Additional Access Control Models Flashcards
1
Q
Bell-LaPadula Confidentiality Model
A
“no read up, no write down”
2
Q
- Biba Integrity Model
A
“no write up, no read down”
3
Q
Clark-Wilson Integrity Model
A
No changes by unauthorised subjects
- No unauthorised changes by authorised subjects
- Maintenance of internal and external consistency
- Internal consistency: system does what is expected to do
without exception - External consistency: data in the system is consistent with
similar data in outside world
4
Q
Graham-Denning Access Control Model
A
objects, subjects and rights
5
Q
Brewer-Nash Model
A
subjects can access only one of two
conflicting sets of data, prevents conflicts of interest
6
Q
Role Based Access Control
A
Newer than DAC and MAC
* Centrally administered set of controls
* Assigning permissions based upon roles
* Users who perform a similar function are grouped together
* For example, Moodle access for students and lecturers
* Useful model for companies with high employee turnovers