Need to know
Government organizations, especially those related to defence and intelligence, often deal with information which is considered very sensitive.
Need to know is one principle which can be used to attempt to secure such information.
The principle is such that, even if someone has all the necessary official approvals (such as a security
clearance) to access certain information they should not be given access to such information unless they have a
need to know: that is, unless access to the specific information necessary for the conduct of one's official duties. In essence, the principle aims to discourage "browsing" of sensitive material, thereby limiting access to the smallest possible number of people.
The
discretionary access control mechanisms of some operating systems can be used to enforce need to know. In this case, the owner of a file determines whether another person should have access. Need to know is often concurrently applied with
mandatory access control schemes, in which the lack of an official approval (such as a
clearance) may absolutely prohibit a person from accessing the information. This is because need to know can be a subjective assessment.
It has been alleged that
need to know (like other security measures) can be misused by some personnel who wish to refuse others access to information they hold, in an attempt to increase their personal power, or to prevent unwelcome review of their work.
As with most security mechanisms, the aim is to make it difficult for unauthorised access to occur, without inconveniencing legitimate access. In some situations, such as intelligence analysis or research, the need to know principle can be problematic, because it is difficult to determine that a person has a need to know until the information has been accessed and assessed.
*
Principle of least privilege*
Security by obscurity
