Security Label (Dictionary Entry)
Security Label
Alternative Forms
Security Class
Security Classification
Specialization
Security Clearance
Specialization
Definitions
Warning
The terms security category, security class, and security label are sometimes used loosely without distinction.
Definition 1
.
Related Terms
Access Control
Bell-LaPadula Model
Information Flow
Multi-Level Security Policy
System
Quotes
Information flow is usually controlled by assigning every object a security class, also called a security label. Whenever information flows from object x to object y, there is an accompanying information flow from the security class of x to the security class of y. Henceforth, when I talk about information flowing from security class A to security class B, visualize information flowing from an object labeled A to an object labeled B.
(Sandhu, 1993, p. 10)
An information flow model FM is defined by
Fm = ⟨ N, P, SC, ⊕, ⭢ ⟩.
(…)
SC = { A, B, ... } is a set of security classes corresponding to disjoint classes of information. They are intended to encompass, but are not limited to, the familiar concepts of "security classifications," "security categories," and "need to know" [9, 23]. Each object a is bound to a security class, denoted by a, which specifies the security class associated with the information stored in a. There are two methods of binding objects to security classes: static binding, where the security class of an object is constant, and dynamic binding, where the security class of an object varies with its contents. Users may be bound, usually statically, to security classes referred to as "security clearances" [2, 22, 23]. Each process p may also be bound to a security class, which we denote by p. In this case, p may be determined by the security clearance of the user owning p or by the history of security classes to which p has had access.
(Denning, 1976, p. 236-237)
Bibliography
See Also
-
Denning, 1976 (Bibliography)
-
Information Flow Policy (Dictionary Entry) (Dictionary)
-
Sandhu, 1993 (Bibliography)
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.