Hello,
I have a very basic question regarding mandatory access controls(MACs).
Using the following diagram:
--------------------- --------------------- | Subject | | Object | --------------------- --------------------- | Clearance | | Classification | | Ex - Top Secret | | Ex - Top Secret | | | | | --------------------- ---------------------
In the MAC model the "need-to-know" flag, restricts the subject to access the object. Is this flag, part of the subject's attributes or the object's attributes?
Thank you in advance.
On 12/07/03 13:41 -0400, Subba Rao wrote: <snip>
In the MAC model the "need-to-know" flag, restricts the subject to access the object. Is this flag, part of the subject's attributes or the object's attributes?
ACLs are set on the object. See Tannenbaum's work on Operating Systems in which he describes ACLs. http://www.nsa.gov/ is a good place for such pieces of information as well.
Devdas Bhagat
-
Devdas Bhagat -
Subba Rao