C2-level security is a designation in a computer security system that the US Department of Defense has developed over the past 30 years. The National Computer Security Center (NCSC), an arm of the National Security Administration, began working on security ratings for military computer systems in 1967. The center published its first report in 1970 and issued its final specifications in the mid-1980s.
Trusted Computer Standards Evaluation Criteria (TCSEC), or the Orange Book, lays out the requirements for security at various levels according to such parameters as the ability of a system to be audited, to control access, and to authenticate users. The Orange Book applies to standalone machines and operating systems. More than 20 subsequent books in this Rainbow Series have interpreted the criteria for other system components. The Red Book interprets the criteria for network components, the Lavender Book for databases.
Security categories are D (minimal protection), B (mandatory protection), C (discretionary protection), and A (verified protection). C2, or controlled access protection, is the lowest that offers viable security. For C2 certification, a system must
- Have good documentation at both the user and administration level and have documentation on security testing
- Authenticate all users as unique individuals
- Not allow objects to be reused or recovered once deleted
- Let systems administrators audit all security events and the actions of individual users
- Protect all objects and processes from all others
NCSC developed the criteria for military computer systems; systems used for many federal government projects must have C2 certification. But today, the broader computer industry is using the Orange Book criteria.