Generating security description of applications for security frameworks Home ToC Prev Up Next 

DTE model overview

Domain and Type Enforcement model

  • Considers domains associated with subjects (processes) and types associated with objects (file, directory, device, ..)

  • Defines

    • Domain Definition Table (DDT) - represents allowed access modes between domains and types (e.g. read, write, execute)

    • Domain Interaction Table (DIT) - represents allowed access modes between domains (e.g. signal, create, ..)

  • All access is denied unless explicitly allowed