Abstract
By its definition “discretionary access control” or “DAC“ was not designed or intended for use in the untrusted environment of current globally connected information systems. In addition, DAC assumed control and responsibility for all programs vested in the user; a situation now largely obsolete with the rapid development of the software industry itself. However, the superior “mandatory access control” or “MAC” specifications and resulting implementations proved to be unacceptable for commercially oriented systems and their managers. For example, the USA’s National Security Agency’s (NSA) “Secure LINUX” or “SELinux”, program made available under open source arrangements in 2000, aims at changing this state so that the benefits of MAC technology could be used to “harden” commodity ICT products. This paper analyses the need to abandon DAC, suggests variations and enhancements to basic access control concepts and relates the technology to the particular requirements of the “home computer”. However, the potential for this technology to be used to limit competition must also be considered as a new participant is considered, i.e. the “owner” of software or allied systems wishing to impose digital rights management (DRM) requirements on the legitimate user.
Please use the following format when citing this chapter: Caelli, W., 2007, in IFIP International Federation for Information Processing, Volume 232, New Approaches for Security, Privacy and Trust in Complex Environments, eds. Venter. H., Eloff, M, Labuschagne, L., Eloff, J., von Solms, R.. (Boston: Springer), pp. 433–442.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Caelli, W., The Microcomputer Revolution: Some Social Implications of Advanced Technology, (Monograph No. 1, Australian Computer Society, Sydney, 1979. ISBN 0-909925-21-6).
Ware, W. H., ed., Security Controls for Computer Systems: Report of Defense Science Board Task Force on Computer Security, AD # A076617/0, Rand Corporation, Santa Monica, Calif, February 1970, reissued October 1979.
Kay. R., Distributed and Secure, BYTE Vol. 19, No. 6, June 1994, Pg. 165.
F. J. Corbato and V. A. Vyssotsky, Introduction and Overview of the Multics System, Fall Joint Computer Conference 1965; http://www.multicians.org/fjccl.html.
Ryan J., The Effect of Public Budgetary and Policy Decisions on Development of Trusted Systems, http://www.gwu.edu/asemdc/RyanASEM02.html.
http://www.cra.org/Activities/grand.challenges/security/home.html.
http://www.businessweek.com/technology/content/feb2007/tc20070222677788.htm?link_position=linkl Accessed at 24 Feb 2007.
SEVMS User’s Guide, Order Number: AA-QC05A-TE, November 1994, Digital Equipment Corporation, Massachusetts. USA.
http://www.sun.com/software/solaris/trustedsolaris/ds-ts8/index.xml.
Summers, R, C, An overview of computer security, IBM Systems Journal, Vol. 23, No. 4, 1984.
Ames, S. R. and Neumann, P., Guest Editors’ Introduction: Computer Security Technology, Computer, Vol. 16, No. 7. July 1983.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 International Federation for Information Processing
About this paper
Cite this paper
Caelli, W.J. (2007). Modernising MAC: New Forms for Mandatory Access Control in an Era of DRM. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds) New Approaches for Security, Privacy and Trust in Complex Environments. SEC 2007. IFIP International Federation for Information Processing, vol 232. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-72367-9_37
Download citation
DOI: https://doi.org/10.1007/978-0-387-72367-9_37
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-72366-2
Online ISBN: 978-0-387-72367-9
eBook Packages: Computer ScienceComputer Science (R0)