Login Signup
Verified Document

Security Architecture & Design Models: Article Review

Related Topics:
Security Computer Security Information Security Security Management
Open Document Cite Document

The following are the security models in use. Lattice Models

This security model is based on a mathematical construct that is hugely base don the group notion. It has a set of elements, a partial ordering relations and combines both multilateral and multilevel security.It is used for access control and is mainly use din the military (Landwehr,1981,p.253).

Noninterference Models

This is a very a strict multilevel security policy model that is used for ensuring information confidentiality (McLean,1984).

Bell -- LaPadula Confidentiality Model

This is a confidentiality model that is part and parcel of the state machine-based multilevel security policy. It was originally designed for military use.It defined states woth the current permissions as well as current instances of the subjects that are accessing the objects. The system's security is satisfied by the very fact that the transitions of the systems from one secure state to the next happens without failure. It employs a layered classification scheme for the subjects as well as a layered categorization scheme for the system objects (Balon & Thabet,2004).This model imposes confidentiality but not integrity.

Biba Integrity Model

This is a formal state transition model that describes a set of access control rules that are designed to bring about data integrity. The subjects and data are grouped into ordered security levels...

In other words, it enforces integrity policies to the system.
Clark -- Wilson Integrity Model

This model is used to specify ways of protecting information against any sort of unauthorized modification (Xu,2009).

References

Balon, N, Thabet, I (2004). The Biba Security Model.v.Winter 2004 http://nathanbalon.net/projects/cis576/Biba_Security.pdf

Harris, S (2010).CISSP All-in-One Exam Guide, Sixth Edition. McGraw-Hill Osborne Media

Landwehr, CE (1981).Formal Models for Computer Security. Computing Surveys .Vol 13 (3)

McLean, John (1994). "Security Models." Encyclopedia of Software Engineering. 2. New York: John Wiley & Sons, Inc. pp. 1136 -- 1145.

Simhadi, H (202). Application Security Architecture. GSEC Practical Requirements (v1.4b) (August 2002).

http://www.giac.org/paper/gsec/2720/application-security-architecture/104640

Thorn, a et al. (2008).What is a Security Architecture? Information Security Society Switzerland. http://www.isss.ch/fileadmin/publ/agsa/Security_Architecture.pdf

Xu, Q (2009). Configuring Clark-Wilson Integrity Model to Enforce Flexible Protection. Computational Intelligence and Security. International Conference on Computing & Processing (Hardware/Software)

Continue Reading...
Sources used in this document:
References

Balon, N, Thabet, I (2004). The Biba Security Model.v.Winter 2004 http://nathanbalon.net/projects/cis576/Biba_Security.pdf

Harris, S (2010).CISSP All-in-One Exam Guide, Sixth Edition. McGraw-Hill Osborne Media

Landwehr, CE (1981).Formal Models for Computer Security. Computing Surveys .Vol 13 (3)

McLean, John (1994). "Security Models." Encyclopedia of Software Engineering. 2. New York: John Wiley & Sons, Inc. pp. 1136 -- 1145.
http://www.giac.org/paper/gsec/2720/application-security-architecture/104640
Thorn, a et al. (2008).What is a Security Architecture? Information Security Society Switzerland. http://www.isss.ch/fileadmin/publ/agsa/Security_Architecture.pdf
Cite this Document:
Copy Bibliography Citation

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now