DoD Instruction 8500.2 - Common Access Card (CAC)
DoD Instruction 8500.2 - Common Access Card (CAC)
DoD Instruction 8500.2 - Common Access Card (CAC)
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
DODI <strong>8500.2</strong>, February 6, 2003<br />
E4.1.7.1. Internal system exposure is a measure of the difference between the<br />
established security criteria for individual access and the actual accessprivileges of<br />
authorized users. The greater the difference, the higher the internal system exposure<br />
and the lower the overall robustness of the operating environment. For example, a<br />
system containing classified information that grants access to personnel without<br />
security clearances has a higher level of internal system exposure and a lower level of<br />
environmental robustness than a system that limits access to persons that are cleared<br />
for access to all information on the system.<br />
E4.1.7.2. External system exposure is a measure of the degree of isolation<br />
from other information systems, either through physical or cryptographic means. The<br />
greater the isolation, the lower the external system exposure and the higher the overall<br />
robustness of the operating environment. For example, a standalone information system<br />
or local area network has a lower level of system exposure and a higher level of<br />
environmental robustness than a system that uses the Internet for user connectivity.<br />
E4.1.7.3. The <strong>DoD</strong> baseline IA controls enforce <strong>DoD</strong> policies that limit<br />
internal and external system exposure according to confidentiality level, as summarized<br />
in Table E4.T3., below:<br />
51 ENCLOSURE 4