Multi-Tiered Approach to System Security

Abstract

When a system is designed to process several levels of classified information, a multi-tiered approach to system security is needed. The total security system should be divided into eight areas which cover: Separation of Authority Personnel Security Physical Security Emanation Security Terminal Security Operating System Security File Security Audit Trail The purpose of the security system is to ensure that adequate safeguards are infused to protect information through the system's hardware and software design, and by other appropriate administrative, physical and personnel security controls. Because of the sensitive nature of the data being processed, these procedures must be judiciously implemented, carefully managed, regularly reviewed and continuously monitored.