Information Technology Reference
In-Depth Information
% P is direct container of file F
container_of_file
(P, F),
% Permission "List folder" is granted to
% user U for direct container of file F
group_permissions
(U, P, 0) ),
% Privilege "Backup files" is granted to user U
(
member
(restore, PL), !;
% Permission "Synchronize" is granted to user U
member
(20, EPL) ) ).
..........[abbreviation]........
The '
read
' access to the file is granted, if user has a '
traverse
' permission for the
file, or she has a '
Read Data
' bit in her ACE referred to the file, or the user's group
membership gives her some abilities to access the file.
The security criteria allow the customer or evaluator to delimit the secure and
insecure states in security model. Criterion may have a form of constraint which states
the necessary condition of the secure state (positive specification). The system is safe
by the OSCV-criteria if all logical goals corresponding to the criteria are true. If some
criterion goal is false, then system breaks the safety conditions specified in the
criterion. In VCPU facility, security criteria can be noted as the SSC-scope. The
special component of the SEW, the Criteria Manager, allows to compose and edit the
vulnerability criteria [8]. The following code example shows the SSC-scope.
..........[abbreviation]........
criterion
('Criterion #1: Users are not allowed to edit
the file Normal.dot',
mask
,
[
obj
('c:\\documents and settings\\administrator\\
application data\\microsoft\\templates\\normal.dot'),
inheritance
('tnn'),
's-1-5-32-544'(0,1,2,3,4,5,7,8,6,16,17,18,19,20),
's-1-5-18'(0,1,2,3,4,5,7,8,6,16,17,18,19,20)]).
..........[abbreviation]........
The logical predicate denotes one of the OSCV-criteria to be checked in MS
Windows system. It refers to the
Normal.dot
file. It has the form of "required" access
rights (positive mode of criteria specification). Type '
equity
' pays our attention at an
equity condition (
Condition P1
), i.e. there is the checking of the concrete access
rights to the given
Normal.dot
object. There is also a condition of safe system: only
