BLPmodel - Bell & LaPadula Model Security Policy...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
1 1 1 Formal Security Models CS177 2011 Security Policy • A document that expresses clearly and concisely what the protection mechanisms are to achieve • A statement of the security we expect the system to enforce 2 Formal Security Models CS177 2011 Formalization and specialization of the access model • Security level is a classification and a set of categories • Subjects and Objects have security levels • Subjects also have a current security level 3 Formal Security Models CS177 2011 • Security level is a classification and a set of categories • Subjects and Objects have security levels • Subjects also have a current security level • Some subjects are trusted to violate the basic policies of the model. This extends the model 4 Formal Security Models CS177 2011 Security level SL1 dominates security level SL2 iff – SL1’s classification SL2’s classification – SL1’s categories are a superset of SL2’s categories 5 Formal Security Models CS177 2011 Types of Access • Read-only • Append • Execute • Read-write 6 Formal Security Models CS177 2011 Permission Matrix • Contains an entry for each subject-object pair • Entries indicate the type of access that may be granted to the subject for the object
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 2 7 Formal Security Models CS177 2011 Permission Matrix • Contains an entry for each subject-object pair • Entries indicate the type of access that may be granted to the subject for the object Current Access • List of subject, object, access triples that indicate all of the currently granted accesses 8 Formal Security Models CS177 2011 Basic Security Theorem A system is secure iff • Its initial state is secure • Each action that starts in a secure state results in a secure state 9 Formal Security Models CS177 2011 Basic Security Theorem A system is secure iff • Its initial state is secure • Each action that starts in a secure state results in a secure state Secure State Satisfies • SS - property • * - property • DS - property 10 Formal Security Models CS177 2011 Invariants for the Model Current security level – every subject’s current security level must be dominated by its security level Simple security condition – if subject S currently has read-only or read- write access to object O, then the security level of S must dominate the security level of O 11 Formal Security Models CS177 2011 Star property – if subject S currently has read-only or read- write access to object O1 and has append or read-write access to object O2, then the security level of O2 must dominate the security level of O1 or S must be a trusted subject Discretionary security property
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 7

BLPmodel - Bell & LaPadula Model Security Policy...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online