CISSP: Bell-LaPadula Practical "Classifications"
Unsolved
Security
-
I understand Bell-LaPadula. You cannot read up and you cannot write-down in order to not expose data. I understand Top Secret, etc, classifications...however, I don't understand how you would technically apply this. Generally, controlling data access is with Windows ACLs, but you don't classify groups as Top-Secret, etc.
Can someone explain a technical application to classifying data, ie) a real world system example? -
The first answer in this link seems to answer your question.
Basically: Not only could you classify things by grade (Confidential, Secret, Top Secret), you can sub-compartmentalize data (Real World: TS-SCI, Gamma, UMBRA, etc). Just because you have a TS clearance doesn't mean you should be able to see all TS level data.