|
Classification of OS Security:
The security classes of the Orange Book are defined incrementally as follows:
D – Minimal Protection
C1 – Discretionary Security Protection: intended for an environment where co-operating users process the data at the same level of integrity.
C2 – Controlled Access Protection: make users individually accountable for their actions. Most reasonable class for commercial applications.
B1 – Labelled Security Protection: intended to handle classified data and enforce mandatory policies. Include thorough security testing.
B2 – Structured Protection: Increases assurance by adding requirements to the design. e.g. Covert channel analysis.
B3 – Security Domains: Highly resistant to penetration.
A1 – Verified Design: Adds formal model for security policy.
|
