Access control techniques may be essentially broken into three different techniques;
- MAC (Mandatory Access Control)
- Discretionary
- Nondiscretionary
The
mandatory access control method relies on the services of ‘labels’. Objects are labeled by their level of classification or sensitivity, and subjects are labeled by their level of clearance.
An example of label classification would be that of the military as seen here;
- Top secret
- Secret
- Confidential
- Sensitive but unclassified
- Unclassified
Common labels that may be seen in the business/private sector would be;
- Confidential
- Proprietary
- Private
- Sensitive
- Public
Subjects are able to access objects with the same or lesser degree of classification (label). This is sometimes expanded to the ‘need-to-know’ method, which means that a work task may require access, to otherwise inaccessible areas.
If there is not the need to know then access is denied.
Copyright ©2002-2006 Testbusters.net. All Rights Reserved.
Testbusters.net is not sponsored, endorsed or affiliated by any associated vendor.
Associated venders include, but are not limited to, Microsoft®, Cisco®, CompTIA®, Novell® etc.
