Tuesday, June 3, 2014

Security Model CISSP The Biba

Biba Model is the oppose to Bell-LaPadula model. the Biba Model focuses in integrity, this is very important for the commercial companies, they are very interested to keep the integrity of the data.

For example an accounting firm need to be sure that the company send a check for $1000.00 and not for $100000, oh man I would like to receive that money, LOL It is a big different. Now this is the idea for the Biba model.

Again, this info I got it from Shon Harris book, this is a good book for CISPP (if you really wants to know the details).

This is the cream for the Biba model:

  • *-integrity axiom: A subject "cannot write up"

  • Simple integrity axiom: A subject cannot "read down"

  • Invocation property: A subject cannot request service (invoke) of higher integrity.

Lets say another example: What happen if I would begin to write anything I think about Biba model, would be the information corrected, who knows, but in this case I am taking details from Shon Harris book then the integrity of the information is right, remember that.

No comments:

Post a Comment