Need to know
Encyclopedia
The term "need to know", when used by government
and other organizations (particularly those related to the military
or espionage
), describes the restriction of data which is considered very sensitive. Under need-to-know restrictions, even if one has all the necessary official approvals (such as a security clearance
) to access certain information, one would not be given access to such information, or read into
a clandestine operation
, unless one has a specific need to know; that is, access to the information must be necessary for the conduct of one's official duties.
As with most security mechanisms, the aim is to make it difficult for unauthorized access to occur, without inconveniencing legitimate access. Need-to-know also aims to discourage "browsing" of sensitive material by limiting access to the smallest possible number of people.
The Battle of Normandy
in 1944 is an example of a need-to-know restriction. Though thousands of military personnel were involved in planning the invasion, only a small number of them knew the entire scope of the operation; the rest were only informed of data needed to complete a small part of the plan. The same is true of the Trinity project.
mechanisms of some operating system
s can be used to enforce need to know. In this case, the owner of a file determines whether another person should have access. Need to know is often concurrently applied with mandatory access control
schemes, in which the lack of an official approval (such as a clearance) may absolutely prohibit a person from accessing the information. This is because need to know can be a subjective assessment. Mandatory access control schemes can also audit accesses, in order to determine if need to know has been violated.
The term is also used in the concept of graphical user interface
design where computers are controlling complex equipment such as airplanes. In this usage, when many different pieces of data are dynamically competing for finite User interface
space, safety-related messages are given priority.
Government
Government refers to the legislators, administrators, and arbitrators in the administrative bureaucracy who control a state at a given time, and to the system of government by which they are organized...
and other organizations (particularly those related to the military
Military
A military is an organization authorized by its greater society to use lethal force, usually including use of weapons, in defending its country by combating actual or perceived threats. The military may have additional functions of use to its greater society, such as advancing a political agenda e.g...
or espionage
Espionage
Espionage or spying involves an individual obtaining information that is considered secret or confidential without the permission of the holder of the information. Espionage is inherently clandestine, lest the legitimate holder of the information change plans or take other countermeasures once it...
), describes the restriction of data which is considered very sensitive. Under need-to-know restrictions, even if one has all the necessary official approvals (such as a security clearance
Security clearance
A security clearance is a status granted to individuals allowing them access to classified information, i.e., state secrets, or to restricted areas after completion of a thorough background check. The term "security clearance" is also sometimes used in private organizations that have a formal...
) to access certain information, one would not be given access to such information, or read into
Read into
The process of being read into a compartmented program generally entails being approved for access to particularly sensitive and restricted information about a classified program, receiving a briefing about the program, and formally acknowledging the...
a clandestine operation
Clandestine operation
A clandestine operation is an intelligence or military operation carried out in such a way that the operation goes unnoticed.The United States Department of Defense Dictionary of Military and Associated Terms defines "clandestine operation" as "An operation sponsored or conducted by governmental...
, unless one has a specific need to know; that is, access to the information must be necessary for the conduct of one's official duties.
As with most security mechanisms, the aim is to make it difficult for unauthorized access to occur, without inconveniencing legitimate access. Need-to-know also aims to discourage "browsing" of sensitive material by limiting access to the smallest possible number of people.
The Battle of Normandy
Operation Overlord
Operation Overlord was the code name for the Battle of Normandy, the operation that launched the invasion of German-occupied western Europe during World War II by Allied forces. The operation commenced on 6 June 1944 with the Normandy landings...
in 1944 is an example of a need-to-know restriction. Though thousands of military personnel were involved in planning the invasion, only a small number of them knew the entire scope of the operation; the rest were only informed of data needed to complete a small part of the plan. The same is true of the Trinity project.
Problems and criticism
Need-to-know (like other security measures) can be misused by some personnel who wish to refuse others access to information they hold in an attempt to increase their personal power, prevent unwelcome review of their work, prevent embarrassment resulting from actions or thoughts, or to cover up illegal actions.In computer technology
The discretionary access controlDiscretionary access control
In computer security, discretionary access control is a kind of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong...
mechanisms of some operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
s can be used to enforce need to know. In this case, the owner of a file determines whether another person should have access. Need to know is often concurrently applied with mandatory access control
Mandatory access control
In computer security, mandatory access control refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target...
schemes, in which the lack of an official approval (such as a clearance) may absolutely prohibit a person from accessing the information. This is because need to know can be a subjective assessment. Mandatory access control schemes can also audit accesses, in order to determine if need to know has been violated.
The term is also used in the concept of graphical user interface
Graphical user interface
In computing, a graphical user interface is a type of user interface that allows users to interact with electronic devices with images rather than text commands. GUIs can be used in computers, hand-held devices such as MP3 players, portable media players or gaming devices, household appliances and...
design where computers are controlling complex equipment such as airplanes. In this usage, when many different pieces of data are dynamically competing for finite User interface
User interface
The user interface, in the industrial design field of human–machine interaction, is the space where interaction between humans and machines occurs. The goal of interaction between a human and a machine at the user interface is effective operation and control of the machine, and feedback from the...
space, safety-related messages are given priority.
In Medical Education
Describing material that is high yield, and will unequivocally appear on an exam or be used to save a patient's life.See also
- Compartmentalization (information security)
- Principle of least privilegePrinciple of least privilegeIn information security, computer science, and other fields, the principle of least privilege, also known as the principle of minimal privilege or just least privilege, requires that in a particular abstraction layer of a computing environment, every module must be able to access only the...
- Security through obscuritySecurity through obscuritySecurity through obscurity is a pejorative referring to a principle in security engineering, which attempts to use secrecy of design or implementation to provide security...