Date: Mon, 7 Sep 2009 06:25:39 -0400
From: Clement Dupuis <clement.dupuis at cccure.com>
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Subject: Re: [Cisspstudy] Bell-Lapadula?
Message-ID:
<959788640909070325h1ef07924n33a15ea186a67fe at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
With info this time:
A system state is defined to be "secure" if the only permitted access modes
of subjects to objects are in accordance with a security
policy<http://en.wikipedia.org/wiki/Security_policy>.
To determine whether a specific access mode is allowed, the clearance of a
subject is compared to the classification of the object (more precisely, to
the combination of classification and set of compartments, making up
the *security
level*) to determine if the subject is authorized for the specific access
mode. The clearance/classification scheme is expressed in terms of a
lattice. The model defines two mandatory access
control<http://en.wikipedia.org/wiki/Mandatory_access_control>(MAC)
rules and one discretionary
access control <http://en.wikipedia.org/wiki/Discretionary_access_control>(DAC)
rule with three security properties:
Take care
Clement
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090907/32503f89/attachment-0001.html>
------------------------------
Message: 2
Date: Mon, 7 Sep 2009 06:44:42 -0700
From: "gerritsjs" <gerritsjs at gmail.com>
To: "'The CISSP Study Mailing list'" <cisspstudy at cccure.org>
Subject: Re: [Cisspstudy] Bell-Lapadula?
Message-ID: <4aa50e4e.1d1d640a.422b.ffff9d6f at mx.google.com>
Content-Type: text/plain; charset="us-ascii"
So what is the best answer, or there are many?
_____
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
On Behalf Of Clement Dupuis
Sent: Monday, September 07, 2009 3:26 AM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Bell-Lapadula?
With info this time:
A system state is defined to be "secure" if the only permitted access modes
of subjects to objects are in accordance with a security
<http://en.wikipedia.org/wiki/Security_policy> policy. To determine whether
a specific access mode is allowed, the clearance of a subject is compared to
the classification of the object (more precisely, to the combination of
classification and set of compartments, making up the security level) to
determine if the subject is authorized for the specific access mode. The
clearance/classification scheme is expressed in terms of a lattice. The
model defines two mandatory access control
<http://en.wikipedia.org/wiki/Mandatory_access_control> (MAC) rules and one
discretionary access control
<http://en.wikipedia.org/wiki/Discretionary_access_control> (DAC) rule with
three security properties:
Take care
Clement
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090907/792a3d08/attachment-0001.html>
------------------------------
Message: 3
Date: Mon, 7 Sep 2009 06:46:37 -0700
From: "gerritsjs" <gerritsjs at gmail.com>
To: "'The CISSP Study Mailing list'" <cisspstudy at cccure.org>
Subject: Re: [Cisspstudy] Bell-Lapadula?
Message-ID: <4aa50ec1.0e36640a.094f.ffff845a at mx.google.com>
Content-Type: text/plain; charset="us-ascii"
What do you then define a system to be in a 'secure' state?
_____
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
On Behalf Of Clement Dupuis
Sent: Monday, September 07, 2009 3:26 AM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Bell-Lapadula?
With info this time:
A system state is defined to be "secure" if the only permitted access modes
of subjects to objects are in accordance with a security
<http://en.wikipedia.org/wiki/Security_policy> policy. To determine whether
a specific access mode is allowed, the clearance of a subject is compared to
the classification of the object (more precisely, to the combination of
classification and set of compartments, making up the security level) to
determine if the subject is authorized for the specific access mode. The
clearance/classification scheme is expressed in terms of a lattice. The
model defines two mandatory access control
<http://en.wikipedia.org/wiki/Mandatory_access_control> (MAC) rules and one
discretionary access control
<http://en.wikipedia.org/wiki/Discretionary_access_control> (DAC) rule with
three security properties:
Take care
Clement
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090907/7f0cb639/attachment-0001.html>
------------------------------
Message: 4
Date: Mon, 7 Sep 2009 09:49:48 -0400
From: Clement Dupuis <clement.dupuis at cccure.com>
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Subject: Re: [Cisspstudy] Bell-Lapadula?
Message-ID:
<959788640909070649o6a5de8b5m86cf0abe8fccd047 at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
There is NO best answer.
It is a bad questions
Take care
Clement
Cl?ment Dupuis, CD
CISSP, GCFW, GCIA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS, MBHS,
ACE
----------------------------------------------------------------------------------------------
In real life:
Senior Security Specialist and Instructor
Security University
>> Call me to get the best CISSP training <<
----------------------------------------------------------------------------------------------
In Cyberspace:
President/Security Evangelist/Chief Learning Officer (CLO)
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Business: 407 479 3903
Fax: 407 264 8396
Maintainer of :
The CISSP and SSCP Open Study Guides Web Site
http://www.cccure.org
The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org
Knowledge sharing and giving back to the community
On Mon, Sep 7, 2009 at 09:44, gerritsjs <gerritsjs at gmail.com> wrote:
> So what is the best answer, or there are many?
>
>
> ------------------------------
>
> *From:* cisspstudy-bounces at cccure.org [mailto:
> cisspstudy-bounces at cccure.org] *On Behalf Of *Clement Dupuis
> *Sent:* Monday, September 07, 2009 3:26 AM
> *To:* The CISSP Study Mailing list
> *Subject:* Re: [Cisspstudy] Bell-Lapadula?
>
>
>
> With info this time:
>
>
> A system state is defined to be "secure" if the only permitted access modes
> of subjects to objects are in accordance with a security policy<http://en.wikipedia.org/wiki/Security_policy>.
> To determine whether a specific access mode is allowed, the clearance of a
> subject is compared to the classification of the object (more precisely, to
> the combination of classification and set of compartments, making up the *security
> level*) to determine if the subject is authorized for the specific access
> mode. The clearance/classification scheme is expressed in terms of a
> lattice. The model defines two mandatory access control<http://en.wikipedia.org/wiki/Mandatory_access_control>(MAC) rules and one discretionary
> access control <http://en.wikipedia.org/wiki/Discretionary_access_control>(DAC) rule with three security properties:
>
>
> Take care
>
> Clement
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090907/b6888594/attachment.html>
------------------------------
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
End of cisspstudy Digest, Vol 15, Issue 11
******************************************
More information about the cisspstudy
mailing list