After reviewing the DAC data structures, today we read the Mandatory Access Control. Because DAC could not effectively control the information flow direction of the system, a Lattice model was proposed which was extended to form the MAC strategy. It can be considered stricter than DAC. Each user and resource is attributed with a security class. User could not change his or her security class and only the admin can. Access is granted based on the security class of the user and the security class of the resource. The users security level must be greater than or equal to that of the object. The security class are top secret (TS), secret (S), confidential(C), restricted(U) and is progressively less stricter in that order. When two objects are to be accessed by the user, the objects are combined to form a third object and its security level is set as the meet of the levels of the two individual objects, hence the use of a lattice. A lattice is a partially ordered set in which every two elements have a unique and least upper bound as well as a unique and greatest lower bound. An example is say natural numbers ordered by divisibility where the lowest join is the least common multiple and the greatest meet is the greatest common divisor. Every non-empty finite subset of a lattice has a join or a meet. Using the commutative, associative, absorption and idempotent laws, a lattice can be used to combine two elements. A bounded lattice is one where the join is 0 and the meet is 1. By governing the information flow to be acyclic and single-direction, the model attempts to prevent security holes arising from conflicting and permissive policy. But the lattice model is a coarse security control scheme. It lacks flexibility and is not convenient in practice. The deployment and documentation of the security class can be confusing. It is generally applied in scenarios where the security rules are definite and the flow is relatively fixed.
For example, in the military, the Bell-LaPadula model is often used. It is based on several properties. The star property also called the containment level, which states that an untrustworthy user can only write to objects whose security level is greater than or equal to their own. This means that information leakage is prevented where someone with a high clearance shares it with others. It includes what is known as a simple property where a user can read data only if the data's security level is as sensitive or less than the clearance level. It also includes a tranquility property which states that the security level of an object cannot be changed while it is in use by the computer system.
#codingexercise
Double GetAlternateEvenNumberRangeProductCubes()(Double [] A)
{
if (A == null) return 0;
Return A.AlternateEvenNumberRangeProductCubes();
}
For example, in the military, the Bell-LaPadula model is often used. It is based on several properties. The star property also called the containment level, which states that an untrustworthy user can only write to objects whose security level is greater than or equal to their own. This means that information leakage is prevented where someone with a high clearance shares it with others. It includes what is known as a simple property where a user can read data only if the data's security level is as sensitive or less than the clearance level. It also includes a tranquility property which states that the security level of an object cannot be changed while it is in use by the computer system.
#codingexercise
Double GetAlternateEvenNumberRangeProductCubes()(Double [] A)
{
if (A == null) return 0;
Return A.AlternateEvenNumberRangeProductCubes();
}
No comments:
Post a Comment