The concept of Type enforcement (TE) in the field of information technology is related to access control. Implementing TE, gives priority to “
mandatory access control” (MAC) over “
discretionary access control” (DAC). Access clearance is first given to a subject (e.g. process) accessing objects (e.g. files, records, messages) based on rules defined in an attached security context. A security context in a domain is defined by a domain security policy. In Linux security module (
LSM) as
SELinux, the security context is an extended attribute. Type enforcement implementation is a prerequisite for MAC, and a first step before “
Multi-Level Security” (MLS) or its ersatz “Multi categories Security” (MCS). It is a complement of “
role based access control” (RBAC).
See more at Wikipedia.org...
Unter Type Enforcement versteht man eine Form der Implementierung eines
MAC-Systems. Hierbei werden bei der Definition der Zugriffsregeln nicht die zu schützenden
Ressourcen selbst, sondern ein
Typ, der diesen zugewiesen wurde, angegeben.
Mehr unter Wikipedia.org...
Free Download Now!
