[cap-talk] Mandatory Access Control (was: What's "DiscretionarySecurity")
Jonathan S. Shapiro
shap at eros-os.com
Wed Jan 3 15:38:28 CST 2007
On Wed, 2007-01-03 at 15:27 -0600, Karp, Alan H wrote:
> Shap wrote:
> > > >
> > > Compartments.
> >
> > I don't know that I believe it,
>
> Alice has Secret level access to the submarine project. Bob has Secret
> level access to the bomber project. Never the twain shall meet. It's a
> horizontal cut in the lattice.
No it isn't. The lattice describes the relationship between
compartments, not current access.
In both of your examples, we know nothing until you assign levels and
compartments to both the users and the projects.
--
Jonathan S. Shapiro, Ph.D.
Managing Director
The EROS Group, LLC
+1 443 927 1719 x5100
More information about the cap-talk
mailing list