Mandatory Access Control - Degrees of MAC System Strength

Degrees of MAC System Strength

In some systems users have the authority to decide whether to grant access to any other user. To allow that, all users have clearances for all data. This is not necessarily true of a MAC system. If individuals or processes exist that may be denied access to any of the data in the system environment, then the system must be trusted to enforce MAC. Since there can be various levels of data classification and user clearances, this implies a quantified scale for robustness. For example, more robustness is indicated for system environments containing classified Top Secret information and uncleared users than for one with Secret information and users cleared to at least Confidential. To promote consistency and eliminate subjectivity in degrees of robustness, an extensive scientific analysis and risk assessment of the topic produced a landmark benchmark standardization quantifying security robustness capabilities of systems and mapping them to the degrees of trust warranted for various security environments. The result was documented in CSC-STD-004-85. Two relatively independent components of robustness were defined: Assurance Level and Functionality. Both were specified with a degree of precision that warranted significant confidence in certifications based on these criteria.

Read more about this topic:  Mandatory Access Control

Famous quotes containing the words degrees of, degrees, system and/or strength:

    Complete courage and absolute cowardice are extremes that very few men fall into. The vast middle space contains all the intermediate kinds and degrees of courage; and these differ as much from one another as men’s faces or their humors do.
    François, Duc De La Rochefoucauld (1613–1680)

    The political truths declared in that solemn manner acquire by degrees the character of fundamental maxims of free Government, and as they become incorporated with national sentiment, counteract the impulses of interest and passion.
    James Madison (1751–1836)

    New York is more now than the sum of its people and buildings. It makes sense only as a mechanical intelligence, a transporter system for the daily absorbing and nightly redeploying of the human multitudes whose services it requires.
    Peter Conrad (b. 1948)

    Why, therefore, should we do ourselves this wrong,
    Or others—that we are not always strong—
    That we are sometimes overborne with care—
    That we should ever weak or heartless be,
    Anxious or troubled—when with us is prayer,
    And joy and strength and courage are with Thee?
    Richard Chenevix Trench (1807–1886)