NSA Security-enhanced Linux  Home ToC Prev Up Next 
Types of AC
DTE model
RBAC model
MLS model
FLASK
SecDecs
+XML
XSL
SELinux
Medusa DS9
Conclusion
  

XML

The proposed XML description of RBAC and DTE model has been proposed with regard toexpressiveness, extensibility, easy portability, flexibility. The structure involves a declaration of:

  • Security classess (Flask)

  • Types (domains) and attributes (DTE)

  • DTE access matrix, transition rules, change rules (DTE)

  • Constraints (Flask)

  • Initial SIDs (Flask)

  • Parent, child, compatible, privileged roles (RBAC)

  • Users and their access rights (DAC+RBAC)
Copyright © 2004 Pavol Lupták  Prev Next