why
=>  Releases

Current version
Git/Latestdiff: 1.5.6

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
why [2024/12/17 10:29] – [RSBAC: A framework] aowhy [2024/12/17 10:31] (current) – [What does flexible mean ?] Remove DAZ, PM ao
Line 50: Line 50:
   * [[wp>Mandatory_access_control|MAC]]: Mandatory Access Control   * [[wp>Mandatory_access_control|MAC]]: Mandatory Access Control
   * [[wp>Access_control_list|ACL]]: Access Control Lists   * [[wp>Access_control_list|ACL]]: Access Control Lists
-  * [[http://www.dazuko.org/|DAZ]]: Antivirus Scanner Interface 
   * [[documentation:rsbac_handbook:security_models#role_compatibility_rc|RC]]: Role Compatibility   * [[documentation:rsbac_handbook:security_models#role_compatibility_rc|RC]]: Role Compatibility
  
Line 60: Line 59:
 All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules (the different modules implementing different security models) and generates a combined final decision. This decision is then enforced by the system call extensions. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules (the different modules implementing different security models) and generates a combined final decision. This decision is then enforced by the system call extensions.
  
-Decisions are based on the type of access (request type), the access target and on the values of attributes attached to the subject calling and to the target to be accessed. Additional independent attributes can be used by individual modules, e.g. the privacy module (PM). All attributes are stored in fully protected directories, one on each mounted device. Thus changes to attributes require special system calls provided.+Decisions are based on the type of access (request type), the access target and on the values of attributes attached to the subject calling and to the target to be accessed. Additional independent attributes can be used by individual modules, e.g. the Role Compatibility module (RC). All attributes are stored in fully protected directories, one on each mounted device. Thus changes to attributes require special system calls provided.
  
 As all types of access decisions are based on general decision requests, many different security policies can be implemented as a decision module. Apart from the builtin models, the optional Module Registration (REG) allows for registration of additional, individual decision modules at runtime. As all types of access decisions are based on general decision requests, many different security policies can be implemented as a decision module. Apart from the builtin models, the optional Module Registration (REG) allows for registration of additional, individual decision modules at runtime.
//
why.txt · Last modified: 2024/12/17 10:31 by ao

why.txt · Last modified: 2024/12/17 10:31 by ao
This website is kindly hosted by m-privacy