Bell LaPadula (was Re: MAC implementation with definable policy)
Ilmar S. Habibulin
ilmar at ints.ru
Thu Sep 30 13:38:23 GMT 1999
On Thu, 30 Sep 1999, Peter J. Holzer wrote:
> Forgive me for showing off my ignorance, but I never understood how the
> BL model was supposed to work. To read the file with labelB, your
> process needs a label which is at least as high as labelB. But if all
> the files it creates have this label, no process with a lower label can
> ever read any output of this program. Information can flow in only one
> direction. To use the military language often used when talking about
Implementing BLM is a hard task. Model is VERY simple, implementation is a
food for thought.
> the BL model, the officers can only listen to the soldiers, but not
> talk to them. Makes giving orders rather hard :-)
Order not often are confidetial. ;-)
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list