Degrees of MAC System Strength
In some systems users have the authority to decide whether to grant access to any other user. To allow that, all users have clearances for all data. This is not necessarily true of a MAC system. If individuals or processes exist that may be denied access to any of the data in the system environment, then the system must be trusted to enforce MAC. Since there can be various levels of data classification and user clearances, this implies a quantified scale for robustness. For example, more robustness is indicated for system environments containing classified Top Secret information and uncleared users than for one with Secret information and users cleared to at least Confidential. To promote consistency and eliminate subjectivity in degrees of robustness, an extensive scientific analysis and risk assessment of the topic produced a landmark benchmark standardization quantifying security robustness capabilities of systems and mapping them to the degrees of trust warranted for various security environments. The result was documented in CSC-STD-004-85. Two relatively independent components of robustness were defined: Assurance Level and Functionality. Both were specified with a degree of precision that warranted significant confidence in certifications based on these criteria.
Read more about this topic: Mandatory Access Control
Famous quotes containing the words degrees of, degrees, system and/or strength:
“Gradually we come to admit that Shakespeare understands a greater extent and variety of human life than Dante; but that Dante understands deeper degrees of degradation and higher degrees of exaltation.”
—T.S. (Thomas Stearns)
“No sooner met but they looked; no sooner looked but they loved; no sooner loved but they sighed; no sooner sighed but they asked one another the reason; no sooner knew the reason but they sought the remedy; and in these degrees have they made a pair of stairs to marriage, which they will climb incontinent, or else be incontinent before marriage.”
—William Shakespeare (1564–1616)
“The golden mean in ethics, as in physics, is the centre of the system and that about which all revolve, and though to a distant and plodding planet it be an uttermost extreme, yet one day, when that planet’s year is completed, it will be found to be central.”
—Henry David Thoreau (1817–1862)
“The failure of academic feminists to recognize difference as a crucial strength is a failure to reach beyond the first patriarchal lesson. In our world, divide and conquer must become define and empower.”
—Audre Lorde (1934–1992)