Verfahren zur Versorgung der Sicherung von Datei-Zwangsheimlichkeit und -Integrität in einem Computersystem
摘要
<p>A method of mandatorily enforcing security protections to insure access to files of a computer system only to computer processes properly authorized for access. A separate security label is associated with each file and process of the system and defines authorized security classes pertaining to the associated file or process. Each security label contains information describing authorizations based on data secrecy and data integrity. A comparison is made on an attempted access of a file by a process of the security label associated with the process and the security label associated with the file. A verification is made based on the comparison that the process is authorized to access the file. The verification as to both secrecy and integrity aspects is accomplished in the single verification step.</p>