Mandatory access

broken image

This enforcement typically is provided via an implementation that meets the reference monitor concept (see AC-25). Otherwise, the access control policy can be circumvented. The policy is uniformly enforced over all subjects and objects to which the information system has control. This class of mandatory access control policies also constrains what actions subjects can take with respect to the propagation of access control privileges that is, a subject with a privilege cannot pass that privilege to other subjects.

broken image

The above class of mandatory access control policies constrains what actions subjects can take with information obtained from data objects for which they have already been granted access, thus preventing the subjects from passing the information to unauthorized subjects and objects.

broken image

Mandatory access control as defined in this control enhancement is synonymous with nondiscretionary access control, and is not constrained only to certain historical uses (e.g., implementations using the Bell-LaPadula Model).

broken image

 

PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save