Mic security model execute rule

This assigns the specified integrity level to the target subject and defines the minimum integrity level of subjects and resources from which this subject can receive data (levelR). The code of the target subject is in the image executable file.

If the level value is not defined (level : ()), the integrity level of the image executable file is assigned to the target subject. If the image value is not defined (image : ()), the level value must be defined.

If the levelR value is not defined (levelR : ()), the value of levelR is equal to level.

To define the integrity level and levelR, values of the Level type are used. For the definition of the Level type, see "Mic security model create rule".

The rule returns the "granted" result if it assigned the specified integrity level to the target subject and defined the minimum integrity level of subjects and resources from which this subject can receive data (levelR).

The rule returns the "denied" result in the following cases:

• The level value exceeds the integrity level of the image executable file.
• The level value is incomparable to the integrity level of the image executable file.
• The value of levelR exceeds the value of level.
• The level and levelR values are incomparable.
• An integrity level was not assigned to the image executable file.
• The image or target value is outside of the permissible range.

Example: