Domain 3 - Security Architecture and Engineering - Security Architecture and Design Flashcards
Security Models
Provides the means to formalize a system policy into an explicit set of rules that a computer can follow to implement the fundamental security concepts, processes, and procedures that make up a security policy
System Architecture
Hardware, Software, and firmware as part of the overall design and description of the interaction of information
Enforces the specifications provided by the security model
Security Model Examples
Bell-LaPadula Model **** Biba Model **** Clark-Wilson Model ** Brewer & Nash Model ** State Machine Model Information Flow Model Non-Interference Model Lattice Model
State Machine Model
Basis for other models
The state of a system is its snapshot at any one particular moment.
You are only as secure as your weakest state.
Bell-LaPadula Model
Protects Confidentiality of a system
Developed by DoD multilevel security policy
Divides entities in an information system into subjects and objects
Subjects and Objects are created with Labels
Labels are compared upon attempted access
If it is not expressly called out, it is allowed
Bell-LaPadula Tranquility Property
Labels are not arbitrarily changed
Bell-LaPadula Simple Security Property
No reading up in classification
Bell-LaPadula *Security Property
No writing down in classification
Bell-LaPadula Strong *Property
No read/write up or down in classification
Biba Integrity Model
Protecting the Sanctity of Knowledge
No subject can depend on an object of lesser integrity
“Down Data’s Dirty”
Biba Simple integrity axiom
No Read down of integrity level
Biba *Integrity Axiom
No write up on integrity level
Biba Invocation property
Subject cannot invoke subjects at a higher integrity level
Clark-Wilson Model
Isolation between resources
Keep users out of your stuff or they will break it
Separation of Duties is emphasized
Forces well-formed transactions through access triple
Brewer-Nash Model
Prevent conflict of interest in databases
Developed to combat conflict of interest in databases housing competitor information
Ensures fair competition
aka Chinese Wall model
Access Triple
user -> Transformation Procedure -> Constrained data Items (CDI)
Security Architecture
Directs how the components included in the system architecture should be organized and interact to ensure that security requirements are met
Trusted Computing Base (TCB)
all hardware, software, and firmware within a system that enforces the security of a system and provides a description of the trust of a system
Include the CPU, RAM, OS Kernel, BIOS, etc
Evaluated when certifying a system
Security Perimeter
Conceptual separation between the TCB and the untrusted elements of a system
API example of how to implement