Onehub is a cloud-based collaboration tool and virtual data room that helps users securely store and share their business files.
What Is the Main Principle of Onehub Working?
Protections of personal files with Onehub must contain independent hardware and/or software components that ensure the functionality of the protection functions. This means that all protections that provide security policy, security attribute and label management, identification and authentication, registration, and accounting must be under the control of the means to verify that they are functioning correctly. The basic principle of correctness control is that controls must be completely independent of the protections.
The data used for identification and authentication must be protected from unauthorized access, modification, and destruction and associated with all active components of the computer system, the functioning of which is critical from a security point of view.
To determine the degree of responsibility of users for actions in Onehub, all events that occur in it that are significant from a security point of view should be monitored and recorded in a secure protocol. The registration system should analyze the overall flow of events and select from it only those events that have an impact on safety in order to reduce the volume of the protocol and increase the efficiency of its analysis. The event protocol must be reliably protected from unauthorized access, modification, and destruction.
All means of Onehub protection (including those that implement this requirement) must be protected from unauthorized interference and/or shutdown, and this protection must be constant and continuous in any mode of operation of the protection system and the computer system as a whole. This requirement applies to the entire life cycle of a computer system. In addition, its implementation is one of the key aspects of the formal proof of the security of the system.
Data Room Systems Security with Onehub
The given basic security requirements with Onehub serve as the basis for the criteria that form a single scale for assessing the security of computer systems, which defines seven security classes:
- Minimal protection. This class includes all systems that do not meet the requirements of other classes.
- Discretionary protection. The group is characterized by arbitrary control of access and registration of actions of subjects.
- Systems of this class satisfy the requirements of ensuring the separation of users and information and include means of control and access control, allowing you to set restrictions for individual users, which enables them to protect their private information from other users.
- Designed for multi-user systems in which joint processing of data of the same security level is carried out.
- Access control. Systems of this class carry out more selective access control than systems of Onehub by using means of individual control over user actions, registration, event accounting, and resource allocation.
- Mandatory protection. The main requirements of this group are regulatory access control using security labels, support for the security model and policy, and the availability of specifications for TSv functions. For systems in this group, the interaction monitor must monitor all events in the system.
- Protection using security labels. Onehub systems must meet all requirements for data room systems, and in addition must support an informal security model, data labeling, and regulatory access control. When exported from the system, the information must be marked. Deficiencies discovered during testing should be eliminated.
- Structured protection. Must support a formally defined and well-documented security model that provides for arbitrary and normative access control, which applies systems to all entities.