Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [CISSP-D] System-high security mode vs Compartmented security mode

from [Dave Sims] Network Security [Permanent Link]
Subject: RE: [CISSP-D] System-high security mode vs Compartmented security mode
Date: Wed, 4 May 2005 22:27:07 -0500 
I think your definitions are slightly skewed.

Compartmentalized security is based on need to know "Regardless" of security 
level.  An example might be My security rating is higher than yours, but I am 
not allowed access to information stored in your compartment because I don't 
work on that project, or need to know about it.

Using need to know in system-high is somewhat confusing.  System-high mode is 
more a certification of the system, than the user.  

This is another definition I Googled for you.  

system high mode: [An] information system (IS) security mode of operation 
wherein each user, with direct or indirect access to the information system 
(IS), its peripherals, remote terminals, or remote hosts, has all of the 
following: (a) valid security clearance for all information within an IS; (b) 
formal access approval and signed nondisclosure agreements for all the 
information stored and/or processed (including all compartments, 
subcompartments and/or special access programs); and (c) valid need-to-know for 
some of the information contained within the IS. [INFOSEC-99]

Meaning to me that the system meets System-high parameters, and you could still 
have compartmentalized security.  I am not absolutely certain on this and would 
welcome some more guidance from someone else on the list.

Thanks

Dave




 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [CISSP-D] Study Guide, kumenaghomon
Next by Date:  [CISSP-D] Symmetric Key and authentication., Vijay Kumar
Previous by Thread:  [CISSP-D] System-high security mode vs Compartmented security mode, robbowring
Next by Thread:  Re: [CISSP-D] System-high security mode vs Compartmented security mode, Doug Landoll
Indexes:  [Date] [Thread] [Top] [All Lists]