Chapter 8 Risk Management HMI 6571
Least privilege
The data access principle that ensures no unnecessary access to data exists by regulating members so they can perform only the minimum data manipulation necessary. Least privilege implies a need to know.
covert channels
Unauthorized or unintended methods of communications hidden inside a computer system.
Common Criteria for Information Technology Security Evaluation
An international standard (ISO/IEC 15408) for computer security certification that is considered the successor to TCSEC and ITSEC.
storage channels
A TCSEC-defined covert channel that communicates by modifying a stored object, such as in steganography.
timing channels
A TCSEC-defined covert channel that communicates by modifying a stored object, such as in steganography.
Bell-LaPadula (BLP) confidentiality model
A confidentiality model or "state machine reference model" that ensures the confidentiality of the modeled system by using MACs, data classification, and security clearances.
security clearance
A personnel security structure in which each user of an information asset is assigned an authorization level that identifies the level of classified information he or she is "cleared" to access.
mandatory access control (MAC)
A required, structured data classification scheme that rates each collection of information as well as each user. These ratings are often referred to as sensitivity or classification levels.
Lattice-based access control
A variation on the MAC form of access control, which assigns users a matrix of authorizations for particular areas of access, incorporating the information assets of subjects such as users and objects.
Discretionary access controls (DACs)
Access controls that are implemented at the discretion or option of the data user.
Non-discretionary controls
Access controls that are implemented by a central authority.
Biba integrity model
An access control model that is similar to BLP and is based on the premise that higher levels of integrity are more worthy of trust than lower levels.
dumpster diving
An information attack that involves searching through a target organization's trash and recycling bins for sensitive information.
Information Technology System Evaluation Criteria (ITSEC)
An international set of criteria for evaluating computer systems, very similar to TCSEC.
Trusted Computer System Evaluation Criteria (TCSEC)
An older DoD system certification and accreditation standard that defines the criteria for assessing the access controls in a computer system. Also known as the rainbow series due to the color coding of the individual documents that made up the criteria.
Security Model
Another term for Framework
capabilities table
In a lattice-based access control, the row of attributes associated with a particular subject (such as a user).
blueprint
In information security, a framework or security model customized to an organization, including implementation details.
Framework
In information security, a specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls, including InfoSec policies, security education and training programs, and technological controls. Also known as a security model.
Separation of Duties
The information security principle that requires significant tasks to be split up so that more than one individual is required to complete them.
Need-to-know
The principle of limiting users' access privileges to only the specific information required to perform their assigned tasks.
trusted computing base (TCB)
Under TCSEC, the combination of all hardware, firmware, and software responsible for enforcing the security policy.
reference monitor
Within TCB, a conceptual piece of the system that manages access controls—in other words, it mediates all access to objects by subjects.