Multi-level security, mandatory access control

Security in Computing (3rd Edition)

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
1 October 31, 2005 © Doug Tygar, 2005 (cs161.org) Government models of security Doug Tygar (doug.tygar@gmail.com) October 31, 2005 cs161.org October 31, 2005 © Doug Tygar, 2005 (cs161.org) Military models of security “Need to know” Three models of security ± Classification ² unclassified, classified, secret, top secret ± Compartmentalization ² nuclear, crypto, weapons specific ± Discretionary access control ² Distribution lists October 31, 2005 © Doug Tygar, 2005 (cs161.org) What clearance means Clearance is primarily a restriction on what you can release Declassification = permission to discuss Everyday example: Non-disclosure agreements Advice: Be careful before agreeing to clearance or NDAs October 31, 2005 © Doug Tygar, 2005 (cs161.org) Two ways to rank systems How much do they protect military models of classification? What is the strength of mechanism October 31, 2005 © Doug Tygar, 2005 (cs161.org) History US Orange book (Trusted Computer Security Evaluation
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 3

Multi-level security, mandatory access control - Government...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online