- Objects of Sensitivity Labels
- Single Classification: Each object is assigned a specific classification level.
- Component Set: Refers to the grouping of components under a single sensitivity label, often based on their classification levels.
- ‘Dominate’ in Access Control
- Meaning: A subject with a sensitivity level that “dominates” another has access to objects at that level or lower. Essentially, a user or process can access information classified at a level equal to or lower than their clearance level.
- Security Perimeter
- Definition: The boundary that separates the Trusted Computing Base (TCB) from the rest of the system. The TCB is the collection of hardware, software, and firmware that enforces the security policy within a system.
- Importance: Ensures that all interactions between the TCB and the outside environment are controlled and monitored.
- Validating TCB
- Purpose: Involves using formal methods to verify and validate the integrity of the TCB, ensuring that it operates correctly and securely within its defined parameters.
These concepts are fundamental for understanding how access control mechanisms are implemented and how security is maintained within a system, particularly in environments requiring high assurance of integrity and confidentiality.