Evaluation of MAC System Strength
The Common Criteria is based on this science and it intended to preserve the Assurance Level as EAL levels and the functionality specifications as Protection Profiles. Of these two essential components of objective robustness benchmarks, only EAL levels were faithfully preserved. In one case, TCSEC level C2 (not a MAC capable category) was fairly faithfully preserved in the Common Criteria, as the Controlled Access Protection Profile (CAPP). Multilevel security (MLS) Protection Profiles (such as MLSOSPP similar to B2) is more general than B2. They are pursuant to MLS, but lack the detailed implementation requirements of their Orange Book predecessors, focusing more on objectives. This gives certifiers more subjective flexibility in deciding whether the evaluated product’s technical features adequately achieve the objective, potentially eroding consistency of evaluated products and making it easier to attain certification for less trustworthy products. For these reasons, the importance of the technical details of the Protection Profile is critical to determining the suitability of a product.
Such an architecture prevents an authenticated user or process at a specific classification or trust-level from accessing information, processes, or devices in a different level. This provides a containment mechanism of users and processes, both known and unknown (an unknown program (for example) might comprise an untrusted application where the system should monitor and/or control accesses to devices and files).
Read more about this topic: Mandatory Access Control
Famous quotes containing the words evaluation of, evaluation, system and/or strength:
“Good critical writing is measured by the perception and evaluation of the subject; bad critical writing by the necessity of maintaining the professional standing of the critic.”
—Raymond Chandler (1888–1959)
“Evaluation is creation: hear it, you creators! Evaluating is itself the most valuable treasure of all that we value. It is only through evaluation that value exists: and without evaluation the nut of existence would be hollow. Hear it, you creators!”
—Friedrich Nietzsche (1844–1900)
“Nobody is glad in the gladness of another, and our system is one of war, of an injurious superiority. Every child of the Saxon race is educated to wish to be first. It is our system; and a man comes to measure his greatness by the regrets, envies, and hatreds of his competitors.”
—Ralph Waldo Emerson (1803–1882)
“... there was one of two things I had a right to, liberty, or death; if I could not have one, I would take de oder; for no man should take me alive; I should fight for my liberty as long as my strength lasted, and when de time came for me to go, de Lord would let dem take me.”
—Harriet Tubman (c. 1820–1913)