Aquellos
aspectos de la política de seguridad que conllevan la prestación de servicios
de seguridad a consecuencia de una petición por entidad solicitante de
comunicaciones. (ISO-7498-2). [Ribagorda:1997]
The C1 system class. It
consists of rather limited security features. The Orange Book describes C1
systems as an environment of "cooperating users processing data at the
same level(s) of security." Security features are primarily intended to prevent
users from making honest mistakes that could damage the system (eg. by writing
over system memory or critical software) or from interfering with other users'
work (by deleting or modifying their programs or data). The security features
are insufficient to keep a determined intruder out. The system architecture
must be capable of protecting system code from user programs. It must be tested
to ensure proper operation and that security features can't be bypassed in any
obvious way. There are also specific documentation requirements.
Two main user-visible
features required in this class are passwords and discretionary protection of
files and other objects.
[TCSEC:1985]