{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Lecture 18 - Security Policies Military Security Policy...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Security Policies Military Security Policy Bell/La Padula Devised model based on military security policy Lattice model Of Security Security System Set of subjects S, set of objects O, s {S has fixed security class C(s) O (O has fixed security class C(o)) Security classes are ordered by an ordering 2 properties that characterize the flow of information 1. Simple Security property – A subject s can have read access to an object o only if c(o) <= c(s) – you can only read at a subject at your level or below, never higher. CAN’T READ UP. 2. * Property – A subject s that has read access to an object o can write to an object p only if c(p) >= c(o) – can’t write down. * is stronger than necessary because it says you can’t talk about anything with lower entities. This is difficult to implement with computers. CAN’T WRITE DOWN. Biba Integrity Model Bell-La Padula applies only to the secrecy of information. The model is trying to capture the “inappropriate modification” of items.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.
  • Spring '10
  • Englert
  • security policy, Biba integrity model, Military Security Policy, Simple integrity property, security policy Lattice

{[ snackBarMessage ]}