A Guide to Understanding Discretionary Access Control in Trusted Systems
暂无分享,去创建一个
Abstract : One of the features of the Criteria that is required of a secure system is the enforcement of discretionary access control (DAC). DAC is a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a user or process given discretionary access to information is capable of passing that information along to another subject. This guide discusses issues involved in designing, implementing and evaluating DAC mechanisms. Its primary purpose is to provide guidance to manufacturers on how to select and build effective DAC mechanisms.
[1] Jerome H. Saltzer,et al. Protection and the control of information sharing in multics , 1974, CACM.
[2] D. Elliott Bell,et al. Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .
[3] Robert S. Fabry,et al. Capability-based addressing , 1974, CACM.
[4] Deborah Downs,et al. Issues in Discretionary Access Control , 1985, 1985 IEEE Symposium on Security and Privacy.