Security Models Flashcards
Bell-LaPadula Model
Purpose: Maintains confidentiality.
Key Points:
Subjects (users) and objects (files) are organized in a non-discretionary fashion.
Rules include simple confidentiality, star confidentiality, and strong star confidentiality.
Focuses on preventing unauthorized read access to higher secrecy layers and unauthorized write access to lower secrecy layers
Biba Model
Purpose: Maintains integrity.
Key Points:
Classification of subjects and objects is non-discretionary.
Rules include simple integrity, star integrity, and strong star integrity.
Prevents unauthorized read access to lower secrecy layers and unauthorized write access to higher secrecy layers
Clarke Wilson Security Model
Purpose: Highly secured model.
Entities:
Subject: Requests data items.
Constrained Data Items: Accessed via the model.
Unconstrained Data Items: Accessed directly by the subject.
Components:
Transformation Process: Handles subject requests for constrained data items, converts them into permissions, and forwards them for integration verification
In summary, Clark-Wilson emphasizes integrity, separation of duties, and controlled access through transformation processes. It’s designed for commercial activities and stringent security requirements
