Security Models - That Computer Engineer


Learn | Teach | Explore

Sunday, July 9, 2017

Security Models

A security model dictates how a system will enforce security policy.  A security policy outlines how data is accessed, what level of security is required and what actions should be taken when these requirements are not met. If a security policy dictates that any of the User should be authenticated, authorized and identified if he wants to access any system resource, then that security model should possess a mechanism like that of access control matrix to fulfill the needs of the security policy.

Three security models can be defined as:

1.Bell La-Padula Model

This model was used for enforcing access control in government and military applications. The model is a formal state transition model of computer security policy. It was introduced to protect secret data of US government.

Goal: To protect the confidentiality

The three basic rules are:

  1. Simple Security: A subject at a given security level may not read an object at a higher security level.
  2. *(Star) Security Property: A subject at a given security level may not write to any object at a lower security level.
  3. Strong *(Star) Property: A subject with read/write privilege can perform read/write functions only at the subject's security level.
2. BIBA Integrity Model
The model describes a set of access control rules designed to ensure data integrity. The model is designed to prevent corruption of data by the ranks higher or lower than that of subject. These are used in banking classification systems to prevent the untrusted modification of information and corruption of data at a higher level.

Goal: To enforce integrity of data

The three basic rules are:

  1. Simple Integrity Axiom: a subject can't read data from an object of lower integrity.
  2. * (Star)  Integrity Axiom: a subject can't write data to an object at a higher integrity level.
  3. Invocation Property: Subject can't invoke(call upon) subjects at a higher integrity level.
3.Clark-Wilson Model

The Clark-Wilson Model is used in business and industry processes in which the integrity fo the information content si paramount at any level of classification.

Goal: Don't allow the untrusted user to direly access your trusted resources(else they will break these resources). Instead, force them to access resources via a trusted interface.

This model deals with three integrity goals-
1.Prevent unauthorized users from making an improper modification.
2. Prevent authorized users from making an improper modification.
3.Maintain internal and external consistency by reinforcing the separation of duties.

1 comment:

  1. Hello everyone, it's my first go to see at this web page, and paragraph is truly fruitful in support of me, keep up posting such articles or reviews. gmail login email