Focus: Maintain confidentiality of objects.
Mean: Not allowing users at a lower security levels to access objects in a different level or superior level.
- Simple Security Property: no read up
- Security Property: no write down
- Strong Tranquility Property: security level will not change while the system is operating.
- Weak Tranquility Property: security labels will not change in a away that conflicts with define security properties
Lattice-based access controls
For every relationship between subjects and objects they set defined upper and lower access limit inside the system.
This depend of the need of the subjects, the label of the object and the role the subject has been assigned
The militaries focus in confidentiality for that reason Bell-LaPadula works fine, for business integrity is VERY important, Biba address this.
- Simple Integrity Axiom: no read down. This protects integrity by preventing bad information from moving up from lower integrity levels
- * Integrity Axiom: no write up: This protect integrity by preventing bad information from moving up to higher levels.
This is a real world integrity model that protects integrity by requiring subjects to access objects via programs.
Clark-Wilson use two primary concepts:
- Well formed transaction
- Separation of duties
Also use the Access Tripe rule
Chinese Wall Model (Brewer-Nash)
This is designed to avoid conflicts of interest:
Do you want to learn more about security and how to test your network security, please go to: http://www.learn-security.net