We study the quality of advice that an informed and biased expert gives to an uninformed decision maker. We compare two scenarios: mandatory disclosure of the bias and non-disclosure, where information about the bias can only be revealed through cheap-talk. We find that in many scenarios non-disclosure allows for higher welfare for both parties. Hiding the bias allows for more precise communica...

Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...

While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that reliance on DAC as the principal method of access control is unfounded and inappropriate for many commercial and civilian government organiza...

Access Control is the process or mechanism for giving the authority to access the specific resources, applications and system. Access control defines a set of conditions or criteria to access the system and its resources. There are three main accesses Control model first is Mandatory access control model, second is Discretionary access control model and third is Role based access control models...

P rotection technologies in common use [8] are capable of preventing corruption by viruses (e.g. through mandatory access control), detecting known viruses (e.g. by starching for them), detecting specific types of corruption as they occur (e.g. trapping the modification of executable files in certain ways), and detecting corruption before it causes significant damage (e.g. through cryptographic...

This memo outlines high-level requirements for the integration of flexible Mandatory Access Control (MAC) functionality into the Network File System (NFS) version 4.2 (NFSv4.2). It describes the level of protections that should be provided over protocol components and the basic structure of the proposed system. The intent here is not to present the protocol changes but to describe the environme...

While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that reliance on DAC as the principal method of access control is unfounded and inappropriate for many commercial and civilian government organiza...

This document describes enhancements made to the popular OpenSSH authentication service to restrict the execution of OpenSSH processes by applying a ring-based program execution policy. We also apply a label-based mandatory access control (MAC) policy to limit a user’s login shell to run at a specific security level within the user’s authorized security clearance range. While still rudimentary,...

With discretionary access control (DAC) policies, authorization to perform operations on an object is controlled by the object’s owner or by principals whose authority can be traced back to that owner. The goals of an institution, however, might not align with those of any individual. So for systems intended to support institutions, a more natural basis for authorization is rules set by the ins...