Chapter 4: Security Architecture and Design - Security Models

A security policy was discussed in my previous post. Basically, it is a plan to implement required security. The security model describes the do's and font's that will accomplish what the security policy has outlines. There are many different models used for security. I will focus on that that I felt were interesting. The first is the Biba model. Bia is concerned with the integrity of data within applications. There are three rules that this model follows: no "write up", no "write down", and subjects can't get service from a higher integrity. Another important concept in this model is that dirty data should not be mixed with clean data. The Brewer and Nash model lets access control change at dynamic level, according to what the user has done in the past. It is based upon information flow. No subject-object interaction that is conflicting is allowed.