Imagine a system that processes information. This information is classified in nature. When we say, it's classified, it means that the information has been labeled according to the data classification scheme finalized by the organization. This scheme can be company specific, such as public, internal, and confidential, or military/government specific such as Confidential, Top Secret, Secret, or Public. As a general user or a security professional, you would want proper controls to be implemented and the system to be secure that processes such information. Imagine a scenario where such a malicious user tries to access this information. What clearance must this person have? Will he/she have access to all classified levels?
Hey!!, stop imagining. Let’s discuss something else now. Hold on, I know, I had asked you to imagine the scenario above. But answers to all your questions would follow, so keep on reading further. We need to learn and understand a few terms before we are ready to hear the answer to the question and what follows after that.
When you access a system, you are the “subject” and the system which you trying to access is the “object”. This works in this fashion – one who accesses is the subject and the one who is being accessed is the object. Subjects can have varied levels of control over the system. Say, you are trying to access “Amazon.com”. When you access it, you see a front-end interface, new offers, etc. If I ask you to curate an offer for me, you would not be able to do it, as you do not have access to that particular file/folder/database/application/system. So it should be clear that all systems have some kinds of access controls implemented so that you can access the information that you “need to know”.
There is one more concept that needs to be understood and then we would combine all of them to give you one tasty treat. There are multiple access control models. One of them is the Mandatory Access Control Model. Let’s understand it through an example. Jack Ryan works for the Indian Intelligence Agency. To complete his mission, should he choose to accept it, he must have access to files that are classified as “Secret”. Moreover, his next mission is in Afghanistan. The Mandatory Access control model helps implement that Jack Ryan can access only “Secret” files and that too only of Afghanistan. How? In MAC, users are given a security clearance (secret, top secret, confidential, and so on), and data is classified in the same way. The clearance and classification data are stored in the security labels, which are bound to specific subjects and objects. When the system makes a decision about fulfilling a request to access an object, it is based on the clearance of the subject, the classification of the object, and the security policy of the system.
In most systems based upon the MAC model, a user cannot install software, change file permissions, add new users, etc. The system can be used by the user for very focused and specific purposes, and that is it. These systems are usually very specialized and are in place to protect highly classified data.
So how does this all relate to the questions we asked in the beginning? The US government has designated four approved security modes for systems that process classified information. Since these systems process classified information, the mandatory access control model will be the only one that would be implemented. Before we understand the four different security modes, it would be better to understand what “Security Mode” means.
Security modes refer to information systems security modes of operations used in mandatory access control (MAC) systems. Often, these systems contain information at various levels of security classification. The mode of operation is determined by:
- The type of users who will be directly or indirectly accessing the system.
- The type of data, including classification levels, compartments, and categories, are processed on the system.
- The type of levels of users, their need to know, and formal access approvals that the users will have.
In simple terms, you can understand it through this example. You can drive a car in 4 different modes – First Gear, Second Gear, Third Gear, or Fourth Gear. These Gears are the modes of operation in the same car. The car here is the MAC model. All the gears have different requirements and the driving experience or “accessing the information” is different in all 4 modes.
Now, we need to understand these 4 modes of operation. (It’s a game of All & Some)
1. Dedicated Security Mode:
In any mode, you need to know about 3 aspects. Hence mentioning these 3 important factors for you to remember from an exam point of view too:
- User must have a security clearance that permits access to ALL information.
- User must have Access approval or authorization to access ALL information.
- User must have a valid Need to Know for ALL information.
In one line, for dedicated mode, all users can access ALL data.
2. System High-Security Mode
- User must have a security clearance that permits access to ALL information.
- User must have Access approval or authorization to access ALL information.
- User must have a valid Need to Know for SOME information.
In one line, all users can access SOME data, based on their need to know.
3. Compartmented security mode
- User must have a security clearance that permits access to ALL information.
- User must have Access approval or authorization to access SOME information.
- User must have a valid Need to Know for SOME information.
In one line, all users can access SOME data, based on their need to know and formal access approval.
4. Multilevel Security Mode
- User must have a security clearance that permits access to SOME information.
- User must have Access approval or authorization to access SOME information.
- User must have a valid Need to Know for SOME information.
In one line, all users can access SOME data, based on their need to know, clearance, and formal access approval.
These are 4 modes of operation in the mandatory access control. What are your thoughts on this?
How does the security level get affected by the modes in which you operate?
Would love to hear your thoughts on this…
Comments ()