Thursday, May 7, 2020

Case Study Bell Lapadula ( Blp ) Model - 1363 Words

Bell-LaPadula (BLP) Model – This security model is one of the earliest developed and possibly one of the most significant across the security field as it was used to outline access control. It was developed at the Mitre Corporation by David E. Bell and Leonard J. LaPadula and has gone on to serve as the basis for substantiating the security properties of various systems (Rushby, 1986, p. 1). The BLP model was developed to protect access-control, and was derived from the military’s use of multilevel security, which is used to classify documents (top secret, secret, confidential, and unclassified) and give personnel clearance access levels (Goodrich, 2011, p. 450). The basic idea is to assign both documents and personnel classification†¦show more content†¦Clark-Wilson (CW) – This model continues to build upon Biba’s by focusing on integrity at the transaction level and by addressing three goals of integrity within a commercial environment (Tipton, 2009, p. 690). By 1987, the founders, David D. Clark and David R. Wilson upheld that only authorized users should be allowed to change data and the system should maintain an internal and external consistency (Lakhani, 2016, para. 1). This consistency would come about by having a system in place to perform transactions to check the integrity, once this requirement has been met, each transaction does not need to be verified at the beginning (Goodrich, 2011, p. 455). This model does a nice job of preserving the integrity of the information, and ensuring that it reaches the destination intact, but still trying to keep the confidentiality as much as possible; CW could see a broader use within the commercial sector, but perhaps still see some use within the military/DOD as well. Chinese Wall (or Brewer and Nash) – This model was designed specifically for the commercial sector as it was designed to eliminate conflicts of interest within companies (Goodrich, 2011, p. 455). Brewer and Nash proposed a policy called the Chinese Wall in 1989 to keep companies’ best interests in place, that is, users should not be able to access private material of both a clientShow MoreRelatedDatabase Security28570 Words   |  115 PagesIntroduction 1.1 The Relational Data Model Revisited 1.2 The Vocabulary of Security and Major DB Security Threats 2. Database Security Models 2.1 Discretionary Security Models 2.2 Mandatory Security Models 2.3 Adapted Mandatory Access Control Model 2.4 Personal Knowledge Approach 2.5 Clark and Wilson Model 2.6 A Final Note on Database Security Models 3. Multilevel Secure Prototypes and Systems 3.1 SeaView 3.2 Lock Data Views 3.3 ASD_Views 4. Conceptual Data Model for Multilevel Security 4.1Read MoreCissp Study Guide67657 Words   |  271 PagesVulnerability analysis C. Honey Pots D. IDS Answer: B Explanation: Vulnerability analysis (also known as vulnerability assessment) tools test to determine whether a network or host is vulnerable to known attacks. Vulnerability assessment represents a special case of the intrusion detection process. The information sources used are system state attributes and outcomes of attempted attacks. The information Pass Any Exam. Any Time. - www..com Ac tua lTe A. ) Threat B. ) Exposure C. ) Vulnerability

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.