Security and ARchitecture - PRACTICE

  1. TCSEC
    The trusted computer System Evaluation Criteria

    4 - classification rankings:

    A = verified protection

    B = Mandatory protection

    C = discretionary protection

    D = minimal security

    • Developed by Department of Defense - evaluate the security and assurance an OS provides
    • ORANGE book in the rainbow series
  2. Bell-LaPadula -
  3. Bell-LaPadula - "strong tranquility" inflexible
    mechanism that enforces the consistent security classification of an object.
  4. simulated environment for applications to run -
    virtual machine
  5. simulated environment for applications to run -
    virtual machine
  6. TPEP
  7. Trusted Computer System Evaluation Program TPEP - Produce list of evaluated products - consumer guide
  8. covert channel
    covert channel - using a path that was not intended for communication transmission
  9. system-high
    system-high - system mode - when all users have a security clearance or authorization to access the information but not necessarily a need to know for all the information processed on the system.
  10. firmware
    • firmware - loaded onto read-only memory (ROM) chips novolatile storae area
    • Non-votaile - when the computer is turned off the data is still there.
  11. Multiprogramming
    Multiprogramming - when an OS and CPU can execute more than one program at a time.

    the processes can commit a resource and the OS has less control over when the process releases than in multi-processing
  12. Cache -
    Type of RAM that holds data in memory that is accessed freqeuntly by CPU
  13. Object Reuse
    • different subject will use the same media.
    • If it contains sensitive information that data should be properly erased before another subject can haveaccess to it.
  14. The control unit
    • The control unit determines when data instructions can be sent on to the CPU for processing.
    • Data is held in registers until its turn to have the access to the CPU.

    The ALU is a component of the CPU that peforms mathematical and logical operations.
  15. Reference Monitor
    Reference Monitor holds the rules tha to utline how subjects can acces objects an the security kernel enforces these rules.

    enforces rule: subjects must have proper authority to access objects
  16. Common criteria
    takes the best of TCSEC and ITSEC

    more useful to measure - used globally
  17. Basic Security Theorum -
    If the system starts up in secure state - it will remain in secure state - shuts down in secure state
Card Set
Security and ARchitecture - PRACTICE
CISSP Security and ARchitecture practice