Need To Know (Nicki Bluhm Album)
   HOME

TheInfoList



Click Here for Items Related To - Need To Know (Nicki Bluhm Album)
OR:
Need To Know (Nicki Bluhm Album) on:   [Wikipedia]   [Google]   [Amazon]

The term "need to know", when used by
government A government is the system or group of people governing an organized community, generally a state. In the case of its broad associative definition, government normally consists of legislature, executive, and judiciary. Government is a ...
and other organizations (particularly those related to the
military A military, also known collectively as armed forces, is a heavily armed, highly organized force primarily intended for warfare. It is typically authorized and maintained by a sovereign state, with its members identifiable by their distinct ...
or
espionage Espionage, spying, or intelligence gathering is the act of obtaining secret or confidential information (intelligence) from non-disclosed sources or divulging of the same without the permission of the holder of the information for a tangibl ...
), describes the restriction of data which is considered very sensitive. Under need-to-know restrictions, even if one has all the necessary official approvals (such as a
security clearance A security clearance is a status granted to individuals allowing them access to classified information (state or organizational secrets) or to restricted areas, after completion of a thorough background check. The term "security clearance" is ...
) to access certain information, one would not be given access to such information, or read into a
clandestine operation A clandestine operation is an intelligence or military operation carried out in such a way that the operation goes unnoticed by the general population or specific enemy forces. Until the 1970s, clandestine operations were primarily political in ...
, unless one has a specific ''need to know''; that is, access to the information must be necessary for one to conduct one's official duties. This term also includes anyone that the people with the knowledge deemed necessary to share it with. As with most security mechanisms, the aim is to make it difficult for unauthorized access to occur, without inconveniencing legitimate access. Need-to-know also aims to discourage "
browsing Browsing is a kind of orienting strategy. It is supposed to identify something of relevance for the browsing organism. When used about human beings it is a metaphor taken from the animal kingdom. It is used, for example, about people browsing o ...
" of sensitive material by limiting access to the smallest possible number of people.


Examples

The
Battle of Normandy Operation Overlord was the codename for the Battle of Normandy, the Allied operation that launched the successful invasion of German-occupied Western Europe during World War II. The operation was launched on 6 June 1944 (D-Day) with the Norma ...
in 1944 is an example of a need-to-know restriction. Though thousands of military personnel were involved in planning the invasion, only a small number of them knew the entire scope of the operation; the rest were only informed of data needed to complete a small part of the plan. The same is true of the Trinity project, the first test of a nuclear weapon in 1945.


Problems and criticism

Like other security measures, need to know can be misused by persons who wish to refuse others access to information they hold in an attempt to increase their personal power, prevent unwelcome review of their work, prevent embarrassment resulting from actions or thoughts. Need to know can also be invoked to hide extra-legal activities. This may be considered a necessary use, or a detrimental abuse of such a policy when considered from different perspectives. Need to know can be detrimental to workers' efficiency. Even when done in good faith, one might not be fully aware of who actually needs to know the information, resulting in inefficiencies as some people may be inevitably withheld information that they require to perform their duty. The speed of computations with IBM
mechanical calculators Mechanical may refer to: Machine * Machine (mechanical), a system of mechanisms that shape the actuator input to achieve a specific application of output forces and movement * Mechanical calculator, a device used to perform the basic operations of ...
at Los Alamos dramatically increased after the calculators' operators were told what the numbers meant:


In computer technology

The
discretionary access control In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria (TCSEC) as a means of restricting access to objects based on the identity of subjects and/or groups to w ...
mechanisms of some
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...
s can be used to enforce need to know. In this case, the owner of a file determines whether another person should have access. Need to know is often concurrently applied with
mandatory access control In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system or database constrains the ability of a ''subject'' or ''initiator'' to access or generally perform some sort of operation on a ...
schemes, in which the lack of an official approval (such as a clearance) may absolutely prohibit a person from accessing the information. This is because need to know can be a subjective assessment. Mandatory access control schemes can also audit accesses, in order to determine if need to know has been violated. The term is also used in the concept of
graphical user interface The GUI ( "UI" by itself is still usually pronounced . or ), graphical user interface, is a form of user interface that allows users to interact with electronic devices through graphical icons and audio indicator such as primary notation, inste ...
design where computers are controlling complex equipment such as airplanes. In this usage, when many different pieces of data are dynamically competing for finite
user interface In the industrial design field of human–computer interaction, a user interface (UI) is the space where interactions between humans and machines occur. The goal of this interaction is to allow effective operation and control of the machine f ...
space, safety-related messages are given priority.


See also

*
Compartmentalization (information security) Compartmentalization or compartmentalisation may refer to: * Compartmentalization (biology) * Compartmentalization (engineering) * Compartmentalization (fire protection) * Compartmentalization (information security) * Compartmentalization (psychol ...
*
Freedom of information laws by country Freedom of information laws allow access by the general public to data held by national governments and, where applicable, by state and local governments. The emergence of freedom of information legislation was a response to increasing dissatisfa ...
*
Mushroom management Mushroom management is the management of a company where the communication channels between the employers and the employees do not work effectively, and where employees are 'kept in the dark' by management in regards to business decisions that ...
*
Principle of least privilege In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege (PoMP) or the principle of least authority (PoLA), requires that in a particular abstraction la ...
*
Security through obscurity Security through obscurity (or security by obscurity) is the reliance in security engineering on design or implementation secrecy as the main method of providing security to a system or component. History An early opponent of security through ob ...


References

{{DEFAULTSORT:Need To Know Computer security procedures Classified information