!!! Overview
[{$pagename}] or [LBAC] is a complex [Access Control Model] based on the interaction between any combination of [Digital Subjects] and [Service Provider] [Resources] (such as [Resource Actions], [Operating System Attributes], and [Application Attributes]).

In this type of label-based [Mandatory Access Control] model, a lattice is used to define the levels of security that an [Resource] may have and that a [Digital Subject] may have access to. The [Digital Subject] is only allowed to access an [Resource] if the security level of the [Digital Subject] is greater than or equal to that of the [Resource].

Mathematically, the security level access may also be expressed in terms of the lattice (a partial order set) where each [Resource] and [Digital Subject] have a greatest lower bound (meet) and least upper bound (join) of access rights. 

For example, if two [Digital Subject] A and B need access to an [Resource], the security level is defined as the meet of the levels of A and B. In another example, if two [Resource] X and Y are combined, they form another [Resource] Z, which is assigned the security level formed by the join of the levels of X and Y.

More simply stated, each [Digital Subject] and each [Resource] are assigned a Access Control Level, (think, Confidential, Secret, Public) and access is granted only if the [Digital Subject]'s Access Control Level is as high or higher than the Access Control Level of the [Resource].

[{$pagename}] is used to some degree in [Trust Tiers] as defined in [Google]'s [BeyondCorp]

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]----
* [#1] - [http://en.wikipedia.org/wiki/Lattice-based_access_control|http://en.wikipedia.org/wiki/Lattice-based_access_control|target='_blank'] - based on information obtained 2013-07-28