C2 Security: Some Background

Background information and criteria of security levels.

Bart Stidham

April 30, 1997

1 Min Read
ITPro Today logo in a gray background | ITPro Today

C2-level security is a designation in a computer securitysystem that the US Department of Defense has developed over the past 30 years. The National Computer Security Center(NCSC), an arm of the National Security Administration, began working on security ratings for military computer systemsin 1967. The center published its first report in 1970 and issued its final specifications in the mid-1980s.

Trusted Computer Standards Evaluation Criteria (TCSEC), or the Orange Book, lays out the requirements forsecurity at various levels according to such parameters as the ability of a system to be audited, to control access, andto authenticate users. The Orange Book applies to standalone machines and operating systems. More than 20 subsequentbooks in this Rainbow Series have interpreted the criteria for other system components. The Red Book interprets thecriteria for network components, the Lavender Book for databases.

Security categories are D (minimal protection), B (mandatory protection), C (discretionary protection), and A(verified protection). C2, or controlled access protection, is the lowest that offers viable security. For C2certification, a system must

  • Have good documentation at both the user and administration level and have documentation on security testing

  • Authenticate all users as unique individuals

  • Not allow objects to be reused or recovered once deleted

  • Let systems administrators audit all security events and the actions of individual users

  • Protect all objects and processes from all others

NCSC developed the criteria for military computer systems; systems used for many federal government projects musthave C2 certification. But today, the broader computer industry is using the Orange Book criteria.

About the Author

Bart Stidham

Bart Stidham

See more from Bart Stidham
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

the interface of the PowerShell search tool with a hand holding a magnifying glass on a background of a blue sky and clouds in the shape of gears
PowerShell
How I Built My Own PowerShell Multi-File Search Tool
How I Built My Own PowerShell Multi-File Search Tool

Oct 22, 2024

burnout gif featuring a mannequin surrounded by office technology on fire
Career Tips
Am I Burned Out? How To Identify and Address Burnout in IT
Am I Burned Out? How To Identify and Address Burnout in IT

Oct 24, 2024

MLOps
Ops and More
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?

Oct 23, 2024

Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

AI chip
Cloud Computing
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
SaaS concept on a tablet
Cloud Computing
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
DevOps logo on top of code
DevOps
DevOps: Key to Faster, More Efficient Government Software Development
DevOps: Key to Faster, More Efficient Government Software Development
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

cartoon shows a person next to a checklist and several icons that represent disaster scenarios
Disaster Recovery
BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster RecoveryBCDR Basics: A Quick Reference Guide for IT Pros
technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables