[Cisspstudy] Bell-Lapadula?
gerritsjs
gerritsjs at gmail.com
Fri Sep 11 07:54:02 EDT 2009
Thanks Clement,
So what you are saying, a system should be configured IAW with the
organization's security policy. It may differ between organizations. From
best security practices perspective, what should it illustrate? For
instance in a Unix environment, what should the access matrix looks like,
acceptable across the universe?
Thanks for your expert opinion.
jonus
_____
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
On Behalf Of Clement Dupuis
Sent: Monday, September 07, 2009 3:26 AM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Bell-Lapadula?
With info this time:
A system state is defined to be "secure" if the only permitted access modes
of subjects to objects are in accordance with a security
<http://en.wikipedia.org/wiki/Security_policy> policy. To determine whether
a specific access mode is allowed, the clearance of a subject is compared to
the classification of the object (more precisely, to the combination of
classification and set of compartments, making up the security level) to
determine if the subject is authorized for the specific access mode. The
clearance/classification scheme is expressed in terms of a lattice. The
model defines two mandatory access control
<http://en.wikipedia.org/wiki/Mandatory_access_control> (MAC) rules and one
discretionary access control
<http://en.wikipedia.org/wiki/Discretionary_access_control> (DAC) rule with
three security properties:
Take care
Clement
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090911/633250f2/attachment.html>
More information about the cisspstudy
mailing list