What is Flexible Mandatory Access Control (FMAC)? - Definition from WhatIs.com

Definition

Flexible Mandatory Access Control (FMAC)

Part of the Security management glossary:

What is Flexible Mandatory Access Control (FMAC)? 

Flexible Mandatory Access Control (FMAC) is an ongoing project intended to enhance the Sun Microsystems OpenSolaris operating platform by adding two security technologies: Flux Advanced Security Kernel (Flask) and Type Enforcement (TE). Because the security features of FMAC are difficult to bypass, it is of particular interest to government and military agencies. FMAC is based on source code consistent with OpenSolaris OS/Net.

Flask provides a flexible security interface that does not require system modification. The security server employs multi-level, easily-updated policy rules that can be customized to meet the needs of diverse users and can be configured to achieve specific security goals. TE is independent of external privilege parameters and enforces user-defined access rules. An important advantage of TE is its ability to identify and isolate malware, defective application programs and compromised software on a system-wide basis.

The FMAC project is staffed primarily by the U.S. National Security Agency (NSA) and Sun Microsystems.

 

Learn More About IT:
> Sun Microsystems outlines the basics of the FMAC project.
> Glenn Faden points out some challenges facing the FMAC project.

This was last updated in November 2008
Posted by: Margaret Rouse

Related Terms

Definitions

  • due diligence

    - Due diligence definition: Due diligence is the process of systematically researching and verifying the accuracy of a particular statement. In the business world, due diligence is required to valida... (WhatIs.com)

  • knowledge-based authentication (KBA)

    - In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password. (SearchSecurity.com)

  • strong authentication

    - Although it is not a standardized term, with set criteria, strong authentication can be said to be any method of verifying the identity of a user or device that is intrinsically stringent enough to... (WhatIs.com)

Glossaries

  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About Flexible Mandatory Access Control (FMAC)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.