1)Write a set of rules combining the secrecy controls of the BellLa Padula model with the integrity controls of the Biba model.
Bell-LaPadula Model is a formal state- transition model of computer security policy that describes a set of access control rules for some objects. It s an access control model for protecting confidentiality. It has been proven that as the information flows from one object to another the system remains in a secure state. We can say that information prohibited in one state is also prohibited in all other reachable states.
There are three properties in BLP model:
1) Discretionary Security Property.
2)Simple-Security Property-no read up.
3)Stac Property-no write down.
If a secure system satisfies all these…show more content… 2) In BLP, information flow can only occur directly through access operations.
3)Information flow is still possible.
A low subject could create a high level "Trojan Horse program that reads a high level document and copies its content to its low level file.
This would constitute an improper declassification of the property. 4) Stac property: The very first version of BLP model did not consider * property. The ss and * are the mandatory BLP policies. LIMITATIONS OF BLP:
Restricted to Confidentiality.
No policies for changing access rights, a general and complete downgrade is secure, BLP is intended for systems with static security levels. this model contains communication channel which allows transfer of information in a manner that violates system security policy.
Biba Model: It has similar structure to the BLP model, but id address the integrity rather than confidentiality. Objects and users are assigned integrity levels that from a partial order which is similar to BLP model. The integrity levels in Biba model are indicating the degrees of the accuracy for objects and users, rather than levels for determining confidentiality.
Example: File stored on a machine in a closely monitored data center would be assigned a higher integrity level than a file stored on a laptop. The data-center computer is less likely to be compromised than a laptop. The access control rules for Biba are the reverse of those for BLP. Biba model will not allow reading