Difference between revisions of "Security Boundary"
(→The Ideal) |
(→The Ideal) |
||
(One intermediate revision by the same user not shown) | |||
Line 5: | Line 5: | ||
===The Ideal=== | ===The Ideal=== | ||
− | In an ideal world there will be computer systems that have protected data and other computer systems that have unprotected data, perhaps like an onion there will be several gradations of protections, each with their own access controls. | + | In an ideal world there will be computer systems that have protected data and other computer systems that have unprotected data, perhaps like an onion there will be several gradations of protections, each with their own access controls. All of the difficulties relate to the ways that data and control moves from one protection level to another. This problem was understood and analyzed at an early date in the US DoD. Even then it became clear that the flow of data and the flow of control resulted in contradictory requirements as shown in the two models described below. |
*BIBA | *BIBA | ||
*Bell LaPadula | *Bell LaPadula |
Latest revision as of 11:11, 26 July 2018
Contents
Full Title or Meme
An imaginary definable perimeter encompassing all the critical functions in an INFOSEC product and separating them from all other functions within the product.[1]
Context
The Ideal
In an ideal world there will be computer systems that have protected data and other computer systems that have unprotected data, perhaps like an onion there will be several gradations of protections, each with their own access controls. All of the difficulties relate to the ways that data and control moves from one protection level to another. This problem was understood and analyzed at an early date in the US DoD. Even then it became clear that the flow of data and the flow of control resulted in contradictory requirements as shown in the two models described below.
- BIBA
- Bell LaPadula
The Real
Since the very first Trusted Execution Environment in 1961 there has been the desire to place only a part of the Resources of an enterprise in a location that is secure from attack.
Problems
All security boundaries have gateways that allow access to the protected Resources. Determination of what accesses are permitted across a boundary is never more than an approximation of an impenetrable boundary.
Solutions
References
One interesting note about the Glossary term referenced at NIST. It actually comes from the Committee on National Security Systems - Instructions which is on a site with a DoD level 3 certificate, which is not trusted by any of the major browser vendors.- ↑ NIST Glossary https://csrc.nist.gov/Glossary/?term=4819