Can someone explain "lattice" as it relates to MAC?

abefroman

Can someone explain "lattice" as it relates to MAC?

TIA

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

Darril

One way of viewing this is as a ladder where each rung of the ladder represents a different security level such as private, confidential, secret, and so on. The area between the rungs are identified as security boundaries.

Data is assigned a label based on the security boundary where it's located. Users are also assigned labels to indicate what data they can access. When the labels match, access is granted.

Further, there may be several different categories on the private level, such as private proprietary, private research, and private financial. Instead of using a single ladder, multiple ladders could be placed side-by-side. The rungs still represent different security levels, but now you have multiple categories on the same level with the different ladders. Each area within the rungs of each ladder is still assigned by a label.

The term lattice seems to be a metaphor for a garden lattice or trellis used to guide climbing plants. A garden lattice has wooden slats perpendicular to each other creating multiple different areas similar to the areas between different rungs with multiple ladders side-by-side.

HTH,

Darril Gibson

Author: CompTIA Security+: Get Certified Get Ahead
www.sy0-201.com

Security+ Blog
Security Plus: Get Certified Get Ahead

Security+ Tip of day Tweets
twitter.com/DarrilGibson

abefroman wrote: »

Can someone explain "lattice" as it relates to MAC?

TIA

abefroman

Thanks makes sense now.