Mic security model invoke rule

invoke {source : <Sid>, target : <Sid>}

This verifies the permissibility of data streams from the source subject to the target subject.

It returns the "granted" result if the integrity level of the target subject does not exceed the integrity level of the source subject.

It returns the "denied" result in the following cases:

• The integrity level of the target subject exceeds the integrity level of the source subject.
• The integrity level of the target subject is incomparable to the integrity level of the source subject.
• An integrity level was not assigned to the source subject or to the target subject.
• The source or target value is outside of the permissible range.

Page top