There are 3 types of policies, integrity, confidentiality, and availability policy. In confidentiality policy, the main concern is to not let the information be leaked to unauthorized subjects. In an integrity policy, information should not be modified by unauthorized subjects. Availability policy makes sure that the information is easily accessed by authorized subjects within an acceptable period of time. Applications in real world use a mix of these policies. Mostly, in military applications, we are more concerned with confidentiality and in commercial applications we focus on integrity and availability.
There are two types of access control in policy. One that is based on owner’s discretion (DAC: Discretionary Access Control), which is the standard Unix security policy. And the other is Mandatory Access Control (MAC), which is controlled, accessed, and altered by the system only. This policy has a better control over the system but is overly strict to the application.
Recent Comments