2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet307/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   303   304   305   306   307   308   309   310   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Processing Types
Many high-security systems control the processing of information assigned to various 
security levels, such as the classification levels of unclassified, sensitive, confidential, 
secret, and top secret that the U.S. government assigns to information related to national 
defense. Computers must be designed so that they do not—ideally, so that they cannot—
inadvertently disclose information to unauthorized recipients.
Computer architects and security policy administrators have addressed this problem 
at the processor level in two different ways. One is through a policy mechanism, whereas 
the other is through a hardware solution. The following list explores each of those 
options:
Single State Single-state systems
require the use of policy mechanisms to manage infor-
mation at different levels. In this type of arrangement, security administrators approve a 
processor and system to handle only one security level at a time. For example, a system 
might be labeled to handle only secret information. All users of that system must then be 
approved to handle information at the secret level. This shifts the burden of protecting the 
information being processed on a system away from the hardware and operating system 
and onto the administrators who control access to the system.
Multistate Multistate systems
are capable of implementing a much higher level of secu-
rity. These systems are certified to handle multiple security levels simultaneously by using 
specialized security mechanisms such as those described in the next section, “Protection 
Mechanisms.” These mechanisms are designed to prevent information from crossing 
between security levels. One user might be using a multistate system to process secret infor-
mation, while another user is processing top-secret information at the same time. Technical 
mechanisms prevent information from crossing between the two users and thereby crossing 
between security levels.
In actual practice, multistate systems are relatively uncommon owing to the expense of 
implementing the necessary technical mechanisms. This expense is sometimes justified; 
however, when you’re dealing with a very expensive resource, such as a massively parallel 
system, the cost of obtaining multiple systems far exceeds the cost of implementing
the additional security controls necessary to enable multistate operation on a single
such system.

Assess and Mitigate Security Vulnerabilities 

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   303   304   305   306   307   308   309   310   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish