Depending on the strength of the safety requirements, the network is divided into four security model.
TCSEC security guidelines in the computer system is divided into four categories, followed by D, B, C and A, A is the highest for a class, each class represents a judgment code protection of sensitive information, and an analog of a Class strict. In the C and B is divided into several sub-categories, we call level.
Class D: minimum protection. Such are those through the evaluation but can not reach a higher level of system security requirements.
Class C: unconditional protection. Class C unconditional protection is provided by "the need to know" (need-to-known) protection is divided into two sub-categories.
--C1: Unconditional security. Security policies are unconditional access control, identification and authorization has responsibility.
--C2: Controlled access protection. In addition to providing C1 of strategies and responsibilities, as well as access protection and audit trail features. Common network operating systems fall into this category.
Class B: the case of mandatory protection, system requirements are marked with the data generated in its structure, and requests for data flow monitoring, class B is divided into three sub-categories:
--B1: Security tag, in addition to meeting the requirements of category C, the requested data tags.
--B2: Structural safety protection, in addition to meet the B1 requirements, to implement mandatory controls.
--B3: Secure domain protection, to provide management and restore a trusted device, even if the computer crashes, it will not disclose system information.
Class A: Proven protection, safety is the highest system-level classes, such systems may be established in the form of having a model-based architecture, specifications, and information flow closed above.
A1: Proven protection.
Defines a total of four categories 7 Trusted Computer System Guidelines generally make the system NT, UNIX, etc. only to meet C2 level.