Non-Discretionery Controls for Commercial Applications

The lattice model of non-discretionary access control in a secure computer system was developed in the early Seventies[BIaP]. The model was motivated by the controls used by the Defense Department and other "nationalsecurity" agencies to regulate people\´s access to sensitive information. Since that time, the lattice model has enjoyed reasonable success in several computer systems used to process national security classified information [MME; Multics; SACDIN]. "Reasonable success", in this context, means that human beings accept the systems and are able to use them to accomplish useful work,without the protection provided by the non-discretionary controls unduly interfering with productivity or perceived convenience.