fbpx
Wikipedia

Compartmentalization (information security)

February 23, 2024

Compartmentalization, in information security, whether public or private, is the limiting of access to information to persons or other entities on a need-to-know basis to perform certain tasks.

It originated in the handling of classified information in military and intelligence applications. It dates back to antiquity, and was successfully used to keep the secret of Greek fire.[1]

The basis for compartmentalization is the idea that, if fewer people know the details of a mission or task, the risk or likelihood that such information will be compromised or fall into the hands of the opposition is decreased. Hence, varying levels of clearance within organizations exist. Yet, even if someone has the highest clearance, certain "compartmentalized" information, identified by codewords referring to particular types of secret information, may still be restricted to certain operators, even with a lower overall security clearance. Information marked this way is said to be codeword–classified. One famous example of this was the Ultra secret, where documents were marked "Top Secret Ultra": "Top Secret" marked its security level, and the "Ultra" keyword further restricted its readership to only those cleared to read "Ultra" documents.[2]

Compartmentalization is now also used in commercial security engineering as a technique to protect information such as medical records.

Example edit

An example of compartmentalization was the Manhattan Project. Personnel at Oak Ridge constructed and operated centrifuges to isolate uranium-235 from naturally occurring uranium, but most did not know exactly what they were doing. Those that knew did not know why they were doing it. Parts of the weapon were separately designed by teams who did not know how the parts interacted.

See also edit

References edit

  1. ^ Roland 1992, pp. 663–664.
  2. ^ Ross Anderson. "Security Engineering: A Guide to Building Dependable Distributed Systems, First Edition, Chapter 8.2: Compartmentation, the Chinese Wall, and the BMA Model" (PDF). p. 161.
  • Roland, Alex (1992), "Secrecy, Technology, and War: Greek Fire and the Defense of Byzantium, Technology and Culture", Technology and Culture, 33 (4): 655–679, doi:10.2307/3106585, JSTOR 3106585

February 23, 2024
compartmentalization, information, security, compartmentalization, information, security, whether, public, private, limiting, access, information, persons, other, entities, need, know, basis, perform, certain, tasks, originated, handling, classified, informati. Compartmentalization in information security whether public or private is the limiting of access to information to persons or other entities on a need to know basis to perform certain tasks It originated in the handling of classified information in military and intelligence applications It dates back to antiquity and was successfully used to keep the secret of Greek fire 1 The basis for compartmentalization is the idea that if fewer people know the details of a mission or task the risk or likelihood that such information will be compromised or fall into the hands of the opposition is decreased Hence varying levels of clearance within organizations exist Yet even if someone has the highest clearance certain compartmentalized information identified by codewords referring to particular types of secret information may still be restricted to certain operators even with a lower overall security clearance Information marked this way is said to be codeword classified One famous example of this was the Ultra secret where documents were marked Top Secret Ultra Top Secret marked its security level and the Ultra keyword further restricted its readership to only those cleared to read Ultra documents 2 Compartmentalization is now also used in commercial security engineering as a technique to protect information such as medical records Example editAn example of compartmentalization was the Manhattan Project Personnel at Oak Ridge constructed and operated centrifuges to isolate uranium 235 from naturally occurring uranium but most did not know exactly what they were doing Those that knew did not know why they were doing it Parts of the weapon were separately designed by teams who did not know how the parts interacted See also editInformation sensitivity Principle of least privilege Read into Sensitive compartmented informationReferences edit Roland 1992 pp 663 664 Ross Anderson Security Engineering A Guide to Building Dependable Distributed Systems First Edition Chapter 8 2 Compartmentation the Chinese Wall and the BMA Model PDF p 161 Roland Alex 1992 Secrecy Technology and War Greek Fire and the Defense of Byzantium Technology and Culture Technology and Culture 33 4 655 679 doi 10 2307 3106585 JSTOR 3106585 Retrieved from https en wikipedia org w index php title Compartmentalization information security amp oldid 1065963817, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.