First page Back Continue Last page Overview Graphics
What can MAC offer?
Strong separation of security domains
System, application, and data integrity
Ability to limit program privileges
Processing pipeline guarantees
Authorization limits for legitimate users
Notes:
Separate data based on confidentiality, integrity, and/or purpose.
Protect software and data against unauthorized and ill-formed modification.
Safely run code of uncertain trustworthiness, prevent exploit of a flaw in a program from escalating privilege, limit each program to which it requires for its purpose.
Ensure that data is processed as required – guaranteed invocation, Decompose into small, minimally trusted stages. Encryption, sanitization, virus scanning.
Decompose admin and partition users into classes based on position, clearance, etc.