Which access control model originates from the military and uses security labels?
Under the mandatory access control model, also known as MAC, both users and resources are assigned security labels. To access a resource, the user must have a security clearance matching or exceeding the resource’s security classification. Show
Unlike under discretionary access control, users under mandatory access control cannot readily hand out access at their discretion. Instead, access is set by a high level administrator. Under many DAC systems, obtaining a new security clearance often requires the approval of multiple administrators and security professionals. Mandatory access control is a highly secure access control model, making it the model of choice for matters of national security. However, it is highly bureaucratic by nature, and can be burdensome to maintain. Though it can be absolutely worth it to protect critical assets, its inflexibility makes mandatory access control a poor fit for many business applications. Mandatory access control relies on a system of security labels. Every resource under MAC has a security classification, such as Classified, Secret, and Top Secret. Likewise, every user has one or more security clearances. To access a given resource, the user must have a clearance matching or exceeding the resource’s classification. So if Greg wants to access a Secret file on the Hoover Dam, he would need to have a Secret or Top Secret security clearance on that topic. These security labels tend to be fairly specific. Greg’s Top Secret clearance for the Hoover Dam would not grant him access to the nuclear plant in Poughkeepsie. Instead, he would have to apply for an additional security clearance to access resources pertaining to the Poughkeepsie Nuclear Plant. These national security designations each have a clear definition, as defined by the Code of Federal Regulations:
Any resources with no security classification would be considered unclassified, and would be available to the public. Note that ‘unclassified’ is not itself a security label; rather, it is the absence of one. A resource can not be assigned an unclassified label. But by being stripped of its security label, it becomes unclassified. Security classifications can change over time – in fact, they’re designed to change. All classified documents undergo an automatic classification review after 25 years, after which most documents are declassified. There are nine exceptions that can prevent a document from being declassified. But at the 50-year mark, only two of these exemptions remain valid, and at the 75-year mark, a document can only remain classified via special permission. The Need-to-Know PrincipleTo ensure maximum security, mandatory access control often goes hand-in-hand with the need-to-know principle. This rule holds that users should only have access to the resources they need to do their job. To access something under a strict MAC system, you would need not only the right clearance, but also a clear justification as to why you need to access the resource. Obtaining ClearancesUnder mandatory access control, obtaining a new security clearance often requires multiple levels of approval. To obtain a new security clearance on the Poughkeepsie plant, for instance, Greg would ask a security officer who would then submit a request to a higher-up official. This official would then submit their approval to an IT officer, who would then put the new clearance into effect. Even with those layers of approval, Greg would still have to provide a need-to-know justification each time he wanted to access classified resources pertaining to the Poughkeepsie plant. As you can see, mandatory access control demands a great deal of bureaucracy. While it’s worth it to protect matters of national security, all this administrative upkeep can make MAC impractical for most business uses. Commercial Security LabelsWhen businesses implement mandatory access control, they often classify data based on the following levels of access:
Alternatives to Mandatory Access ControlMandatory access control comes with some real strengths and weaknesses. It’s the most secure access control model, which is why it is the method of choice for sensitive government matters. But it’s also a very involved and bureaucratic system, making it a poor fit for many business uses. More frequently, businesses will use the more flexible discretionary access control model. Under this system, every resource has an owner, who can then give out access at their discretion. Though this model is very flexible, it can often be very insecure if not implemented correctly. It can also get pretty convoluted as it scales – it’s much easier to manage a company with 20 employees than one with 1,000 employees, especially when each of those employees might be the owner of specific resources. Many businesses use role-based access control. This model allows a company to group users, and then set access based on those groups or roles. An employee in the marketing group, for instance, would have access to the resources they need to accomplish their work in marketing. These systems are not mutually exclusive. It might make sense to implement discretionary access control across a company, for instance, and then layer in mandatory access control to protect the most sensitive assets, such as customers’ personal information. The Windows operating system does this. Though Windows operates on a foundation of discretionary access, the operating system itself and its security features are protected under a system of mandatory access control. By implementing an extra layer of security around these key areas, Microsoft was able to seriously reduce the number of malware attacks happening in Windows, shoring up a critical vulnerability through a combination of access control models. Which access control model is based on a security label system?The correct response is mandatory access control. This access control system is based on security labeling for security clearances of users and where resources have security labels containing a data classification.
Which of the following access control mechanism is mostly used by military?Mandatory access control (MAC): In this nondiscretionary model, people are granted access based on an information clearance. A central authority regulates access rights based on different security levels. This model is common in government and military environments.
What are the four 4 main access control model?Currently, there are four primary types of access control models: mandatory access control (MAC), role-based access control (RBAC), discretionary access control (DAC), and rule-based access control (RBAC).
Where is the bell LaPadula model used?The Bell–LaPadula Model (BLP) is a state machine model used for enforcing access control in government and military applications.
|