How do the Information Labels of Compartmented Mode Workstation differ from the Sensitivity
Levels of B3 evaluated systems?
A.
Information Labels in CMW are homologous to Sensitivity Labels, but a different term was chosen
to emphasize that CMW’s are not described in the Orange Book.
B.
Information Labels contain more information than Sensitivity Labels, thus allowing more granular
access decisions to be made.
C.
Sensitivity Labels contain more information than Information Labels because B3+ systems should
store more sensitive data than workstations.
D.
Information Labels contain more information than Sensitivity Labels, but are not used by the
Reference Monitor to determine access permissions.
Explanation:
The primary goal of the compartmented mode workstation (CMW) project was to articulate the
security requirements that workstations must meet to process highly classified intelligence data. As
a basis for the validity of the requirements developed, a prototype was implemented which
demonstrated that workstations could meet the requirements in an operationally useful manner
while still remaining binary compatible with off-the-shelf software. The security requirements not
only addressed traditional security concerns but also introduced concepts in areas such as labeling
and the use of a trusted window management system. The CMW labeling paradigm is based on
associating two types of security labels with objects: sensitivity levels and information labels.
Sensitivity levels describe the levels at which objects must be protected. Information labels are used
to prevent data over classification and also provide a mechanism for associating with data those
markings that are required for accurate data labeling, but which play no role in access control
decisions. The use of a trusted window manager allows users to easily operate at multiple sensitivity
levels and provides a convenient mechanism for communicating security information to users in a
relatively unobtrusive manner. Information labels are not used by reference monitor, permissions
are referenced in Sensibility labels.