Mandatory Access Control,
Umbrella is a security mechanism that implements a combination of Process-Based Access Control (PBAC) and authentication of binaries through Digital Signed Binaries (DSB). The scheme is designed for Linux-based consumer electronic devices ranging from mobile phones to settop boxes.
Umbrella is implemented on top of the Linux Security Modules (LSM) framework. The PBAC scheme is enforced by a set of restrictions on each process.