Sec Mods
Sec Mods
David Aspinall
School of Informatics
University of Edinburgh
Security levels
Security levels
Security levels
M = (Mso )sS,oO
M = (Mso )sS,oO
Security levels
private,{personnel,engineering}
private,{personnel} private,{engineering}
private,{}
public,{personnel,engineering}
public,{personnel} public,{engineering}
public,{}
Outline
Security levels
Star property
The -property states for each access (s, o, a) b
where a {append, write}, then fC (s) fO (o) (no
write-down) and moreover, we must have fO (o ) fO (o)
for all o with (s, o , a ) b and a {read, write} (o
must dominate any other object s can read).
BLP Mandatory Access Control Policy
Consider a state (b, M, f ), where b is the set of current
accesses.
Star property
The -property states for each access (s, o, a) b
where a {append, write}, then fC (s) fO (o) (no
write-down) and moreover, we must have fO (o ) fO (o)
for all o with (s, o , a ) b and a {read, write} (o
must dominate any other object s can read).