CISSP考试指南笔记：3.4 系统安全架构

Security Policy

A security policy is a strategic tool that dictates how sensitive information and resources are to be managed and protected.The security policy is a foundation for the specifications of a system and provides the baseline for evaluating a system after it is built.

Security Architecture Requirements

Trusted Computing Base

The trusted computing base (TCB) is a collection of all the hardware, software, and firmware components within a system that provides some type of security and enforces the system’s security policy.

If the TCB is enabled, then the system has a trusted path, a trusted shell, and system integrity–checking capabilities. A trusted path is a communication channel between the user, or program, and the TCB. The TCB provides protection resources to ensure this channel cannot be compromised in any way. A trusted shell means that someone who is working in that shell (command interpreter) cannot “bust out of it” and other processes cannot “bust into it.”

剩余内容请看本人公众号debugeeker, 链接为CISSP考试指南笔记：3.4 系统安全架构