Chapter 8 Mandatory Access Control
نویسنده
چکیده
With discretionary access control (DAC) policies, authorization to perform operations on an object is controlled by the object’s owner or by principals whose authority can be traced back to that owner. The goals of an institution, however, might not align with those of any individual. So for systems intended to support institutions, a more natural basis for authorization is rules set by the institution (rather than rules set by individuals). We start our discussion of such mandatory access control (MAC) policies by describing two important classes.
منابع مشابه
CAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملTrust-Based Access Control for Secure Cloud Computing
Multi-tenancy, elasticity and dynamicity pose several novel challenges for access control in a cloud environment. Accessing subjects may dynamically change, resources requiring protection may be created or modified, and subject access requirements to resources may change during the course of the application execution. Users may need to acquire different permissions from different administrative...
متن کاملRbac/mac Security for Uml
In software construction, analysis investigates system requirements and design captures system functionality. To facilitate analysis and design, one popular technique is the unified modeling language, UML. In UML, there are use-case diagrams for the interaction of users with system components, class diagrams for the static classes and relations among them, and sequence diagrams for the dynamic ...
متن کاملSafety and Liveness for an RBAC/MAC Security Model
Our role-based/mandatory access control (RBAC/MAC) security model and enforcement framework for inter-operating legacy, COTS, GOTS, databases, servers, etc., limits: who (user/user role) can invoke which methods (based on value and MAC level) of artifact APIs at what times, and who (user) can delegate which responsibility (user role) at what times. In this chapter, we focus on assurance for the...
متن کاملA Dynamic Mandatory Access Control Model
Mandatory access control has traditionally been employed as a robust security mechanism in critical environments like military ones. As computing technology becomes more pervasive and mobile services are deployed, applications will need flexible access control mechanisms. Aggregating mandatory models with context-awareness would provide us with essential means to define dynamic policies needed ...
متن کامل