Labels:text | screenshot OCR: CLASS A formal security policy and top-level specification are required. Covert A1 "timing channels are addressed, distribution is further secured, and source code mapping must be documented. Division A CLASS Highly resistant to penetration, this class supports a security administrator, event B3 signaling, and system-recovery procedures. Objects maintain lists granting or refusing access to users. CLASS Access control is extended to automatic data processing systems. Least privilege is B2 enforced, and covert storage channels are addressed. A trusted communication path between the user and the system is established. Division E CLASS Users and objects are assigned sensitivity labels and access is restricted according to their security clearance. CLASS `This dass requires an audit trail to track the actions of users, making them accountable for their activities. CLASS Division C CI Identification and authentication, data protection, and access control are introduced. CLASS A rating for products that fail to meet other levels of certification and Increasing levels of security and complexity D subsystems. Division D Figure I: The security levels specified by the federal government.
