Outline for April 20, 2004

1. Example: DG/UX UNIX
   1. Labels and regions
   2. Multilevel directories
   3. File object labels
   4. MAC tuples
2. BLP: formally
   1. Elements of system: s_i subjects, o_i objects
   2. State space V = B×M×F×H where:
      B set of current accesses (i.e., access modes each subject has currently to each object);
      M access permission matrix;
      F consists of 3 functions: f_s is security level associated with each subject, f_o security level associated with each object, and f_c current security level for each subject
      H hierarchy of system objects, functions h: O->P(O) with two properties:
      If o_i ≠ o_j, then h(o_i) ∩ h(o_j) = Ø
      There is no set { o₁, ..., o_k } ⊆ O such that for each i, o_i+1 ∈ h(o_i) and o_i+1 = o₁.
   3. Set of requests is R
   4. Set of decisions is D
   5. W ⊆ R × D × V × V is motion from one state to another.
   
   

   ---

   Here is a PDF version of this document.