home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
ftp.leeds.ac.uk
/
ftp.leeds.ac.uk.tar
/
ftp.leeds.ac.uk
/
pub
/
caddetc
/
mls-tools.txt
< prev
Wrap
Text File
|
1996-02-22
|
12KB
|
297 lines
MLS TOOLS 26 May 1995
We have these MLS solutions installed, accredited, and in operation at a number
of DOD sites:
Operations/Intelligence Workstation (OIW)
The OIW is a compartmented mode workstation that can securely and
simultaneously connect to one network operating at the Top Secret SCI level and
a second network operating at the Secret level. Typically, intelligence
personnel process Top Secret SCI information, while operations personnel
process Secret information. The OIW allows someone cleared at the Top Secret
level to have secure, simultaneous access to both environments.
Standard Mail Guard (SMG)
The SMG connects two networks that operate at different security levels,
automatically allowing the bi-directional exchange of electronic mail
classified no higher than the lower security level. It ensures all information
sent from the HIGH network (e.g., Secret) is properly labeled for access by
users on the LOW network (e.g., Unclassified). The SMG also blocks all other
network services from the LOW network (e.g., FTP, TELNET) so users do not have
access to information higher than at their security level.
Two-Level Workstation (2LWS)
The 2LWS is a compartmented mode workstation that can securely and
simultaneously connect to two networks operating at different security levels.
The 2LWS allows someone authorized access to either security level to use the
workstation. It will restrict users with a clearance at the lower security
level from having access to information at the higher level. It will allow
users with a clearance at the higher security level to have access to all
information at or below that level.
_________________________________________________________________
These systems, although not developed by the DOD MLS program, are commercially
available and can be key components in an MLS system.
Compartmented Mode Workstation (CMW)
The CMW is a commercial, off-the-shelf workstation designed to provide a
trusted computing base for workstation applications. A number of vendors, such
as Sun Microsystems, Digital Equipment Corporation (DEC), IBM, and SecureWare
have CMWs available on GSA contracts.
_________________________________________________________________
This glossary list comes from various sources. Click on a word or topic below
to link to its definition or explanation.
Access
A specific type of interaction between a subject and an object that results in
the flow of information from one to the other. (Source: GCST).
Access Control
The process of limiting access to the resources of a system only to authorized
programs, processes, or other systems (in a network). Synonymous with
controlled access and limited access. (Source: GCST)
Accreditation
A formal declaration by the designated approving authority (DAA) that the
automated information system (AIS) is approved to operate in a particular
security mode using a prescribed sete of safeguards. Accreditation is the
official management authorization for operation of an AIS and is based on the
certification process as well as other management considerations. The
accreditation statement affixes security responsibility with the DAA and shows
that due care has been taken for security. (Source: GCST)
Assurance
A measure of confidence that the security features and architecture of an AIS
accurately mediate and enforce the security policy. Compare with trusted
computer system. (Source: GCST)
Audit Trail
A chronological record of system activities that is sufficient to enable the
reconstruction, reviewing, and examination of the sequence of environments and
activities surrounding or leading to an operation, a procedure, or an event in
a transaction from its inception to final results. (Source: GCST)
Authenticate
1. To verify the identity of a user, device, or other entity in a computer
system, often as a prerequisite to allowing access to resources in a system.
2. To verify the integrity of data that have been stored, transmitted, or
otherwise exposed to possible unauthorized modification.
(Source: GCST)
Authorization
The granting of acccess rights to a user, program, or process. (Source: GCST)
Automated Information System
An assembly of computer hardware, software, and/or firmware configured to
collect, create, communicate, compute, disseminate, process, store, and/or
control data or information. (Source: GCST)
Availability
The state when data is in the place needed by [or accessible to] the user, at
the time the user needs them, and in the form needed by the user. (Source:
GCST)
Certification
The comprehensive evaluation of the technical and nontechnical security
features of an AIS and other safeguards, made in support of the accreditation
process, that establishes the extent to which a particular design and
implementation meet a specified set of security requirements. (Source: GCST)
Compartmented Mode of Operation
An AIS is operating in the compartmented mode when each user with direct or
indirect individual access to the AIS, its peripherals, remote terminals, or
remote hosts, has all of the following:
* A valid personnel clearance for the most restricted information on the
system.
* Formal access approval for, and has signed nondisclosure agreements for, that
information to which the user is to have access.
* A valid need-to-know for that information to which the user is to have
access.
(Source: GCST)
Covert Channel
A communications channel that allows two cooperating processes to transfer
information in a manner that violates the system's security policy. Synonymous
with confinement channel. (Source: GCST)
Covert Storage Channel
A covert channel that involves the direct or indirect writing of a storage
location by one process and the direct or indirect reading of the storage
location by another process. Covert storage channnels typically involve a
finite resource (e.g., sectors on a disk) that is shared by two subjects at
different security levels. (Source: GCST)
Covert Timing Channel
A covert channel in which one process signals information to another by
modulating its own use of system resources (e.g., CPU time) in such a way that
this manipulation affects the real response time observed by the second
process. (Source: GCST)
Dedicated Mode of Operation
An AIS is operating in the dedicated mode when each user with direct or
indirect individual access to the AIS, its peripherals, remote terminals, or
remote hosts, has all of the following:
* A valid personnel clearance for all information on the system.
* Formal access approval for, and has signed nondisclosure agreements for, all
the information stored and/or processed (including all compartments,
subcompartments, and/or special access programs).
* A valid need-to-know for all information contained within the system.
(Source: GCST)
Denial of Service
Any action or series of actions that prevent any part of a system from
functioning in accordance with its intended purpose. This includes any action
that causes unauthorized destruction, modification, or delay of service.
Synonymous with interdiction. (Source: GCST)
Designated Approving Authority (DAA)
The official who has the authority to decide on accepting the security
safeguards prescribed for an AIS, or that official who may be responsible for
issuing an accreditation statement that records the decision to accept those
safeguards. (Source: GCST)
Discretionary Access Control (DAC)
A means of restricting access to objects based on the identity and need-to-know
of the user, process, and/or groups to which they belong. The controls are
discretionary in the sense that a subject with a certain access permission is
capable of passing that permission (perhaps indirectly) on to any other
subject. Compare mandatory access control. (Source: GCST)
Evaluation
An assessment of a product agains the Trusted Computer System Evaluation
Criteria (The Orange Book).
Information Warfare
Information warfare is the activity by a hacker, terrorist, or other adversary
to disrupt an information system. Traditional security addresses the protection
of information. Information warfare is aimed at protecting the systems that
collect, store, manipulate, and transport information so that they are not
accessed by unauthorized persons and are available as needed. (Source: Defense
Information Infrastructure Master Plan)
Mandatory Access Control (MAC)
A means of restricting access to objects based on the sensitivity (as
represented by a label) of the information contained in the objects and the
formal authorization (i.e., clearance) of subjects to access information of
such sensitivity. Compare discretionary access control. (Source: GCST)
Multilevel Mode of Operation
An AIS is operating in the multilevel mode when all of the following statements
are satisfied concerning the users with direct or indirect access to the AIS,
its peripherals, remote terminals, or remote hosts:
* Some do not have a valid personnel clearance for all of the information
processed in the system.
* All have the proper clearance and have the appropriate formal access approval
for that information to which they are to have access.
* All have a valid need-to-know for that information to which they are to have
access.
(Source: GCST)
Multilevel Security (MLS)
An MLS system is a system containing information with different security
classifications that simultaneously permits access by users with different
security clearances and needs to know. This system prevents users from
obtaining access to information for which they lack authorization. (Source: DOD
Directive 5200.28)
Risk
The probability that a particular threat will exploit a particular
vulnerability of the system. (Source: GCST)
Risk Analysis
The process of identifying security risks, determining their magnitude, and
identifying areas needing safeguards. Risk analysis is a part of risk
management. Synonymous with risk assessment. (Source: GCST)
Risk Management
The total process of identifying, controlling, and eliminating or minimizing
uncertain events that may affect system resources. It includes risk analysis,
cost/benefit analysis, selection, implementation and test, security evaluation
of safeguards, and overall security review. (Source: GCST)
Sensitive Compartmented Information
Information restricted to people who have been given formal access to the
security program, called a compartment.
Security Policy
The set of laws, rules, and practices that regulate how an organization
manages, protects, and distributes sensitive information. (Source: GCST)
System-High Mode of Operation
An AIS is operating in the system-high mode when each user with direct or
indirect access to the AIS, its peripherals, remote terminals, or remote hosts,
has all of the following:
* A valid personnel clearance for all information on the system.
* Formal access approval for, and has signed nondisclosure agreements for, all
the information stored and/or processed (including all compartments,
subcompartments, and/or special access programs).
* A valid need-to-know for some of the information contained within the system.
(Source: GCST)
Trusted Computer System
A system that employs sufficient hardware and software assurance measures to
allow its use for simultaneous processing of a range of sensitive or classified
information. (Source: GCST)
_________________________________________________________________
Note: "GCST" means the Glossary of Computer Security Terms, NCSC-TG-004,
21 Oct 88 (the "Olive" Book).
_________________________________________________________________