Acrónimos: MAC
Ver:
· Control de acceso discrecional
Procedimiento
para restringir el acceso a los objetos de un sistema. Está basado en la
sensibilidad de la información contenida o tratada en éstos (expresada en una
etiqueta de seguridad) y la autorización (denominada habilitación) de los
sujetos que pretenden acceder (TCSEC).
Se
instrumenta para aplicar una política de seguridad basada en reglas.
[Ribagorda:1997]
Modelo de
seguridad en el que un responsable clasifica los objetos y sujetos según sus
respectivos niveles de seguridad y
habilitación y los compartimenta
según el principio de mínimo privilegio. [Ribagorda:1997]
A means of
restricting access to objects based on the sensitivity (as represented by a
security label) of the information contained in the objects and the formal
authorization (i.e., clearance, formal access approvals, and need-to-know) of
subjects to access information of such sensitivity. [CNSSI_4009:2010]
1. (I) An access
control service that enforces a security policy based on comparing (a) security
labels, which indicate how sensitive or critical system resources are, with (b)
security clearances, which indicate that system entities are eligible to access
certain resources. (See: discretionary access control, MAC, rule-based security
policy.)
Derivation: This
kind of access control is called "mandatory" because an entity that has
clearance to access a resource is not permitted, just by its own volition, to
enable another entity to access that resource.
[RFC4949:2007]
A means of
restricting access to objects based on the sensitivity (as represented by a
label) of the information contained in the objects and the formal authorization
(i.e., clearance) of subjects to access information of such sensitivity.
[TCSEC:1985]
Mandatory Access
Control controls is where the system controls access to resources based on
classification levels assigned to both the objects and the users. These
controls cannot be changed by anyone.
http://www.sans.org/security-resources/glossary-of-terms/
Temas relacionados