When working with confidential, secret or top secret data a lot of concepts and principles come into play which are commonly originally developed for on-premise environments related to governmental or military data. While the concepts are commonly developed in an on-premise only era and have been developed for military and governmental data they can be applied in cloud environments and are also applicable for commercial enterprises.
Commercial enterprises and top secret data
A common initial reaction from people is that commercial enterprises do not hold things that can be classified as top secret. This is up till the point that they have a discussion with internal CISO representatives and talk about classification of data. Large enterprises do, in most cases, have classification for data and follow structures such as public, confidential, secret and top secret. Even though it might not be as strict enforced as would be the case with data from intelligence services or the military organisation
Governments and top secret data
As can be expected, governments and the associated branches in the military and intelligence community have strict classification rules which apply not only to the direct governmental data assets however expands to contractors and sub-contractors as well.
Which data in which system
One of the main questions when handling classified data is; which classified data can be entrusted into which system and how do we propagate data between classification levels. A good reference model is the the Bell–LaPadula model, the Bell–LaPadula model focuses on data confidentiality and controlled access to classified information.
implementations derived from the Bell–LaPadula model do enforce for example the rule that you can do a write upwards of data, however you cannot do a write down. This holds that you can write, for example, data which is classified as secret into a system for top secret data. However, you cannot write top secret data into a system which is designated for holding secret data.
In addition to the allowed write upward and disallowed write downwards principles concepts as read down and read up come into play. In general read up is never allowed. This holds…