Current version
Git/Latestdiff: 1.5.6
Latest Snapshots
Produced after each commit or rebase to new upstream version
GIT
RSBAC source code, can be unstable sometimes
No events planned
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
documentation:acronyms [2005/11/24 13:22] kang |
documentation:acronyms [2005/12/12 09:55] ao Correct some definitions |
||
---|---|---|---|
Line 8: | Line 8: | ||
^Acronym ^Meaning ^Description ^ | ^Acronym ^Meaning ^Description ^ | ||
|RSBAC|Rule Set Based Access Control|Free open source access control solution :)| | |RSBAC|Rule Set Based Access Control|Free open source access control solution :)| | ||
- | |AEF|Access Enforcement Facility|RSBAC's part of the framework enforcing the access control decision. (allow, deny, etc.)| | + | |REG|Registration Facility|Allows easy registration of new modules/plug-ins for RSBAC.| |
- | |ADF|Access Decision Facility|RSBAC's part of the framework deciding which ACI to return.| | + | |AEF|Access control Enforcement Facility|RSBAC's part of the framework enforcing the access control decision. (allow, deny, etc.)| |
+ | |ADF|Access control Decision Facility|RSBAC's part of the framework deciding about every access, includes all decision modules.| | ||
|SO|Security Officer|Sometimes ''secoff'', the user usually taking care of the security attributes.| | |SO|Security Officer|Sometimes ''secoff'', the user usually taking care of the security attributes.| | ||
|DAC|Discretionary Access Control|Usually default Linux's access control, leave the access right control at the discretion of the user.| | |DAC|Discretionary Access Control|Usually default Linux's access control, leave the access right control at the discretion of the user.| | ||
- | |ACI|Access Control Information|Defines the access rights.| | + | |ACI|Access Control Information|Target related meta data like attributes and other meta data like role definitions.| |
+ | |ACC|Access Control Context|Decision relevant context data from the kernel environment.| | ||
|ACE|Access Control Entry|Attribute storing the ACI.| | |ACE|Access Control Entry|Attribute storing the ACI.| | ||
| | | | ||
Line 23: | Line 25: | ||
|RC|Role Compatibility|Put subjects into roles, with access to only certain types. Very powerfull.| | |RC|Role Compatibility|Put subjects into roles, with access to only certain types. Very powerfull.| | ||
|ACL|Access Control List|Lists of simple access control information rights, per subject.| | |ACL|Access Control List|Lists of simple access control information rights, per subject.| | ||
- | |MAC|Mandatory Access Control|Enforces access contol per immutable security level.| | + | |MAC|Mandatory Access Control (Bell-LaPadula)|Enforces access contol per immutable security level.| |
|PAX|Protection Against eXecution, or PAge Exec|Various memory protections, NX emulation, address space randomisation.| | |PAX|Protection Against eXecution, or PAge Exec|Various memory protections, NX emulation, address space randomisation.| | ||
|DAZ|Dazuko|Antivirus interface for RSBAC, using Dazuko.| | |DAZ|Dazuko|Antivirus interface for RSBAC, using Dazuko.| | ||
- | |CAP|Capacities|Control Linux's Capacities (net raw, dac override, etc.).| | + | |CAP|Linux Capabilities|Control Linux's Posix Capabilities implementation (net raw, dac override, etc.).| |
|JAIL|Jail:)|Confines subjects into an hermetic jail, like an improved chroot.| | |JAIL|Jail:)|Confines subjects into an hermetic jail, like an improved chroot.| | ||
- | |RES|Resources|Control Linux's Resources (CPU time per user, etc.).| | + | |RES|Resources|Control Linux's resource limits (CPU time per user, etc.).| |
|FF|File Flags|Simple attribute flags per file/directory.| | |FF|File Flags|Simple attribute flags per file/directory.| | ||
|PM|Privacy Module|Takes care of user's privacy, and private data.| | |PM|Privacy Module|Takes care of user's privacy, and private data.| |