Introduction To Classic Security Models

These models are used for maintaining goals of security, i.e. Confidentiality, Integrity, and Availability. In simple words, it deals with CIA Triad maintenance. There are 3 main types of Classic Security Models. 

  • Bell-LaPadula 
  • Biba
  • Clarke Wilson Security Model

1. Bell-LaPadula 

This Model was invented by Scientists David Elliot Bell and Leonard .J. LaPadula.Thus this model is called the Bell-LaPadula Model. This is used to maintain the Confidentiality of Security. Here, the classification of Subjects(Users) and Objects(Files) are organized in a non-discretionary fashion, with respect to different layers of secrecy.

Bell-LaPadula - Types of Classic Security Models

 

It has mainly 3 Rules:
 



  • SIMPLE CONFIDENTIALITY RULE: Simple Confidentiality Rule states that the Subject can only Read the files on the Same Layer of Secrecy and the Lower Layer of Secrecy but not the Upper Layer of Secrecy, due to which we call this rule as NO READ-UP 
  • STAR CONFIDENTIALITY RULE: Star Confidentiality Rule states that the Subject can only Write the files on the Same Layer of Secrecy and the Upper Layer of Secrecy but not the Lower Layer of Secrecy, due to which we call this rule as NO WRITE-DOWN 
  • STRONG STAR CONFIDENTIALITY RULE: Stong Star Confidentiality Rule is highly secured and strongest which states that the Subject can Read and Write the files on the Same Layer of Secrecy only and not the Upper Layer of Secrecy or the Lower Layer of Secrecy, due to which we call this rule as NO READ WRITE UP DOWN 

2. Biba 

This Model was invented by Scientist Kenneth .J. Biba. Thus this model is called Biba Model. This is used to maintain the Integrity of Security. Here, the classification of Subjects(Users) and Objects(Files) are organized in a non-discretionary fashion, with respect to different layers of secrecy. This works the exact reverse of the Bell-LaPadula Model.

Biba Classic Security Model

It has mainly 3 Rules:

  • SIMPLE INTEGRITY RULE: Simple Integrity Rule states that the Subject can only Read the files on the Same Layer of Secrecy and the Upper Layer of Secrecy but not the Lower Layer of Secrecy, due to which we call this rule as NO READ DOWN 
  • STAR INTEGRITY RULE: Star Integrity Rule states that the Subject can only Write the files on the Same Layer of Secrecy and the Lower Layer of Secrecy but not the Upper Layer of Secrecy, due to which we call this rule as NO WRITE-UP 
  • STRONG STAR INTEGRITY RULE

3. Clarke Wilson Security Model

This Model is a highly secured model. It has the following entities. 

Clarke Wilson Security Model

  • SUBJECT: It is any user who is requesting for Data Items.
  • CONSTRAINED DATA ITEMS:It cannot be accessed directly by the Subject. These need to be accessed via Clarke Wilson Security Model 
  • UNCONSTRAINED DATA ITEMS: It can be accessed directly by the Subject.

The Components of Clarke Wilson Security Model 

  • TRANSFORMATION PROCESS: Here, the Subject’s request to access the Constrained Data Items is handled by the Transformation process which then converts it into permissions and then forwards it to Integration Verification Process
  • INTEGRATION VERIFICATION PROCESS: The Integration Verification Process will perform Authentication and Authorization. If that is successful, then the Subject is given access to Constrained Data Items.

Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.

My Personal Notes arrow_drop_up

Check out this Author's contributed articles.

If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.


Article Tags :

Be the First to upvote.


Please write to us at contribute@geeksforgeeks.org to report any issue with the above content.