This section provides an overview of the Flask architecture and its Linux kernel implementation. It begins with a discussion of how the security policy is encapsulated in Flask. The section then discusses how Flask supports flexibility in labeling and access decisions. The ability of Flask to support policy changes is then described. It then describes the mandatory access controls provided for processes, files, and sockets.