You work as an analyst for Tech Perfect Inc. You want to prevent information flow that may cause a conflict of interest in your organization representing competing clients. Which of the following security models will you use?
The Chinese Wall Model is the basic security model developed by Brewer and Nash. This model prevents information flow that may cause a
conflict of interest in an organization representing competing clients. The Chinese Wall Model provides both privacy and integrity for data.
Answer D is incorrect. The Biba model is a formal state transition system of computer security policy that describes a set of access
control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity. The model is designed so that
subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.
Answer C is incorrect. The Clark-Wilson model provides a foundation for specifying and analyzing an integrity policy for a computing
system. The model is primarily concerned with formalizing the notion of information integrity. Information integrity is maintained by preventing
corruption of data items in a system due to either error or malicious intent.
The model's enforcement and certification rules define data items and processes that provide the basis for an integrity policy. The core of the
model is based on the notion of a transaction.
Answer A is incorrect. The Bell-La Padula Model is a state machine model used for enforcing access control in government and military
applications. The model is a formal state transition model of computer security policy that describes a set of access control rules which use
security labels on objects and clearances for subjects. Security labels range from the most sensitive (e.g.,'Top Secret'), down to the least
sensitive (e.g., 'Unclassified' or 'Public').
The Bell-La Padula model focuses on data confidentiality and controlled access to classified information, in contrast to the Biba Integrity Model
which describes rules for the protection of data integrity.
Currently there are no comments in this discussion, be the first to comment!