1 TOPIC DOMAIN TYPE ENFORCEMENT Ravi Sandhu

2 MANDATORY CONFIGURABLE POLICY Each subject has an associated domain Each object has an associated type Domain-type enforcement (DTE) table specifies the types that can be read and written by each domain Domain-transition table (DTT) specifies which domains can be called from a particular domain.

3 DTE Table U r w V F DomainsDomains Types r w G r mandatory rights

4 Domain Transition Table U V U DomainsDomains Domains V enter mandatory rights

5 Trusted Pipeline (Boebert and Kain 85) User Domain U Labeler Domain L Printer Domain P ULPULP Docs Printer DTE Table ULPULP U L P DT Table rw rw enter