To Previous ChapterTo Table of ContentsTo Bottom of PageTo Next Chapter

CS459/559 - Network Security - Chapter 4: Security Levels

  1. Department of Defense Guidelines
    1. The Orange Book (Trusted Computer System Evaluation Criteria)
      1. Security Policy (the system must enforce a well-defined security policy)
      2. Marking (Every object stored in a computer must be able to be marked, in order to identify the object's security level)
      3. Identification (All individual objects must be identified)
      4. Accountability (Audit data must be kept and protected)
      5. Assurance (the system must contain a mechanism that can be independently evaluated, so as to provide assurance that the system enforces requirements above)
      6. Continuous protection against tampering or unauthorized changes.
    2. The Red Book (Trusted Network Interpretation Environments Guideline)
    3. The Brown Book (The Guide to Understanding Trusted Facility Management)
  2. C2 Security
      1. An individual wo owns a resource or file must have the capability to control access to that resource
      2. The OS must be able to prevent objects from being reused by other processes
      3. All users are required to enter a unique userid and password before accessing the system
      4. Authorized admin users must have access to audit data
      5. The system must be able to protect itself from external tampering
    1. Microsoft Windows NT
    2. Novell IntranetWare
    3. IBM OS/400
  3. Discretionary Access Control
    1. Access Control Matrix
    2. Audit Capability
To Previous ChapterTo Table of ContentsTo top of pageTo Next Chapter