Security Clearance Level (Dictionary Entry)

Security Clearance Level

Alternative Forms

Definitions

Definition 1

A security label applied to an entity.

Related Terms

  • Multi-Level Security Policy

  • Security Classification

  • Security Label

  • System

Quotes

Mandatory access control policy is expressed in terms of security labels attached to subjects and objects. A label on an object is called a security classification, while a label on a user is called a security clearance.

(Sandhu, 1993, p. 14)

An information flow model FM is defined by

Fm = N, P, SC, , ⭢ ⟩.

(…)

SC = { A, B, ... } is a set of security classes corresponding to disjoint classes of information. They are intended to encompass, but are not limited to, the familiar concepts of "security classifications," "security categories," and "need to know" [9, 23]. Each object a is bound to a security class, denoted by a, which specifies the security class associated with the information stored in a. There are two methods of binding objects to security classes: static binding, where the security class of an object is constant, and dynamic binding, where the security class of an object varies with its contents. Users may be bound, usually statically, to security classes referred to as "security clearances" [2, 22, 23]. Each process p may also be bound to a security class, which we denote by p. In this case, p may be determined by the security clearance of the user owning p or by the history of security classes to which p has had access.

(Denning, 1976, p. 236-237)

Bibliography

See Also


Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.


This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.