[Cisspstudy] Bell-Lapadula?
gerritsjs
gerritsjs at gmail.com
Fri Sep 11 19:10:39 EDT 2009
Understood.
Jonus
_____
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
On Behalf Of Clement Dupuis
Sent: Friday, September 11, 2009 5:08 AM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Bell-Lapadula?
Good day Jonus,
You are attempting to drag me too deep into the material.
Do not attempt to match concepts with products or operating systems in real
life. It does not map very well and the exam is also vendor and operating
system agnostic.
The access control matrix looks very much like a table in a relational
database. On the left column you have the subject and on the first row you
have the objects names. It is usually a tool use to implement Access
Control List (ACL) and also use to define Capabilities.
Take care
Clement
Clément Dupuis, CD
CISSP, GCFW, GCIA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS, MBHS,
ACE
----------------------------------------------------------------------------
------------------
In real life:
Senior Security Specialist and Instructor
Security University
>> Call me to get the best CISSP training <<
----------------------------------------------------------------------------
------------------
In Cyberspace:
President/Security Evangelist/Chief Learning Officer (CLO)
The CCCure Family of Portals
----------------------------------------------------------------------------
------------------
Business: 407 479 3903
Fax: 407 264 8396
Maintainer of :
The CISSP and SSCP Open Study Guides Web Site
http://www.cccure.org
The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org
Knowledge sharing and giving back to the community
On Fri, Sep 11, 2009 at 07:54, gerritsjs <gerritsjs at gmail.com> wrote:
Thanks Clement,
So what you are saying, a system should be configured IAW with the
organization’s security policy. It may differ between organizations. From
best security practices perspective, what should it illustrate? For
instance in a Unix environment, what should the access matrix looks like,
acceptable across the universe?
Thanks for your expert opinion.
jonus
_____
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
On Behalf Of Clement Dupuis
Sent: Monday, September 07, 2009 3:26 AM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Bell-Lapadula?
With info this time:
A system state is defined to be "secure" if the only permitted access modes
of subjects to objects are in accordance with a security policy
<http://en.wikipedia.org/wiki/Security_policy> . To determine whether a
specific access mode is allowed, the clearance of a subject is compared to
the classification of the object (more precisely, to the combination of
classification and set of compartments, making up the security level) to
determine if the subject is authorized for the specific access mode. The
clearance/classification scheme is expressed in terms of a lattice. The
model defines two mandatory access control
<http://en.wikipedia.org/wiki/Mandatory_access_control> (MAC) rules and one
discretionary access control
<http://en.wikipedia.org/wiki/Discretionary_access_control> (DAC) rule with
three security properties:
Take care
Clement
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090911/570dc371/attachment.html>
More information about the cisspstudy
mailing list