Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
B3 security is a security rating used to evaluate the security of computer applications and products to be used within government and military organizations and institutes. It is among the classifications/ratings produced by the U.S. National Computer Security Center (NCSC) as part of the Trusted Computer System Evaluation Criteria (TESC), or the orange book.
B3 security primarily requires that the reference monitor condition is fulfilled, access to objects is secure and all the processes are small enough that they can be easily analyzed and tested. B3 security covers the area of security domains, where the system has high-end engineered design, strict security architecture and ongoing monitoring.
To achieve this, B3 security relies on comprehensive security design and engineering to reduce the complexity of the system and remove code that isn’t essential to security policy and its implementation. Moreover, the system must maintain security event logs, backup and recovery procedures and be highly resistant to penetration attack from intruders.