Security Modes
“Security Modes” is a shorthand for Security Operating Modes or Security Modes of Operations. DoD Directive 5200.28 on Security Requirements for Automated Information Systems (AISs), published on March 21, 1988, defines Security Mode as follows:
E2.1.41. Security Mode. A mode of operation in which the DAA accredits an AIS to operate. Inherent with each of the four security modes (dedicated, system high, multilevel, and partitioned) are restrictions on the user clearance levels, formal access requirements, need-to-know requirements, and the range of sensitive information permitted on the AIS.
Wikipedia concludes them as follows:
- System High: All users can access SOME data, based on their need to know.
- Compartmented: All users can access SOME data, based on their need to know and formal access approval.
- Multilevel: All users can access SOME data, based on their need to know, clearance and formal access approval.
However, the “Rainbow Series” is obsolete. Moreover, the term, system high mode, is labeled as Candidates for Deletion (C.F.D.) in CNSSI 4009-2015. A term labeled “C.F.D.” may be obsolete.
System High Security Mode
Security Operating Modes or Security Modes of Operations can be found in the Yellow book (CSC-STD-004-85), published on June 25, 1985. It says “System High Security Mode” provides “need-to-know protection,” which is equivalent to “discretionary (need-to-know) protection” as defined in the Orange book (DoD 5200.28-STD), published on December 26, l985. Discretionary (need-to-know) protection is well-known as Discretionary Access Control (DAC). This post, Security Modes in CISSP D3, highlights the difference.
A Security Mode Question about the System High Mode
The following question is posted by Pham Trung Duc:
System High can be related to DAC, an identity-based authorization model at the discretion of owners. From a technical perspective, it can be more granular than Multilevel security, which relies on labels to isolate users and apply access control. However, a system that supports multilevel security (e.g., Division B in the orange book) typically supports DAC (Division C).
Moreover, Wikipedia concludes “Multilevel: All users can access SOME data, based on their need to know, clearance and formal access approval.” It states that Multilevel systems also consider multiple factors, e.g., need to know, clearance, and formal access approval. Multilevel is not limited to “allow a wide number of users with varying clearances (multilevel).” as explained by the question author.
I personally will suggest option D. Multilevel as the answer.