Understand the fundamental concepts of security models:
Security Model:
--> Security Model is a way to implement security concepts, processes, and procedures to create a security policy.
--> These models provide information about how any operating system should be designed and developed in order to enforce the security policy.
--> Following are the security Models used:
1) Bell-LaPadula Model:
--> Developed by DOD in 1970.
--> Multi-Level Security Policy.
--> Based upon Mandatory Access Control.
--> Used in Military and Government Organizations.
--> Subject is associated with the clearance level and object is associated with the classification.
--> Access is Granted on a need-to-know basis.
--> Only focuses on Confidentiality.
--> Avoids leaking of sensitive information to the lower levels.
--> Implements three properties:
i) Simple Security: Subject cannot read the information of higher security levels. ( No Read UP)
ii) Star Security: Subject Cannot write the information to the lower security levels. ( No Write Down)
iii) Discretionary Security or Strong Security: Subject can only read and write on the same security level.
--> It does not address covert channels and many common operations such as File Sharing etc.
--> As it addresses only Confidentiality, It needs to be used with other security models to provide Availability and Integrity.
TIP: Keeping the secrets as secret.
2) Biba Model:
--> BIBA Model is developed by DOD.
--> Multi-Level Security Policy.
--> Based upon Mandatory Access Control.
--> Used in Military and Government Organizations.
--> Subjects and Objects are both associated with Clearance levels.
--> Only focuses on Integrity.
--> Implements three properties:
1) Simple Integrity Axiom: Subject cannot read the information of Lower security levels. ( No Read Down) ( Prevent unauthorized modification of objects by authorized subjects)
2) Star Integrity Axion: Subject Cannot write the information to the Higher security levels. ( No Write UP) ( Prevent the modification of objects by unauthorized subjects)
3) Invocation Property: Subject can not read and write the information on Higher Security Levels ( No Read/Write UP) ( Protect Internal/External Data consistency)
--> It does not address covert channels.
--> It does not provide the opportunity to change the subject/object classification level.
--> As it addresses only Integrity, It needs to be used with other security models to provide Availability and Confidentiality.
3) Lattice-Based Security Model:
--> Developed in 1976.
--> Based upon Mandatory Access Control.
--> Subjects are assigned positions in the lattice.
--> Subject is associated with the clearance level and object is associated with labels.
--> Focused on Confidentiality.
--> A subject can be assigned with multiple clearance levels.
--> As it addresses only Confidentiality, It needs to be used with other security models to provide Availability and Integrity.
4) CLARK-WILSON MODEL:
--> Developed in 1987 for commercial applications.
--> Focused on Integrity.
--> Uses Triple Access Matrix concept to provide them access to the objects.
--> Subject is associated with the clearance level and object is associated with labels.
--> Subject does not have direct access to the object, They use the program to access the object.
--> Program is also known as an Interface to access the Data. This is also known as constrained Interface.
-> Implements separation of Duties.
--> Makes sure the data is protected from unauthorized changes (Integrity).
--> Well Performed transactions are a series of operations that make the data move from one consistent change to another consistent change.
Exam Tip: Buying anything from Amazon/eBay using their portal.
5) BREWER AND NASH MODEL
--> Also known as the Chinese Wall.
--> Based upon Information Flow Model which mainly focuses on the flow of information.
--> Access Control dynamically changes based upon the user's previous activity.
--> To prevent the conflict of interest.
--> It applies to one big database which is divided into multiple security domains.
6) Goguen-Meseguer Model:
--> Foundation of Non-Interference Model.
--> Subjects and users are grouped into one domain and provided access to predetermined objects.
--> Subjects of one domain have no interference into the objects of another domain.
7) Graham-Denning Model:
--> Focuses on Creation/deletion of Subjects and Objects.
--> Subject can perform 8 rules:
i) Create Subject
ii) Delete Subject
iii) Create Object
iv) Delete Object
v) Read Object Access
vi) Grant Object Access
vii) Transfer Object Access
Viii) Delete Access
Exam Tip: It is commonly used in Distributed systems.
8) Take-Grant Model:
--> Uses Graph rules to provide/remove access between subjects and objects.
--> It has 4 Rules:
1) Grant: Subject can grant the access of object to any other subject.
2) Take: Subject can get access to an object
3) Create: Subject can create the access of object
4) Remove: Subject can remove the access of object.
Reference: CISSP Official Study Guide
0 comments:
Post a Comment