accreditation - approval granted to a computer system to perform a critical, defense-related application. The accreditation is usually granted by a senior military commander.
assurance - a set of processes, tests, and analyses performed on a computing system to ensure that it fulfills its most critical operating and security requirements.
Bell-LaPadula model - a security model that reflects the information flow restrictions inherent in the access restrictions applied to classified information.
certification - the process of analyzing a system being deployed in a particular site to verify that it meets its operational and security requirements.
covert channel - in general, an unplanned communications channel within a computer system that allows violations to its security policy. In an MLS system, this is an information flow that violates MLS restrictions.
cross domain security/solution/system (CDS) - in general, a term applied to multilevel security problems in a networking environment.
evaluation - the process of analyzing the security functions and assurance evidence of a product by an independent organization to verify that the functions operate as required and that sufficient assurance evidence has been provided to have confidence in those functions.
labeled network - a computer network on which all messages or data packets carry labels to indicate the classification level of the information being carried.
multilevel security (MLS) - an operating mode in which the users who share a computing system and/or network do not all hold clearances to view all information on the system.
multiple independent levels of security (MILS) - a networking and desktop computing environment which assigns dedicated, system-high resources for processing classified information at different security levels. Users in a MILS environment may have two or more desktop computers, each dedicated to work at a particular security level.
reference monitor - the component of an operating system that mediates all access attempts by subjects (processes) on the system and objects (files and other system resources).
security model - an unambiguous, often formal, statement of the system's rules for achieving its security objectives, such as protecting the confidentiality of classified information from access by uncleared or insufficiently cleared users.
system high - an operating mode in which the users who share a computing system and/or network all hold clearances that could allow them to view any information on the system.
trusted computing base - the specific hardware and software components upon which a computing system relies when enforcing its security policy.