*Security Modes*:
US government has designated four Security Modes for systems that process classified information.
Security modes refers to modes of operations used in mandatory access control (MAC) systems.
*Dedicated Security Mode*:
This is a system with only one level of security
(*Single Mode*)
All users must be at or above the same level of security clearance and have a valid need-to-know and should have approval for all of the information on the system.
In short: All users can access all data.
(*Valid Need to know + Formal Approval + Security Clearance* = All are required)
*System High security mode*:
Similar to dedicated security mode, except that users may access some data on the system based upon their need-to-know.
In short: All users can access some data based on their need to know
( *Valid Need to know for some data and need not be on all the data* + Formal Approval + Security Clearance are required)
*Compartmented security mode*:
Similar to system high security mode, except that users may access some data on the system based upon their need-to-know plus formal access approval.
In short: All users can access some data based on their need to know and formal access approval.
( *Valid Need to know for some data + Formal Approval for some data and need not be on all the data* + Security Clearance on all the data are required)
*Multilevel security mode*:
Similar to compartmented security mode, except that users may access some data based upon their need-to-know, formal access approval, and proper clearance.
In short:All users can access some data based on their need to know, clearance, and formal access approval.
( *Valid Need to know for some data + Formal Approval for some data + Security Clearance for some data and need not be on all the data*)
Multilevel requires *Trusted path* when communicating with different security domain.
theresagillismcnelley
Sun, 06 Nov 2016 16:43:15 GMT
Thanks for taking the time to create these. They are very helpful.