Security Basics mailing list archives
Re: Help needed with Mandatory Access Control Security Labels
From: <sculark-tx () tx rr com>
Date: Fri, 1 Feb 2008 10:43:39 -0600
That is correct. The rights are not inherited in that fashion. You must also have a need to know. Just because you have a secret in one place does not allow you to have that same secret clearance ported to another area . So hopefully you as the secrtiy manager will grant the rigths as needed. -- Lawrence Sculark ---- Kelly Robinson <caliana1989 () gmail com> wrote:
Hi, I am studying for my CISSP at the moment and I have a question
regarding Mandatory Access Controls and security labels.
I understand the whole security labels thingy ie Top Secret > Secret >
Classified > Unclassified and I understand some of the different
models and their write-up, read-up, write-down etc rules.
I just dont get the {Resource} part.
Say I have the following (SECRET;{TECHNOLOGY}) and I want read access
to an UNCLASSIFIED document in the SCIENCE resource I am assuming that
since I dont have (SECRET;(TECHNOLOGY;SCIENCE}) that I would NOT have
read access? Is that right?
Thanks
K.
Current thread:
- Help needed with Mandatory Access Control Security Labels Kelly Robinson (Feb 01)
- RE: Help needed with Mandatory Access Control Security Labels Lee Hilt (Feb 01)
- RE: Help needed with Mandatory Access Control Security Labels Jerry Pettus (Feb 01)
- <Possible follow-ups>
- Re: Help needed with Mandatory Access Control Security Labels sculark-tx (Feb 01)
- RE: Help needed with Mandatory Access Control Security Labels Lee Hilt (Feb 01)