Related Research Articles
Classified information is material that a government body deems to be sensitive information that must be protected. Access is restricted by law or regulation to particular groups of people with the necessary security clearance and need to know, and mishandling of the material can incur criminal penalties.
A security clearance is a status granted to individuals allowing them access to classified information or to restricted areas, after completion of a thorough background check. The term "security clearance" is also sometimes used in private organizations that have a formal process to vet employees for access to sensitive information. A clearance by itself is normally not sufficient to gain access; the organization must also determine that the cleared individual needs to know specific information. No individual is supposed to be granted automatic access to classified information solely because of rank, position, or a security clearance.
The Bell–LaPadula Model (BLP) is a state machine model used for enforcing access control in government and military applications. It was developed by David Elliott Bell and Leonard J. LaPadula, subsequent to strong guidance from Roger R. Schell, to formalize the U.S. Department of Defense (DoD) multilevel security (MLS) policy. The model is a formal state transition model of computer security policy that describes a set of access control rules which use security labels on objects and clearances for subjects. Security labels range from the most sensitive, down to the least sensitive.
Sensitive compartmented information (SCI) is a type of United States classified information concerning or derived from sensitive intelligence sources, methods, or analytical processes. All SCI must be handled within formal access control systems established by the Director of National Intelligence.
Eyes only is jargon used with regard to classified information. Whereas a classified document is normally intended to be available to anyone with the appropriate security clearance, an "eyes only" designation, whether official or informal, indicates that the document is intended only for a specific set of readers. As such the document should not be read by other individuals even if they otherwise possess the appropriate clearance. Another meaning is that the document is under no circumstances to be copied or photographed, "eyes only" meaning that it is to be physically read by cleared personnel and nothing more, to ensure that no unauthorized copies of the text are made which might be unaccounted for.
Sanitization is the process of removing sensitive information from a document or other message, so that the document may be distributed to a broader audience. When the intent is secrecy protection, such as in dealing with classified information, sanitization attempts to reduce the document's classification level, possibly yielding an unclassified document. When the intent is privacy protection, it is often called data anonymization. Originally, the term sanitization was applied to printed documents; it has since been extended to apply to computer media and the problem of data remanence as well.
Critical Nuclear Weapon Design Information is a U.S. Department of Defense (DoD) category of Top Secret Restricted Data or Secret Restricted Data that reveals the theory of operation or design of the components of a thermonuclear or fission bomb, warhead, demolition munition, or test device. Specifically excluded is information concerning arming, fuzing, and firing systems; limited life components; and total contained quantities of fissionable, fusionable, and high explosive materials by type. Among these excluded items are the components that DoD personnel set, maintain, operate, test or replace. The sensitivity of DoD CNWDI is such that access is granted to the absolute minimum number of employees who require it for the accomplishment of assigned responsibilities on a classified contract. Because of the importance of such information, special requirements have been established for its control.
The United States government classification system is established under Executive Order 13526, the latest in a long series of executive orders on the topic. Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. 2001. It lays out the system of classification, declassification, and handling of national security information generated by the U.S. government and its employees and contractors, as well as information received from other governments.
Special access programs (SAPs) in the U.S. Federal Government are security protocols that provide highly classified information with safeguards and access restrictions that exceed those for regular (collateral) classified information. SAPs can range from black projects to routine but especially-sensitive operations, such as COMSEC maintenance or presidential transportation support. In addition to collateral controls, a SAP may impose more stringent investigative or adjudicative requirements, specialized nondisclosure agreements, special terminology or markings, exclusion from standard contract investigations (carve-outs), and centralized billet systems. Within the Department of Defense, SAP is better known as "SAR" by the mandatory Special Access Required (SAR) markings.
Q clearance or Q access authorization is the United States Department of Energy (DOE) security clearance required to access Top Secret Restricted Data, Formerly Restricted Data, and National Security Information, as well as Secret Restricted Data. Restricted Data (RD) is defined in the Atomic Energy Act of 1954 and covers nuclear weapons and related materials. The lower-level L clearance is sufficient for access to Secret Formerly Restricted Data (FRD) and National Security Information, as well as Confidential Restricted Data, Formerly Restricted Data, and National Security Information. Access to Restricted Data is only granted on a need-to-know basis to personnel with appropriate clearances.
Classified information in the United Kingdom is a system used to protect information from intentional or inadvertent release to unauthorised readers. The system is organised by the Cabinet Office and is implemented throughout central and local government and critical national infrastructure. The system is also used by private sector bodies that provide services to the public sector.
Information sensitivity is the control of access to information or knowledge that might result in loss of an advantage or level of security if disclosed to others.
The United States Intelligence Community A-Space, or Analytic Space, is a project started in 2007 from the Office of the Director of National Intelligence's (ODNI) Office of Analytic Transformation and Technology to develop a common collaborative workspace for all analysts from the USIC. It is accessible from common workstations and provides unprecedented access to interagency databases, a capability to search classified and unclassified sources simultaneously, web-based messaging, and collaboration tools. The Defense Intelligence Agency (DIA) is the executive agent for building the first phase of A-Space. Initial operational capability was scheduled for December 2007. A-Space went live on the government's classified Joint Worldwide Intelligence Communications System 22 September 2008. A-Space is built on Jive Software's Clearspace application.
The process of being read into a compartmented program generally entails being approved for access to particularly sensitive and restricted information about a classified program, receiving a briefing about the program, and formally acknowledging the briefing, usually by signing a non-disclosure agreement describing restrictions on the handling and use of information concerning the program. Officials with the required security clearance and a need to know may be read into a covert operation or clandestine operation they will be working on. For codeword–classified programs, an official would not be aware a program existed with that codeword until being read in, because the codewords themselves are classified.
A variety of networks operating in special security domains handle classified information in the United States or sensitive but unclassified information, while other specialized networks are reserved specifically for unclassified use by the same agencies. Some sites accessed from these networks have been referred to as "classified websites" in official communications, such as the American embassy "Amman's Classified Web Site at http://www.state.sgov.gov/pinea/amman/" and "Mexico City's Classified Web Site at http://www.state.sgov.gov/p/wha/mexicocity" Some of these trace back to the Defense Data Network which split from the Internet in 1983.
A BIGOT list is a list of personnel possessing appropriate security clearance and who are cleared to know details of a particular operation, or other sensitive information.
Bullrun is a clandestine, highly classified program to crack encryption of online communications and data, which is run by the United States National Security Agency (NSA). The British Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. According to the BULLRUN classification guide published by The Guardian, the program uses multiple methods including computer network exploitation, interdiction, industry relationships, collaboration with other intelligence community entities, and advanced mathematical techniques.
The Government Security Classifications Policy (GSCP) is a system for classifying sensitive government data in the United Kingdom.
Eastman Kodak v Harold Worden is a case of industrial espionage involving the sale of information by Harold Worden, a former Kodak manager, to Kodak's competitors in 1995. Worden was caught selling details on the 401 process, a process designed to increase the speed and quality of film during development, during a sting operation conducted by Kodak after two of their competitors, Konica and Agfa-Gevaert, told Kodak that he had approached them selling trade secrets. After the sting operation, Worden was sentenced to 15 months in prison and a fine of $30,000 for interstate transportation of stolen property.
References
- ↑ Roland 1992, pp. 663–664.
- ↑ Ross Anderson. "Security Engineering: A Guide to Building Dependable Distributed Systems, First Edition, Chapter 8.2: Compartmentation, the Chinese Wall, and the BMA Model" (PDF). p. 161.
- Roland, Alex (1992), "Secrecy, Technology, and War: Greek Fire and the Defense of Byzantium, Technology and Culture", Technology and Culture, 33 (4): 655–679, doi:10.2307/3106585, JSTOR 3106585