Which of the following is not a property of the biba security model?
|
is a concept being standardized by an industry consortium, the Trusted Computing Group. The TPM is a hardware module that is at the heart of a hardware/software approach to trusted computing. Indeed, the term trusted computing (TC) is now used in the industry to refer to this type of hardware/software approach. The TPM generates keys that it shares with vulnerable components that pass data around the system, such as storage devices, memory components, and audio/visual hardware. The keys can be used to encrypt the data that flow throughout the machine. The TPM also works with TC-enabled software, including the OS and applications. The best-known feature that uses the TPM, if one is available, is BitLocker The best way to understand the security models is to simply memorize them, since most of us have never seen some of them, and will never use them again. They are also not intuitive, so let’s get right to it! Bell-Lapadula (BLP) – for this model, you simply need to memorize the phrase “no read up, no write down”. Using labels, it does not allow the viewing of objects that are considered of higher security, and also it does not allow modification of objects
that are of lower security. The focus of this model is on confidentiality. Data hiding might be an example of this, where processes operating at one level are prevented from seeing data at another level. There are two properties in this model: Biba is a model that focuses on integrity, and is the exact opposite of BLP, thus “No write up, no read down.” This also has two properties: Notice the commonality between the models and terms. The key
to memorizing the properties is this:
You can also remember that the “star” indicates “write” because in computing when you change/write something, a star typically appears on the file to indicate that you have unsaved changes. Be aware of the invocation property as well, which is the third property of Biba that states that subjects cannot send logical service requests to an object of higher integrity. So if we were to say “simple security” this would mean no read up, because simple = read. The “star security” property would mean no write down, because star = write, and you would know this refers to the BLP model. If we are to say “Simple integrity property” which model would this refer to? That’s right, Biba. Simple means “read”, and integrity refers to the Biba model, thus a “simple integrity” property means no read
down, indicating the Biba model. Consequently a Star integrity property would mean no write up BreWer Nash has a “W” in it, and is sometimes referred to as the Chinese Wall model, because it prevents users from accessing one another’s files, in other words it prevents conflict of interest. Clark-Wilson has an “eye” (i) in it, and conveniently this model also is concerned with integrity. Notice the letters matching, so repeat the following:
You can learn about the other models (Graham Denning, Harrison, Ruzzo, Ullman) in the thicker books, which also delve deeper into the functioning of these models. |
