CS283 - Lecture 5 - Part 3 - Integrity Policy

CS283 - Lecture 5 - Part 3 - Integrity Policy - Integrity...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
GWU CS 172/283 Autumn 2009 Draws extensively from: Bishop’s text, Chapter 6 and 7, Bishop’s slides, Chapter 6 and 7 Integrity Policy
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Types of Security Policies GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 3- Rev 20091103 A commercial security policy is a security policy developed primarily to provide a combination of confidentiality and integrity . The focus is on how much the object can be trusted. A military security policy (also called a security policy) is a security policy developed primarily to provide confidentiality . Not concerned about trusting the object as much as not disclosing the object to unauthorized subjects Also it is possible to construct a confidentiality policy and an integrity policy .
Background image of page 2
3 Commercial Environments Commercial requirements differ from military requirements in their emphasis on preserving data integrity. For Example: 1. Users will not write their own programs, but will use existing production programs and databases. 1. Programmers will develop and test programs on a non-production system; if they need access to actual data, they will be given production data via a special process, but will use it on their development system. 1. A special process must be followed to install a program from the development system onto the production system. 1. The special process in 3, above, must be controlled and audited. 1. The management and auditors must have access to both the system state and to the system logs that are generated. GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 3- Rev 20091103
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Principles of Operation Separation of dut y. If two or more steps are required to perform a critical function, at least two different people should perform the steps. Separation of functio n. Developers do not develop new programs on production systems because of the potential threat to production data. Auditin g. Auditing is the process of analyzing systems to determine what actions took place and who performed them. Commercial systems emphasize recovery and accountability. GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 3- Rev 20091103
Background image of page 4
5 Biba Integrity Model Biba integrity model is a counterpart (dual) of BLP model. It identifies paths that could lead to inappropriate modification of data as opposed to inappropriate disclosure in the BLP model. A system consists of a set S of subjects, a set O of objects, and a set I of integrity levels. The levels are ordered. Subjects and Objects are ordered by the integrity classification scheme; denoted by I(s) and I(o). GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 3- Rev 20091103
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Intuition for Integrity Levels The higher the level, the more confidence That a program will execute correctly That data is accurate and/or reliable Note relationship between integrity and trustworthiness Important point: integrity levels are not security levels GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 05 – Part 3- Rev 20091103
Background image of page 6
7 Biba Integrity Model The properties of the Biba Integrity Model are: Simple Integrity Property:
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 40

CS283 - Lecture 5 - Part 3 - Integrity Policy - Integrity...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online