11. SELinux identities or User based access control: - First field in security context tuple - SELinux identities a way to map Linux logins to SELinux Users - User based access control mechanisme to isolate SELinux users
12. Role Based Access Control: - Second field in security context tuple - Mechanism that enables SELinux users to switch types
13. Type Enforcement: - Third field in security context tuple - Processes and objects are assigned types - Policy governs how types can interact
14. Multi Level Security or Multi Category Security: - Fourth field in security context tuple
15. MLS: - Processes and objects are assigned security levels - Security level is a sensitivity and compartment(s) - s0 SystemLow - s15:c0.c1023 SystemHigh 16 sensitivities 1024 compartments “No read up and no write down”
16. MCS: - Alternative way to use MLS attribute - Only one sensitivity - 1024 categories - Semi-discretionary - MCS used in Svirt and Sandbox -X