[Cisspstudy] Bell-Lapadula?
Clement Dupuis
clement.dupuis at cccure.com
Fri Sep 11 08:08:16 EDT 2009
Good day Jonus,
You are attempting to drag me too deep into the material.
Do not attempt to match concepts with products or operating systems in real
life. It does not map very well and the exam is also vendor and operating
system agnostic.
The access control matrix looks very much like a table in a relational
database. On the left column you have the subject and on the first row you
have the objects names. It is usually a tool use to implement Access
Control List (ACL) and also use to define Capabilities.
Take care
Clement
Clément Dupuis, CD
CISSP, GCFW, GCIA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS, MBHS,
ACE
----------------------------------------------------------------------------------------------
In real life:
Senior Security Specialist and Instructor
Security University
>> Call me to get the best CISSP training <<
----------------------------------------------------------------------------------------------
In Cyberspace:
President/Security Evangelist/Chief Learning Officer (CLO)
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Business: 407 479 3903
Fax: 407 264 8396
Maintainer of :
The CISSP and SSCP Open Study Guides Web Site
http://www.cccure.org
The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org
Knowledge sharing and giving back to the community
On Fri, Sep 11, 2009 at 07:54, gerritsjs <gerritsjs at gmail.com> wrote:
> Thanks Clement,
>
>
>
> So what you are saying, a system should be configured IAW with the
> organization’s security policy. It may differ between organizations. From
> best security practices perspective, what should it illustrate? For
> instance in a Unix environment, what should the access matrix looks like,
> acceptable across the universe?
>
>
>
> Thanks for your expert opinion.
>
>
>
> jonus
>
>
> ------------------------------
>
> *From:* cisspstudy-bounces at cccure.org [mailto:
> cisspstudy-bounces at cccure.org] *On Behalf Of *Clement Dupuis
> *Sent:* Monday, September 07, 2009 3:26 AM
> *To:* The CISSP Study Mailing list
> *Subject:* Re: [Cisspstudy] Bell-Lapadula?
>
>
>
> With info this time:
>
>
> A system state is defined to be "secure" if the only permitted access modes
> of subjects to objects are in accordance with a security policy<http://en.wikipedia.org/wiki/Security_policy>.
> To determine whether a specific access mode is allowed, the clearance of a
> subject is compared to the classification of the object (more precisely, to
> the combination of classification and set of compartments, making up the *security
> level*) to determine if the subject is authorized for the specific access
> mode. The clearance/classification scheme is expressed in terms of a
> lattice. The model defines two mandatory access control<http://en.wikipedia.org/wiki/Mandatory_access_control>(MAC) rules and one discretionary
> access control <http://en.wikipedia.org/wiki/Discretionary_access_control>(DAC) rule with three security properties:
>
>
> Take care
>
> Clement
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090911/8d74d2eb/attachment.html>
More information about the cisspstudy
mailing list