Revision as of 14:08, 10 September 2009 edit Sweerek (talk \| contribs) Extended confirmed users 692 edits No edit summary ← Previous edit		Revision as of 14:14, 10 September 2009 edit undo Sweerek (talk \| contribs) Extended confirmed users 692 edits No edit summary Next edit →
Line 3: The Committee on National Security Systems (CNSS) publishes the 'NATIONAL INFORMATION ASSURANCE (IA) GLOSSARY', also known as CNSS Instruction No. 4009. In this glossary, a Controlled Interface is defined as follows: "Mechanism that facilitates the adjudication of different interconnected system security policies (e.g., controlling the flow of information into or out of an interconnected system". Within the US, the Director of Central Intelligence Directive 6/3 (DCID 6/3) requirements for Protection Level 4 and 5 (PL-4 and PL-5), Integrity-High and Availability-High are required for multilevel security systems. While some controlled interfaces are very complicated, others are very simple. A simple example of a controlled interface is a one-way data transfer system that moves data from a low security network to a high security network while assuring that high security data can never escape. One-way controlled interfaces are also called data diodes.▼ ▲While some controlled interfaces are very complicated, others are very simple. A simple example of a controlled interface is a one-way data transfer system that moves data from a low security network to a high security network while assuring that high security data can never escape. One-way controlled interfaces are also called data diodes. For example, a fiber [[Network Interface Controller]] (NIC) with only one optical path is a data diode. [[Category:Computer security]]

Controlled interface: Difference between revisions