Revision as of 17:41, 17 January 2010 edit Trbdavies (talk \| contribs) Extended confirmed users 1,123 edits created link to prospective article on rule-based access control ← Previous edit		Revision as of 15:21, 22 April 2011 edit undo Wireless friend (talk \| contribs) Extended confirmed users 1,284 edits m missing link reedited Next edit →
Line 5: Mathematically, the security level access may also be expressed in terms of the lattice (a [[partial order]] set) where each object and subject have a greatest lower bound (meet) and least upper bound (join) of access rights. For example, if two subjects ''A'' and ''B'' need access to an object, the security level is defined as the meet of the levels of ''A'' and ''B''. In another example, if two objects ''X'' and ''Y'' are combined, they form another object ''Z'', which is assigned the security level formed by the join of the levels of ''X'' and ''Y''. LBAC is known as a label~~-based (or [[Rule~~-based access control \|(or ''rule-based~~]])~~ access control'') restriction as opposed to [[role-based access control]] (RBAC). Lattice based access control models were first formally defined by [[Dorothy E. Denning\|Denning]] (1976); see also Sandhu (1993).

Lattice-based access control: Difference between revisions