Administratively directed access control (ADAC)

Access control in which administrators control who can access which objects. Contrast with user-directed access control (UDAC). See Mandatory access control.


Confidence that a system design meets its requirements, or that its implementation meets its specification, or that some specific property is satisfied.


The process of making and keeping the records necessary to support accountability. See Audit trail analysis.

Audit trail

The results of monitoring each operation of subjects on objects; for example, an audit trail might be a record of all actions taken on a particularly sensitive file.

Audit trail analysis

Examination of an audit trail, either manually or automatically, possibly in real time (Lunt, 1988).


Providing assurance regarding the identity of a subject or object, for example, ensuring that a particular user is who he claims to be.

Authentication sequence

A sequence used to authenticate the identity of a subject or object.


Determining whether a subject (a user or system) is trusted to act for a given purpose, for example, allowed to read a particular file.


The property that a given resource will be usable during a given time period.

Bell and La Padula model

An information-flow security model couched in terms of subjects and objects and based on the concept that information shall not flow to an object of lesser or noncomparable classification (Bell and La Padula, 1976).

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement