Ver:
es aquel
[modo seguro de operación] en el que todo el personal con acceso al Sistema
está autorizado para acceder al grado más elevado de clasificación de la
información manejada en el Sistema, y además posee la misma necesidad de
conocer. La separación de los datos no es un requisito del Sistema.
[CCN-STIC-001:2006]
El sistema se
emplea por personal habilitado con el mayor grado de clasificación y teniendo
en común la misma "necesidad de conocer" para toda la información
contenida en el sistema; la separación de los datos no es un requisito del
sistema. [CCN-STIC-103:2006]
Information systems security
mode of operation wherein each user, with direct or indirect access to the
system, its peripherals, remote terminals, or remote hosts, has all of the
following: 1) valid security clearance for all information within the system,
2) formal access approval and signed nondisclosure agreements for all the
information stored and/or processed (including all compartments,
subcompartments, and/or special access programs), and 3) valid need-to-know for
all information contained within the information system. When in the dedicated
security mode, a system is specifically and exclusively dedicated to and
controlled for the processing of one particular type or classification of
information, either for full-time operation or for a specified period of time.
[CNSSI_4009:2010]
(I) A mode of system
operation wherein all users having access to the system possess, for all data
handled by the system, both (a) all necessary authorizations (i.e., security
clearance and formal access approval) and (b) a need-to-know. (See: /system operation/
under "mode", formal access approval, need to know, protection level,
security clearance.) [RFC4949:2007]