Security Model Essay

747 Words2 Pages

Introduce the concept of using information security models (why are they important). Two fundamental concepts in computer and information security are the security model, which outlines how security is to be implemented. Basically providing a blueprint and the architecture of a computer system, which fulfills this blueprint. A security model is a statement that outlines the requirements necessary to properly support and implement a certain security policy. A security model provides a deeper explanation of how a computer operating system should be developed to properly support a specific security policy (Whitman, 2014).
Explain that some security architecture models are implemented into computer hardware and software, some are implemented as policies and practices, and some encompass both Information security is made up of three main attributes: Availability is the prevention of loss of access to resources and data. Integrity is the prevention of unauthorized modification of data, and Confidentiality is the prevention …show more content…

It uses a state machine model and is very similar to the Bell-LaPadula model. Biba addresses the integrity of data being threatened when subjects at lower integrity levels are able to write to objects at higher integrity levels and when subjects can read data at lower levels. If implemented and enforced properly, the Biba model prevents data from any integrity level from flowing to a higher integrity level. Biba has two main rules to provide this type of protection. The first rule, referred to as “no write up,” states that a subject cannot write data to an object at a higher integrity level. The second rule, referred to as “no read down,” states that a subject cannot read data from a lower integrity level. This second rule might sound a little goofy, but it is protecting the subject and data at a higher integrity level from being corrupted by data in a lower integrity level (Whitman,

More about Security Model Essay

Open Document