1 / 7

Bell-LaPadula Abstract formal treatment of Department of Defense security policy

Bell-LaPadula Abstract formal treatment of Department of Defense security policy Defines notion (concept) of secure state Defines fundamental modes of access Rules for giving subjects access to objects. Bell-LaPadula. Layer of higher secrecy. Reading Secrets. Reading Secrets. X. X.

eyal
Download Presentation

Bell-LaPadula Abstract formal treatment of Department of Defense security policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Bell-LaPadula • Abstract formal treatment of Department of Defense security policy • Defines notion (concept) of secure state • Defines fundamental modes of access • Rules for giving subjects access to objects

  2. Bell-LaPadula Layer of higher secrecy Reading Secrets Reading Secrets X X 3. READ/WRITE 2. WRITE 1. READ Divulging Secrets Divulging Secrets X X Layer of lower secrecy 2. Star Property 3. Strong Star Property 1. Simple Security Property

  3. Biba • First to address integrity in computer systems • Based on hierarchical lattice of integrity levels • Elements • Set of subjects (Active, information processing) • Set of objects (Passive, information repository) • Addresses first goal of integrity • Prevent unauthorized users from making modifications

  4. Mathematical dual of confidentiality policy • Access tuple: subject & object • Strict integrity policy • Simple integrity condition • Subject cannot observe (read) objects of lesser integrity • Integrity *-property • Subject cannot modify (write to) objects of higher integrity • Invocation property • Subject cannot send messages (logical request for service) to subjects of higher integrity

  5. BIBA Layer of higher accuracy Contamination X 2. WRITE 1. READ Get Contaminated X Layer of lower accuracy 2. Integrity Star Property 1. Simple Integrity Property

  6. Clark & Wilson • Addresses all 3 integrity goals • Preventing unauthorized users from making modifications • Preventing authorized from making improper modifications • Maintaining internal & external consistency • Well-formed transaction • Preserve/ensure internal consistency • User can manipulate data only in ways that ensure internal consistency

  7. Separation of duty • Attempts ensure external consistency & third goal • Operation divided into sub parts • Different person executes each part • Ensures external consistency (data represents real world) • Prevents authorized users from unauthorized modifications • Access triple • Subject-program-object • Enforced by subject (user)-to-program & program-to-object (data) binding • First integrity goal & separation of duties

More Related