What is Flexible Mandatory Access Control (FMAC)? - Definition from WhatIs.com


Flexible Mandatory Access Control (FMAC)

Part of the Security management glossary:

What is Flexible Mandatory Access Control (FMAC)? 

Flexible Mandatory Access Control (FMAC) is an ongoing project intended to enhance the Sun Microsystems OpenSolaris operating platform by adding two security technologies: Flux Advanced Security Kernel (Flask) and Type Enforcement (TE). Because the security features of FMAC are difficult to bypass, it is of particular interest to government and military agencies. FMAC is based on source code consistent with OpenSolaris OS/Net.

Flask provides a flexible security interface that does not require system modification. The security server employs multi-level, easily-updated policy rules that can be customized to meet the needs of diverse users and can be configured to achieve specific security goals. TE is independent of external privilege parameters and enforces user-defined access rules. An important advantage of TE is its ability to identify and isolate malware, defective application programs and compromised software on a system-wide basis.

The FMAC project is staffed primarily by the U.S. National Security Agency (NSA) and Sun Microsystems.


Learn More About IT:
> Sun Microsystems outlines the basics of the FMAC project.
> Glenn Faden points out some challenges facing the FMAC project.

This was last updated in November 2008
Posted by: Margaret Rouse

Related Terms


  • access recertification

    - Access recertification is an information technology (IT) control that involves auditing user access rights to determine if they are correct and adhere to the organization’s internal policies and co... (WhatIs.com)

  • access governance (AG)

    - Access governance (AG) is an aspect of information technology (IT) security management that seeks to reduce the risks associated with excessive access rights, inactive users and orphan accounts. (WhatIs.com)

  • email spoofing

    - Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. (SearchSecurity.com)


  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About Flexible Mandatory Access Control (FMAC)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.