Chapter 8 - Security Management Models

Question 1

Blueprint

Answer 1

In InfoSec, a framework or security model customized to an organization, including implementation details.F

Question 2

Framework

Answer 2

In InfoSec, a specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls, including InfoSec policies, security education and training programs, and technological controls. Also known as a security model.

Question 3

Reference monitor

Answer 3

Within TCB, a conceptual piece of the system that manages access controls – in other words, it mediates all access to objects by subjects.

Question 4

Covert channels

Answer 4

Unauthorized or unintended methods of communications hidden inside a computer system.

Question 5

Storage channels

Answer 5

A TCSEC-defined covert channel that communicates by modifying a stored object, such as in steganography.

Question 6

Timing channels

Answer 6

A TSEC-defined covert channel that communicates by managing the relative timing of events.

Question 7

Trusted Computer System Evaluation Criteria (TCSEC)

Answer 7

A deprecated (no longer used) DoD system certification and accreditation standard that defined the criteria for assessing the access controls in a computer system. Also known as the rainbow series due to the color coding of the individual documents that made up the criteria.

Question 8

Trusted Computing Base (TCB)

Answer 8

Under TCSEC, the combination of all hardware, firmware, and software responsible for enforcing the security policy.

Question 9

Information Technology System Evaluation Criteria (ITSEC)

Answer 9

An international set of criteria for evaluating computer systems, very similar to TSEC.

Question 10

Common Criteria for Information Technology Security Evaluation

Answer 10

An international standard (ISO/IEC 15408) for computer security certification that is considered the successor to TCSEC and ITSEC.

Question 11

Access control

Answer 11

The selective method by which systems specify who may use a particular resource and how they may use it.

Question 12

Least privilege

Answer 12

The data access principle that ensures no unnecessary access to data exists by regulating members so they can perform only the minimum data manipulation necessary. Least privilege implies a need-to-know.

Question 13

Need-to-know

Answer 13

The principle of limiting users’ access privileges to only the specific information required to perform their assigned tasks.

Question 14

Separation of duties

Answer 14

The information security principle that requires significant tasks to be split up so that more than one individual is required to complete them.

Question 15

Capabilities table

Answer 15

In a lattice-based access control, the row of attributes associated with a particular subject (such as a user)

Question 16

Discretionary Access Controls (DACs)

Answer 16

Access controls that are implemented at the discretion or option of the user.

Question 17

Dumpster Diving

Answer 17

An information attack that involves searching through a target organization’s trash and recylcing bins for sensitive information

Question 18

Lattice-based access control

Answer 18

A variation of the MAC form of access control, which assigns users a matrix of authorizations for particular areas of access, incorporating the information assets of subjects such as users and objects.

Question 19

Mandatory Access Control (MAC)

Answer 19

A required, structured data classification scheme that rates each collection of information as well as each user. These ratings are often referred to as sensitivity or classification levels.

Question 20

Security clearance

Answer 20

A personal security structure in which each user of an information asset is assigned an authorization level that identifies the level of classified information he or she is “cleared” to access.B

Question 21

Nondiscretionary controls

Answer 21

Access controls that are implemented by a central authority.

Question 22

Bell-LaPadula (BLP) confidentiality model

Answer 22

A confidentiality model or “state machine reference model” that ensures the confidentiality of the modeled system by using MACs, data classification, and security clearances.

Question 23

Biba integrity model

Answer 23

An access control model that is similar to BLP and is based on the premise that higher levels of integrity are more worhty of trust than lower levels.