Page 644 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 644

sometimes explained in terms of upper and lower layers, where
               security and privilege decrease when climbing up from lower to upper

               layers). In discussions of OS architectures, the protected ring concept
               is common, and it is not exclusive. There are other ways of
               representing the same basic ideas with levels rather than rings. In such
               a system, the highest level is the most privileged, while the lowest level
               is the least privileged.



                  Levels Compared to Rings



                  Many of the features and restrictions of the protecting ring concept
                  apply also to a multilayer or multilevel system. Think about a high-
                  rise apartment building. The low-rent apartments are often found
                  in the lower floors. As you reach the middle floors, the apartments
                  are often larger and offer better views. Finally, the top floor (or
                  floors) is the most lavish and expensive (often deemed the

                  penthouse). Usually, if you are living in a low-rent apartment in
                  the building, you are unable to ride the elevators any higher than
                  the highest floor of the low-rent apartments. If you are a middle-
                  floor apartment resident, you can ride the elevators everywhere
                  except to the penthouse floor(s). And if you are a penthouse
                  resident, you can ride the elevators anywhere you want to go. You

                  may also find this floor restriction system in office buildings and
                  hotels. You may also have an elevator that operates directly
                  between the lowest level and the penthouse level, thus bypassing
                  all lower levels. However, if the direct elevator is breached, the
                  other layers of protection are of no value.

                  The top of a layered or multilevel system is the same as the center
                  ring of a protection ring scheme. Likewise, the bottom of a layered

                  or multilevel system is the same as the outer ring of a protection
                  ring scheme. In terms of protection and access concepts, levels,
                  layers, and rings are similar. The term domain (that is, a
                  collection of objects with a singular characteristic) might also be
                  used.



               Communication between layers takes place only through the use of
   639   640   641   642   643   644   645   646   647   648   649