Security Architecture Models - Biba Integrity Model
ฝัง
- เผยแพร่เมื่อ 9 ก.ค. 2024
- Security Architecture Model - Biba Integrity Model. Biba integrity model, addresses the issue of maintaining integrity. Integrity is the second requirement expected in information security. Integrity means, only authorized persons can modify the data. For example, for a bank data, any change in transaction entry will be done only by the concerned bank officials, not others.
bell La Padula Model : • Security Architecture ...
Integrity is usually characterized by the three goals.
The first goal is, Protection from any modification by unauthorized users.
The second goal is Protection of data from unauthorized modification by authorized users. Here the problem is not with the outsider. But with the inside person, that too an authorized person. In a bank, both bank manager and bank cashier are authorized persons. For example, to modify the PAN number of a bank customer, only bank manager is authorized. Bank cashier, even though an authorized person cannot modify customer’s PAN number. He is not given authorization for this activity. Hence, the goal here is to protect data from unauthorized modification by authorized users.
The third goal is to maintain Data consistency internally and externally.
Four types of Information may be available in any organization. It can be
Top Secret
Secret
Confidential
Public
The detail explanation about these four types of information, along with the examples is available in bell la padula confidentiality video. The video link is given in the description box. Those who need to know, can view that video.
Now let us see the basic principles of Biba Integrity Model in maintaining the integrity of the data. In this diagram, four types of information are there, with its level of priority. Here, subject means the user and the object means the documents. In the first example, a user is having access to secret documents. His or her level is only confined to secret documents. Hence this user can read and write all the documents in between top secret and secret. You can see the subject moving between two lines, top secret and secret.
But this user cannot be allowed to read any document in the lower level. That is, confidential as well as public documents. This is said to be NO READ DOWN RULE. Similarly, this user cannot be allowed to write in the upper level, that is, Top Secret documents. This is said to be NO WRITE UP RULE. Alternatively, from the given current level, write down and read up is allowed. That is, this user can write confidential and public level documents. And, can read top secret documents.
Another representation of Biba integrity model is shown here. Clearly it indicates what is allowed and what is not allowed in biba integrity model. Reading downwards and writing upwards is not allowed. Whereas, writing down and reading up is allowed in biba integrity model. By this way, it maintains integrity among the concurrent users. There are two types of rules defined by biba model. The first rule, referred to as no write up rule. It states that a subject cannot write data to an object, at a higher integrity level. The second rule, referred to as “no read down”. It states that a subject cannot read data from a lower integrity level. This second rule attempts to protect the subject and data, at a higher integrity level from being corrupted by data, in a lower integrity level. - วิทยาศาสตร์และเทคโนโลยี
Thank you, nice explanation