[cap-talk] Mandatory Access Control (was: What's "Discretionary Security")
David Wagner
daw at cs.berkeley.edu
Tue Jan 2 22:22:47 CST 2007
Jed Donnelly quotes:
>"Environments with a risk index of 1 or higher encompass systems operating in
>controlled, compartmented, and multilevel modes. These environments require
>mandatory access control, which is the type of access control used to provide
>protection based on sensitivity labels. It is defined as a means of
>restricting access to objects based on the sensitivity (as represented by a
>label) of the information contained in the objects and the formal clearance or
>authorization of subjects to access information of such sensitivity."
http://csrc.nist.gov/secpubs/rainbow/std004.txt
I suspect that text is confused; it looks to me like it is confusing
mandatory access control with multi-level security. MLS almost always
implies mandatory access control, but not all mandatory access control
would be described as MLS. Well, like I said before, I find the use of
the term "mandatory access control" in the literature to be sloppy and/or
confusing, so maybe I'm not the right one to ask, or maybe I am
misinterpreting what the author had in mind.
By the way, I would caution folks against thinking that the Rainbow
series are definitive texts on computer security, or that they are a good
reflection of modern thinking and conventional wisdom about computer
security. That wouldn't be how I would characterize the situation.
The Rainbow series is definitely showing its age, and I suspect it tends
to get viewed as "not terribly relevant" by many security practitioners
these days. You can certainly learn some important concepts from various
texts in the Rainbow series, but I wouldn't recommend looking to them
as being representative of how the computer security community thinks
about security today.
More information about the cap-talk
mailing list