COMPUSEC
From Wikipedia, the free encyclopedia
 |
This article may require cleanup to meet Wikipedia's quality standards. Please discuss this issue on the talk page or replace this tag with a more specific message. This article has been tagged since December 2006. |
COMPUSEC is an acronym for COMPUter SECurity that somewhat more narrowly pertains to the application of computer technology to enforce an Information Security (INFOSEC) policy on a computer operating environment. Before computers we relied largely on physical means to enforce security rules on our work environment. COMPUSEC can be viewed as a computer simulation the enforcement of security rules on the processing environment. COMPUSEC is one of the components of INFOSEC. The other sister components are Communication Security (COMSEC), Transmission Security, (TRANSEC) and Operations Security (OPSEC.) COMPUSEC is most often implemented as an operating system kernel technology that can guarantee that certain security policies are absolutely enforced on an operating environment. An example of such a security policy is the Bell-LaPadula model. The strategy is based on a coupling of special microprocessor hardware features, often involving the Memory Management Unit, to a special correctly implemented operating system kernel. This forms the foundation for a secure operating system that if designed and implemented correctly can ensure that it is physically impossible for applications to violate the security policy, no matter how corrupt or intelligent the applications. The assurance of security depends not only on the soundness of the design strategy, but also on the assurance of correctness of the implementation, and therefore there are degrees of assurance defined for COMPUSEC. The Common Criteria standardizes design strategies (as Protection Profiles) and assurance levels (as EAL).
 |
This computer-related article is a stub. You can help Wikipedia by expanding it. |
