SE547: Information flow [2/23]

What is Mandatory Access Control?

What is a security level? Simple security levels: H and L.

Tag data and variables with security levels. Examples of information flow between security levels... Is x_H=y_L (write up) OK? Is y_L=x_H (write down) OK?

(Note: in this world, high-security programs have fewer rights than low-security programs! Spot the military funding...)

What is a covert channel? Examples? Can we completely eliminate covert channels?