Common Security Models Research Paper

Exclusively available on Available only on IvyPanda® Made by Human No AI

Introduction

The Bell-LaPadula is a machine-based security model that was originally used in military and political settings. It was developed by D. E. Bell and L. J. LaPadula in the 1970s and is based on the General Systems Theory language. The purpose of the model is to enforce uninterrupted access control through a non-linear method of data flow handling (Cristia & Rossi, 2021). It relies on a layered categorization, determining the rights of a subject to access an object, and remains relevant in the current environment.

Biba’s Strict Integrity Policy

Biba’s model of strict integrity originates from 1977 when it served to complement Bell-LaPadula. Integrity is the key concept of the policy by Kenneth Biba, becoming the first to reflect on whether data can become corrupted (Softpanorama, 2019). Biba’s model introduces a strong hierarchy of data subjects and objects, limiting the possibility of an interaction between different levels of integrity. This way, it aims to protect corrupted files from affecting another array of information.

Clark-Wilson

Similar to Biba’s policy, the Clark-Wilson model relies on the central concept of integrity. Developed in 1987 by David Clark and David Wilson for commercial settings, this framework aims to prevent unauthorized changes by unauthorized users, both intentional and accidental. In the Clark-Wilson model, users do not access the object directly, as an intermediary serves to ensure the integrity of the data (Jeannot, 2019). This way, the model follows similar principles as Biba’s policy, but the execution is different.

Chinese Wall

The Chinese Wall policy addresses the issues related to cloud computing in a competitive environment. It is based on the theory introduced by Brewer and Nash in 1989 and addresses the idea of conflict of interest in commerce (Fehis et al., 2016). The policy builds a virtual border between datasets belonging to competing entities and prevents one user from accessing objects from different sides of it. This way, business ethics are respected in the cloud computing environment.

Clinical Information Systems Security

The Clinical Information Systems Security model (CISS) aims to bridge the gap in data security policies. Anderson (1996) introduces this framework and states that, unlike military and commercial entities, healthcare organizations lack a security system similar to Bell-LaPadula or Clark-Wilson. CISS limits the number of users that can access a single medical record, as well as the number of records accessed by one subject. Thus, it preserves patient confidentiality within a unified data network.

Noninterference Security

The principles of the noninterference approach to data security were formulated in 1982 by Goguen and Meseguer. This approach divides data into low and high categories of inputs and outputs (Lu et al., 2019). The same division is applied to users preventing unauthorized (low) subjects from accessing high datasets. The effectiveness of this system is conditioned by the strictness of its functioning, placing additional requirements on the computer system.

Nondeductibility Security

Sutherland’s non-deductibility approach to security is based on the information theory. The functioning of this model relies on the information flow between high- and low-level objects. More specifically, such an exchange is only allowed when particular compatible variables are present (McLean, 1990). The assignment of such variables serves to limit the number of users who can access specific high-level data and can be applied in different environments.

Graham-Denning

This model was developed by G. Graham and P. Denning in 1972. It describes the optimal ways of manipulating data objects in terms of all key actions based on the Access Control Matrix. The range of manipulations, to which specific rights can be assigned, includes creating and deleting subjects and objects within the system (De Paoli, 2018). Combining these elements, the Graham-Denning model encompasses most situations, although its commands may appear primitive.

References

Anderson, R. J. (1996). A security policy model for clinical information systems. Web.

Cristia, M., & Rossi, G. (2021). Journal of Automated Reasoning, 65, 463–478. Web.

De Paoli, S. (2018). Internet Histories, 2(1-2), 20–37. Web.

Fehis, S., Nouali, O., & Kechadi, T. (2016). A new distributed Chinese Wall security policy model. The Journal of Digital Forensics, Security and Law, 11(4), 149–168. Web.

Jeannot, F. (2019). Clark-Wilson Security Integrity model. Web.

Lu, C., Qian, G., & Chen, T. (2019). Wuhan University Journal of Natural Sciences, 24, 194–200. Web.

McLean, J. (1990). Security models and information flow. Web.

Softpanorama. (2019). The Biba Integrity Model. Web.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2022, December 13). Common Security Models. https://ivypanda.com/essays/common-security-models/

Work Cited

"Common Security Models." IvyPanda, 13 Dec. 2022, ivypanda.com/essays/common-security-models/.

References

IvyPanda. (2022) 'Common Security Models'. 13 December.

References

IvyPanda. 2022. "Common Security Models." December 13, 2022. https://ivypanda.com/essays/common-security-models/.

1. IvyPanda. "Common Security Models." December 13, 2022. https://ivypanda.com/essays/common-security-models/.


Bibliography


IvyPanda. "Common Security Models." December 13, 2022. https://ivypanda.com/essays/common-security-models/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1