What is Flexible Mandatory Access Control (FMAC)? - Definition from WhatIs.com

Definition

Flexible Mandatory Access Control (FMAC)

Part of the Security management glossary:

What is Flexible Mandatory Access Control (FMAC)? 

Flexible Mandatory Access Control (FMAC) is an ongoing project intended to enhance the Sun Microsystems OpenSolaris operating platform by adding two security technologies: Flux Advanced Security Kernel (Flask) and Type Enforcement (TE). Because the security features of FMAC are difficult to bypass, it is of particular interest to government and military agencies. FMAC is based on source code consistent with OpenSolaris OS/Net.

Flask provides a flexible security interface that does not require system modification. The security server employs multi-level, easily-updated policy rules that can be customized to meet the needs of diverse users and can be configured to achieve specific security goals. TE is independent of external privilege parameters and enforces user-defined access rules. An important advantage of TE is its ability to identify and isolate malware, defective application programs and compromised software on a system-wide basis.

The FMAC project is staffed primarily by the U.S. National Security Agency (NSA) and Sun Microsystems.

 

Learn More About IT:
> Sun Microsystems outlines the basics of the FMAC project.
> Glenn Faden points out some challenges facing the FMAC project.

This was last updated in November 2008
Posted by: Margaret Rouse

Related Terms

Definitions

  • log management

    - Log management is the collective processes and policies used to administer and facilitate the generation, transmission, analysis, storage, archiving and ultimate disposal of the large volumes of lo... (WhatIs.com)

  • DNS Security Extensions (DNSSEC)

    - DNS Security Extensions (DNSSEC) are a set of Internet Engineering Task Force (IETF) standards created to address vulnerabilities in the Domain Name System (DNS) and protect it from online threats. (WhatIs.com)

  • threat actor

    - A threat actor, also called a malicious actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security. (WhatIs.com)

Glossaries

  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About Flexible Mandatory Access Control (FMAC)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.