Security modes
Encyclopedia
Generally, Security modes refer to information systems security modes of operations used in mandatory access control
Mandatory access control
In computer security, mandatory access control refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target...

 (MAC) systems. Often, these systems contain information at various levels of security classification. The mode of operation is determined by:
  • The type of users who will be directly or indirectly accessing the system.
  • The type of data, including classification levels, compartments, and categories, that are processed on the system.
  • The type of levels of users, their need to know, and formal access approvals that the users will have.

Dedicated security mode

In this mode of operation, all users must have:
  • Signed NDA
    Non-disclosure agreement
    A non-disclosure agreement , also known as a confidentiality agreement , confidential disclosure agreement , proprietary information agreement , or secrecy agreement, is a legal contract between at least two parties that outlines confidential material, knowledge, or information that the parties...

     for ALL information on the system.
  • Proper clearance for ALL information on the system.
  • Formal access approval for ALL information on the system.
  • A valid need to know
    Need to know
    The term "need to know", when used by government and other organizations , describes the restriction of data which is considered very sensitive...

     for ALL information on the system.

All users can access ALL data.

System high security mode

In this mode of operation, all users must have:
  • Signed NDA
    Non-disclosure agreement
    A non-disclosure agreement , also known as a confidentiality agreement , confidential disclosure agreement , proprietary information agreement , or secrecy agreement, is a legal contract between at least two parties that outlines confidential material, knowledge, or information that the parties...

     for ALL information on the system.
  • Proper clearance for ALL information on the system.
  • Formal access approval for ALL information on the system.
  • A valid need to know
    Need to know
    The term "need to know", when used by government and other organizations , describes the restriction of data which is considered very sensitive...

     for SOME information on the system.

All users can access SOME data, based on their need to know
Need to know
The term "need to know", when used by government and other organizations , describes the restriction of data which is considered very sensitive...

.

Compartmented security mode

In this mode of operation, all users must have:
  • Signed NDA
    Non-disclosure agreement
    A non-disclosure agreement , also known as a confidentiality agreement , confidential disclosure agreement , proprietary information agreement , or secrecy agreement, is a legal contract between at least two parties that outlines confidential material, knowledge, or information that the parties...

     for ALL information on the system.
  • Proper clearance for ALL information on the system.
  • Formal access approval for SOME information they will access on the system.
  • A valid need to know
    Need to know
    The term "need to know", when used by government and other organizations , describes the restriction of data which is considered very sensitive...

     for SOME information on the system.

All users can access SOME data, based on their need to know
Need to know
The term "need to know", when used by government and other organizations , describes the restriction of data which is considered very sensitive...

 and formal access approval.

Multilevel security mode

In this mode of operation, all users must have:
  • Signed NDA
    Non-disclosure agreement
    A non-disclosure agreement , also known as a confidentiality agreement , confidential disclosure agreement , proprietary information agreement , or secrecy agreement, is a legal contract between at least two parties that outlines confidential material, knowledge, or information that the parties...

     for ALL information on the system.
  • Proper clearance for SOME information on the system.
  • Formal access approval for SOME information on the system.
  • A valid need to know
    Need to know
    The term "need to know", when used by government and other organizations , describes the restriction of data which is considered very sensitive...

     for SOME information on the system.

All users can access SOME data, based on their need to know
Need to know
The term "need to know", when used by government and other organizations , describes the restriction of data which is considered very sensitive...

, clearance and formal access approval

Summary

Signed NDA for Proper clearance for Formal access approval for A valid need to know for
Dedicated security mode ALL information on the system. ALL information on the system. ALL information on the system. ALL information on the system.
System high security mode ALL information on the system ALL information on the system ALL information on the system SOME information on the system
Compartmented security mode ALL information on the system ALL information on the system SOME information on the system SOME information on the system
Multilevel security mode ALL information on the system SOME information on the system SOME information on the system SOME information on the system

See also

  • Access control
    Access control
    Access control refers to exerting control over who can interact with a resource. Often but not always, this involves an authority, who does the controlling. The resource can be a given building, group of buildings, or computer-based information system...

  • Multifactor authentication
  • Bell–LaPadula model
  • Biba model
    Biba model
    The Biba Model or Biba Integrity Model developed by Kenneth J. Biba in 1977, is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity...

  • Clark-Wilson model
    Clark-Wilson model
    The Clark-Wilson integrity model provides a foundation for specifying and analyzing an integrity policy for a computing system.The model is primarily concerned with formalizing the notion of information integrity. Information integrity is maintained by preventing corruption of data items in a...

  • Discretionary access control
    Discretionary access control
    In computer security, discretionary access control is a kind of access control defined by the Trusted Computer System Evaluation Criteria "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong...

     (DAC)
  • Graham-Denning model
    Graham-Denning model
    The Graham-Denning Model is a computer security model that shows how subjects and objects should be securely created and deleted.It also addresses how to assign specific access rights...

  • Multilevel security
    Multilevel security
    Multilevel security or Multiple Levels of Security is the application of a computer system to process information with different sensitivities , permit simultaneous access by users with different security clearances and needs-to-know, and prevent users from obtaining access to information for...

     (MLS)
  • Mandatory access control
    Mandatory access control
    In computer security, mandatory access control refers to a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target...

     (MAC)
  • Security
    Security
    Security is the degree of protection against danger, damage, loss, and crime. Security as a form of protection are structures and processes that provide or improve security as a condition. The Institute for Security and Open Methodologies in the OSSTMM 3 defines security as "a form of protection...

  • Security engineering
    Security engineering
    Security engineering is a specialized field of engineering that focuses on the security aspects in the design of systems that need to be able to deal robustly with possible sources of disruption, ranging from natural disasters to malicious acts...

  • Take-grant model

External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK