Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP Tidbits > Security Models > Flashcards

Security Models Flashcards

Review IT Security Models

1
Q

Key features of Bell-LaPadula

A 
Focuses on Confidentiality
Is Mandatory
Access Tuple Subject-Object
Is Lattice-Based
Relies on State Machine
Is an Information Flow Model

Simple Security Property: NO READ UP
* Security Property: NO WRITE DOWN
Discretionary Security Property

DOES NOT ADDRESS “NEED TO KNOW”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Features of Biba

A 
Focuses on Integrity
Is Mandatory
Access Tuple Subject-Object
Is Lattice-Based
Relies on State Machine
Is an Information Flow Model

Simple Integrity Property: NO READ DOWN
* Integrity Property: NO WRITE UP

FIRST GOAL OF INTEGRITY
-Prevent data modification by unauthorized parties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Features of Clark-Wilson

A 
Focuses on Integrity
Is Discretionary
Access Triple Subject-Program-Object
NOT Lattice-Based
DOES NOT Rely on State Machine
Is NOT an Information Flow Model

Well-formed transactions
Separation of duties

ALL THREE GOALS OF INTEGRITY

  • Prevent data modification by unauthorized parties
  • Prevent unauthorized data modification by authorized parties
  • Maintain internal and external consistency (i.e. data reflects the real world)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Features of Brewer and Nash

A 
Focuses on Confidentiality
Is Discretionary
Access Tuple Subject-Object
NOT Lattice-Based
DOES NOT Rely on State Machine
Is an Information Flow Model

Chinese wall
Mutual exclusivity
Prevent conflict of interest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Features of Goguen-Meseguer

A

Focuses on Integrity
Noninterference model
Based on predetermining the set or domain - the list of objects that a subject can access
Subjects are unable to interfere with each other’s activities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Features of Sutherland

A

Focuses on Integrity
Prevents interference
Relies on Formal State Machine
Is an Information Flow Model

Defines:

  • System states
  • Initial states
  • State transitions

Prevents use of covert channels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Features of Graham-Denning

A

Focuses on secure creation and deletion of subjects and objects

8 primary protection rules:

  1. Securely create an object
  2. Securely create a subject
  3. Securely delete an object
  4. Securely delete a subject
  5. Securely provide the read access right
  6. Securely provide the grant access right
  7. Securely provide the delete access right
  8. Securely provide the transfer access right
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISSP Tidbits (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions