IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [mandatory-access-control]

In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target.

In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target. In practice, a subject is usually a process or thread; objects are constructs such as files, directories, TCP/UDP ports, shared memory segments, etc.

SELinux is a notable implementation of mandatory access control.

36 questions
1
vote
1 answer

Difference Between MAC and DAC

Are the only difference between DAC and MAC: the fact that MAC can also dictate DAC-type permissions to processes, not just users and name space objects? (files,etc) And there's no concept of resource owner in MAC just access rights?
Whome
  • 1,231
  • 11
  • 21
0
votes
0 answers

How to protect confidential information in a web application

For example there is a simple CRUD record management application. Let for simplicity the records are some documents. I need to implement a mandatory access control to the records. For example if some record is marked as confidential, then only users…
Denis
  • 153
  • 3
0
votes
1 answer

Difference between access control systems that can/can't be compromised without valid credentials?

Take the following examples: When I run sshd, it can in theory grant access to anything that the process itself has access to, regardless of provided credentials. For example, I could in theory modify a single if statement in the sshd source to…
Kevin P. Barry
  • 103
  • 2
0
votes
1 answer

Question about compare Bell-LaPadula and Biba models with Chinese wall policy

what the Chinese wall models try to achieve and how it differ from or improve upon the Bell-LaPadula and Biba models
belle
  • 11
  • 1
  • 1
0
votes
2 answers

Lattice vs Level with regard to access control

With regard to access control, is "lattice" the same as "level"? Is "Multi-level access control" just another name of "lattice-based access control"? Are Biba and Bell-LaPadula Security Models examples of Lattice-based Access Control?
Infinite
  • 320
  • 1
  • 10
0
votes
1 answer

Who is the Mandatory Access Control Administrator

Would a mandatory access control implementation administered by a 'normal' user be discretionary since the user could change permissions as he sees fit? And if so, wouldn't root as a MAC admin, being a system user who's privilege could be acquired…
Whome
  • 1,231
  • 11
  • 21
1 2
3