First page Back Continue Last page Overview Text

Notes:


TE – the basic building block security model in the security server. Strong support for least privilege and integrity.
Assign security tags called "domains" to all processes, where all processes with the same domain have the same permissions.
Assign security tags called "types" to all objects, where all objects with the same type can be accessed by the same processes in the same manner.
Define an access matrix specifying how domains and types may interact.
Associate specific types assigned to executables with specific domains to control code execution and entry into a domain.
Facilitates analysis of potential information flow and privilege escalation within the system without requiring an examination of all objects in the system.