mandatory access control

Mandatory Access Control (MAC) is a technique to protect and contain computer processes, data, and system devices from mis-use. This extends the discretionary access controls of file system permissions and the concepts of users and groups. Traditional systems provide two basic user groups -- trusted administrators and untrusted users. The goal is to define an architecture that requires the evaluation of all security-related labels and making decisions based upon the operations context and the same data labels. The Flask architecture coupled with MAC is an enabling technology of Multi-Level Security style systems. Such a framework prevents an authenticated user or process at a specific classification or trust level to access information, processes, or devices in a different level. This provides a containment mechanism of users and processes, both known and unknown (an unknown program would be an untrusted application where device and file accesses should be monitored and/or controlled). Clearly a framework that works to separate data and operations within a computer needs to be non-bypassable. It also needs to be evaluatable to determine the usefulness and effectiveness of a rule, always-invoked as to not bypass the system, and tamper-proof. Historical MAC architectures This is implemented in several security-focused operating systems, and is key in FLASK operating systems.

moiss silva
rulers of the akan state of akuapem
western division board
list of al silver slugger winners at outfield
gaelic games
rulers of the akan state of akuapem anafo
lucien lamoureux
public holidays in hungary
rulers of the akan state of akuapem guan
alluri sitaramaraju
rulers of the akan state of akuapem okere

anachitis
raffles hotel
fulbeck
american theological library association
message (computer science)
locking differential
sammy kaye
carolco pictures
electronic countermeasures
signature (computer science)
james a. mcdougall

Mandatory Access Control

See Also