compartmentalization
lahterdamine; lahterdus
olemus
Merriam-Webster:
compartmentalize, transitive verb
: to separate into isolated compartments or categories
näiteid
(1) süsteemi tükeldamine osadeks,
mille vahel on lihtsad täpselt määratletud liidesed;
vähendab turvarikke tekitatava kahju ulatust
ISO/IEC 2382:
riski vähendamist taotlev
andmete jaotamine eraldatud plokkideks,
igal neist eraldi turvameetmed;
näiteks suurema projekti andmete jaotamine plokkideks vastavalt osaprojektidele, piirates nii kogu projekti ohustatust
= division of data into isolated blocks with separate security controls for the purpose of reducing risk
Note 1. Example: The division of data relative to a major project into blocks corresponding to subprojects, each with its own security protection, in order to limit exposure of the overall project
https://en.wikipedia.org/wiki/Compartmentalization_(information_security)
https://securitycurated.com/security/network-security/trust-network-security-compartmentalization
https://www.datacenterknowledge.com/industry-perspectives/preparing-worst-compartmentalization-data-center-capacity-planning
https://www.cl.cam.ac.uk/research/security/ctsrd/pdfs/2015ccs-soaap.pdf
https://khilangudka.github.io/pubs/2013spw-compartmentalisation.pdf
(2) tundliku teabe mittehierarhiline rühmitamine
= any non-hierarchical classification of sensible information
https://www.technadu.com/what-is-compartmentalization/47466/
(3) ISACA Glossary:
protsess väga väärtuslike varade
või kõrgusaldatavate keskkondade kaitseks:
juurdepääs varale nõuab kaht või mitut
protsessi, meedet või isikut
= a process for protecting very-high value assets or in environments where trust is an issue
Access to an asset requires two or more processes, controls or individuals.
näide: kahemehereegel