 | Orange Book |  |
- C1
- separation of users and data
- indentification and authentication
- integrity base
- tested controls
- C2
- finer grained access control
- login procedures
- auditing of security events
- B1
- security policy model
- labelling (e.g. TOP SECRET)
- mandatory access control
| Slide 4 | ©Copyright 1997 | Jan Newmarch |