Ver:
es aquel
[modo de operación] en el que un Sistema maneja información con diferentes
grados de clasificación. Permite el acceso selectivo y simultáneo a dicha
información al personal autorizado con diferentes grados de clasificación y
distintas necesidades de conocer. El Sistema realiza de manera fiable la
completa separación de los datos y el control del acceso selectivo.
[CCN-STIC-001:2006]
El sistema
maneja información con diferentes grados de clasificación. Permite el acceso
selectivo y simultáneo a dicha información al personal habilitado con
diferentes grados de clasificación y "necesidad de conocer". El
sistema realiza de manera fiable la completa separación de los datos y el
control de acceso selectivo. [CCN-STIC-103:2006]
Mode of operation wherein
all the following statements are satisfied concerning the users who have direct
or indirect access to the system, its peripherals, remote terminals, or remote
hosts: 1) some users do not have a valid security clearance for all the
information processed in the information system; 2) all users have the proper
security clearance and appropriate formal access approval for that information
to which they have access; and 3) all users have a valid need-to-know only for
information to which they have access. [CNSSI_4009:2010]
1. (N) A mode of system
operation wherein (a) two or more security levels of information are allowed to
be to be handled concurrently within the same system when some users having
access to the system have neither a security clearance nor need-to-know for
some of the data handled by the system and (b) separation of the users and the
classified material on the basis, respectively, of clearance and classification
level are dependent on operating system control. (See: /system operation/ under
"mode", need to know, protection level, security clearance. Compare:
controlled mode.)
Usage: Usually abbreviated
as "multilevel mode". This term was defined in U.S. Government policy
regarding system accreditation, but the term is also used outside the
Government.
2. (O) A mode of system
operation in which all three of the following statements are true: (a) Some
authorized users do not have a security clearance for all the information
handled in the system. (b) All authorized users have the proper security
clearance and appropriate specific access approval for the information to which
they have access. (c) All authorized users have a need-to-know only for
information to which they have access. [C4009] (See: formal access approval,
protection level.)
[RFC4949:2007]