On Thu, 3 Aug 2000, Gavin Longmuir wrote:
> I've cc: this to the firewalls mailing list since I it was there I first
> asked about the Bell-LaPadula model, just over four years ago. Perhaps this
> is a FAQ?
It isn't that frequently asked, unfortunately trusted systems design seems
"too hard" for people to do.
Ruleset Based Access Control (RSBAC) contains a MAC module that's supposed
to be a B-LP implementation. RSBAC is a set of source patches for the
Linux kernel.
http://www.rsbac.de/models.htm
Describes the implemented modules. You can find the code by going up a
level and folling the links.
Worth repeating is the following from the RSBAC docs:
The Bell-La Padula model only treats confidentiality aspects. Integrity,
availability and privacy of data are not protected. E.g., a subject on
lowest security level can delete all data in all its categories, if it is
not discretionally protected. Attacks like this can also happen without
the user's knowledge, just think of malware or mistakes. Especially
discretionary access control is liable to be attacked by malware.
The concept of trusted subjects which can only be implemented as users or
user processes leads to further possibilities of attack by use of high
level user accounts.
This model should only be used without additional protection, if
confidentiality is the only issue or if data can be easily restored.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
