Ver:
· TCSEC - Trusted Computer System Evaluation Criteria
Aquellos
aspectos de la política de seguridad que conllevan la prestación de servicios
de seguridad a consecuencia de una petición por entidad solicitante de
comunicaciones. (ISO-7498-2). [Ribagorda:1997]
The C1 system
class. It consists of rather limited security features. The Orange Book
describes C1 systems as an environment of "cooperating users processing
data at the same level(s) of security." Security features are primarily
intended to prevent users from making honest mistakes that could damage the
system (eg. by writing over system memory or critical software) or from
interfering with other users' work (by deleting or modifying their programs or
data). The security features are insufficient to keep a determined intruder
out. The system architecture must be capable of protecting system code from
user programs. It must be tested to ensure proper operation and that security
features can't be bypassed in any obvious way. There are also specific documentation
requirements.
Two main
user-visible features required in this class are passwords and discretionary
protection of files and other objects.
[TCSEC:1985]
Temas relacionados