FLASK security architecture

E193772

FLASK security architecture is a flexible, fine-grained access control framework originally developed for the Flask microkernel to support mandatory access control policies and later used as the foundation for systems like SELinux.

All labels observed (2)

Label Occurrences
FLASK security architecture canonical 1
Flask microkernel 1

How this entity was disambiguated

Statements (48)

Predicate Object
instanceOf access control framework
mandatory access control framework
security architecture
appliedTo SELinux
surface form: Linux kernel via SELinux

microkernels
operating system kernels
basedOn mandatory access control model
characteristic centralized policy decision-making
distributed policy enforcement
fine-grained object labeling
flexible policy specification
contrastsWith discretionary access control
controlsAccessTo kernel objects
system resources
designedBy National Security Agency
University of Utah researchers
designedFor fine-grained access control
developedFor FLASK security architecture self-linksurface differs
surface form: Flask microkernel
documentationIncludes FLASK security architecture design documents
foundationFor SELinux
goal enable strong mandatory access control
support multiple security policies simultaneously
hasAcronym FLASK
hasComponent access vector cache
object managers
policy database
security server
hasFullName Flux Advanced Security Kernel
implements reference monitor concept
influenced SELinux
SELinux
surface form: Security-Enhanced Linux
originatedIn Flask
surface form: Flask microkernel project
provides dynamic security policy updates
fine-grained access decisions
policy flexibility
relatedTo Linux Security Modules API
surface form: Linux security modules

SELinux policy language
researchArea operating system security
separates security policy from enforcement mechanism
supports label-based access control
mandatory access control policies
multi-level security
role-based access control
type enforcement
usedIn SELinux
SELinux
surface form: Security-Enhanced Linux
uses security contexts
security labels

How these facts were elicited

Referenced by (2)

Full triples — surface form annotated when it differs from this entity's canonical label.

SELinux basedOn FLASK security architecture
FLASK security architecture developedFor FLASK security architecture self-linksurface differs
this entity surface form: Flask microkernel