NYCU CSIT Mirror Site

Welcome to NYCU CSIT Mirror site

Orange Book Parts I and II: THE CRITERIA and RATIONALE AND GUIDELINES: A GUIDELINE ON CONFIGURING MANDATORY ACCESS CONTROL FEATURES Previous Next Table of Contents

9. A GUIDELINE ON CONFIGURING MANDATORY ACCESS CONTROL FEATURES

The Mandatory Access Control requirement includes a capability to support an unspecified number of hierarchical classifications and an unspecified number of non-hierarchical categories at each hierarchical level. To encourage consistency and portability in the design and development of the National Security Establishment trusted computer systems, it is desirable for all such systems to be able to support a minimum number of levels and categories. The following suggestions are provided for this purpose:

The number of hierarchical classifications should be greater than or equal to sixteen (16).
The number of non-hierarchical categories should be greater than or equal to sixty-four (64).

Previous Next Table of Contents