Mode of operation wherein each user with direct or indirect access to a system, its peripherals, remote terminals, or remote hosts has all of the following:
(1) Valid security clearance for the most restricted information processed in the system.
(2) Formal access approval and signed nondisclosure agreements for that information which a user is to have access.
(3) Valid need-to-know for information which a user is to have access.
Mode of operation wherein each user with direct or indirect access to a system, its peripherals, remote terminals, or remote hosts has all of the following:
(1) Valid security clearance for the most restricted information processed in the system.
(2) Formal access approval and signed nondisclosure agreements for that information which a user is to have access.
(3) Valid need-to-know for information which a user is to have access.