|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Joey Maier (maierj@HOME.COM)
Date: Mon Feb 12 2001 - 17:49:22 CST
Can anyone out there explain (or better yet, point me to some pages that
explain) the difference between the access matrix model and the
Bell-LaPadula model? I was just reading this
http://ei.cs.vt.edu/~cs5204/fall99/protection/accessMatrix.html
...and their description of the validation process says:
=========================================================================
Each object has a monitor to validate every user access to that object
in the following manner to check for appropriate access rights:
A subject s requests an access a to object o.
The protection system presents triplet (s, a, o) to the monitor of o.
The monitor looks into the access rights of s to o. if a is in
the entry P[s,o], then the access is permitted; else it is denied.
=========================================================================
That sounds a lot like the subject, object, and reference monitor
that I usually associate with Bell-LaPadula. What's the difference
-- "When you understand UNIX, you will understand the world. When you understand NT....you will understand NT" - Richard Thieme http://www.slothnet.com - is currently unavailable :(+--------------------------------------------+ | You have received this email because you | | subscribed to the CISSPSTUDY mailing list. | | -- To unsubscribe, send an email to -- | | listserv@securityfocus.com | | with a message body of: | | UNSUBSCRIBE CISSPSTUDY | +--------------------------------------------+
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]