MAC implementation with definable policy

[James Buster]

On Sep 30,  8:55am, "Ilmar S. Habibulin" wrote:
} Ok. I'm reading file with labelA, then i'm reading file with labelB, which
} dominates labelA. After reading i'm cleating new file. What label should
} it have?

The same label your process has.

} If it will be labelB in your implementation, then it defines a set of MAC
} labels and their access type to object labeled by labelB.

Yes, my implementation allows the administrator to define a set of MAC
labels and their access modes to other labels. The administrator has
complete freedom to specify the relationships between labels as he or
she sees fit.

} The label is some sort of ACL. i'm cofused...

No, it's not. First of all, ACLs are a discretionary access mechanism.
Second, no user or list of users is associated with my MAC labels.

} But BL MAC implementation is much more simplier. And i do not understand,
} why can't i emulate your approach using BL MAC and ACL?

BL labels have a fixed, partial ordering between them. The dominate
relationship is transitive. My implementation does not require that
the dominate relationship be transitive.

} > specify two label names after the command, like so:
} > 
} > ./test -d dblow userlow
} There was no such instructions or i just didn't see them.

They were in the source code of test.c. Sorry.

} > MAC in general does not "reflect all aspects of confidential data
} > processing".
} But Bell and LaPadula thought so, while creating their model.

I wonder what they meant by that. I would classify both discretionary
and cryptographic mechanisms as important parts of confidential data
processing.

-- 
Planet Bog -- pools of toxic chemicals bubble under a choking
atomsphere of poisonous gases... but aside from that, it's not
much like Earth.
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message