Security Models

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
7 hours 35 minutes
Difficulty
Intermediate
CEU/CPE
12
Video Transcription
00:01
>> Hi guys, welcome to Domain 1,
00:01
Lesson 2 of the SSCP course,
00:01
starring me your host, Peter Cipolone.
00:01
Tonight's lesson is about security models
00:01
specifically ones focusing on confidentiality.
00:01
The model we'll be focusing on tonight is
00:01
the Bell-LaPadula model which has been
00:01
designed with confidentiality in mind.
00:01
This model is mostly used in
00:01
government military installations and
00:01
has two properties;
00:01
the simple security property,
00:01
otherwise known as no read up,
00:01
and the star property,
00:01
known as no write-down.
00:01
Let's take a look at an example here.
00:01
In this example we have
00:01
four different security level clearances
00:01
that the military uses.
00:01
We have unclassified,
00:01
confidential, secret, and top secret.
00:01
John from the FBI has secret clearance.
00:01
File A is labeled Top-Secret,
00:01
this means John can not read
00:01
File A because one of the properties
00:01
of the Bell-LaPadula model is no read up.
00:01
That means John cannot read anything that is
00:01
above the secret clearance level.
00:01
File B is labeled confidential.
00:01
He can read file B
00:01
because it is below his secret clearance level.
00:01
He cannot write to it because it has no write down.
00:01
File C is labeled secret.
00:01
John can read File C but he cannot write to it.
00:01
He can read it because it is
00:01
the same security clearance level that he has,
00:01
but he cannot write to it because
00:01
of the property, no write-down.
00:01
In summary, our brief lecture,
00:01
we discussed the overall view of
00:01
the Bell-LaPadula security model and its properties.
00:01
Pop quiz.
00:01
John at the FBI creates a file on
00:01
his computer and inside he puts
00:01
secret information on a dangerous criminal.
00:01
John needs to give access to others to this file,
00:01
but he only wants people to see it if they have
00:01
the same security clearance that he
00:01
does or a higher security clearance.
00:01
Which security model should he use?
00:01
If you answered C,
00:01
the Bell-LaPadula model, obviously you are correct.
00:01
Hope you guys learned a lot in
00:01
this video. Thank you for watching.
Up Next