User Tools

Site Tools


products:ict:security:overview_of_common_security_models

An overview of some common security models used in information security

1. Bell-LaPadula Model:

  1. The Bell-LaPadula (BLP) model is a formal model for enforcing access control policies, particularly in government and military settings.
  2. It is based on the principles of confidentiality and integrity.
  3. The model defines two security properties: the Simple Security Property (no read up) and the *-Property (no write down).
  4. BLP enforces the principle of “need-to-know,” where users can only access information at or below their security clearance level.

2. Biba Model:

  1. The Biba model focuses on data integrity and is designed to prevent data corruption and unauthorized modification.
  2. It is based on the principle of integrity and enforces two main rules: the Simple Integrity Property (no read down) and the *-Property (no write up).
  3. Biba prevents users from accessing data at a lower integrity level than their own, thereby preventing the spread of corrupted or unauthorized data.

3. Clark-Wilson Model:

  1. The Clark-Wilson model emphasizes integrity and is commonly used in commercial environments.
  2. It focuses on ensuring that data is protected from unauthorized modification or corruption.
  3. The model uses well-formed transactions and separation of duties to enforce integrity constraints.
  4. It requires the use of an access control mechanism called a “transformation procedure” to enforce integrity constraints and maintain data consistency.

These security models provide formal frameworks for enforcing access control policies, protecting confidentiality, ensuring data integrity, and preventing unauthorized access and modification. They are essential tools for designing secure systems and defining security policies in various environments, ranging from government and military to commercial and organizational settings.

products/ict/security/overview_of_common_security_models.txt · Last modified: 2024/03/30 16:08 by wikiadmin