ITTChapter_06_Slides

ITTChapter_06_Slides - 9/6/2010 1 Chapter 6: Integrity...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 9/6/2010 1 Chapter 6: Integrity Policies Overview • Overview • Requirements • Biba’s models • Clark-Wilson model Slide #6-1 Overview Requirement • Requirements – Very different than confidentiality policies • Biba’s model • Clark-Wilson model Slide #6-2 9/6/2010 2 Requirements of Policies 1. Users will not write their own programs, but will use existing production programs and databases. 2. Programmers will develop and test programs on a non-production system; if they need access to actual data, they will be given production data via a special process, but will use it on their development system. 3. A special process must be followed to install a program from the development system onto the production system. Slide #6-3 4. The special process in requirement 3 must be controlled and audited. 5. The managers and auditors must have access to both the system state and the system logs that are generated. Biba Integrity Model Set of subjects S objects O integrity levels • Set of subjects S , objects O , integrity levels I , relation ≤ I I holding when second dominates first • min : I I I returns lesser of integrity levels S O i i t it l l f tit Slide #6-4 • i : S O I gives integrity level of entity • r : S O means s S can read o O • w , x defined similarly 9/6/2010 3 Intuition for Integrity Levels The higher the level the more confidenc • The higher the level, the more confidence – That a program will execute correctly – That data is accurate and/or reliable • Note relationship between integrity and trustworthiness Slide #6-5 • Important point: integrity levels are not security levels Biba’s Model • Similar to Bel -LaPadula mode Similar to Bell LaPadula model 1. s S can read o O iff i ( s ) ≤ i ( o ) 2. s S can write to o O iff i ( o ) ≤ i ( s ) 3. s 1 S can execute s 2 S iff i ( s 2 ) ≤ i ( s...
View Full Document

This note was uploaded on 02/08/2012 for the course ITT 650 taught by Professor Dewey during the Spring '11 term at UNC Asheville.

Page1 / 10

ITTChapter_06_Slides - 9/6/2010 1 Chapter 6: Integrity...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online