Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
Video Description
This lesson covers security models and access control models. A security model dictates how a system will explore security policy. Three common security models covered in this unit include: • Bell-LaPadula: designed for US Government Systems that protect state secrets; it is designed to protect CONFIDENTIALITY. • Biba: designed to protect the INTEGRITY of the knowledge base. • Clark-Wilson: Don't allow untrusted users to directly access your trusted resource of they'll break them. Instead, form them to access resources through a trusted interface. Access Control models covered in this unit are: • Discretionary access control (DAC): security of an object is at the owner's discretion. • Mandatory Access control (MAC): More secure than DAC as data owners cannot grant access • Role based access control (RBAC): The owner of an object does not control access. Each role has a set of fights and permission which cannot be changed unless a security administrator is involved.
Course Modules
ISC2 Certified Secure Software Life-cycle Professional (CSSLP)
CSSLP Module 01
11:47
Part 1 - Core Security Requirements
11:54
Part 2 - Tenets of Secure Architecture and Design
06:11
Part 3 - Trusted Computing Requirements of System Architecture
15:33
Part 4 - Security Models and Access Control Models
07:38
Part 5 - Adversaries and Review
07:16
Part 6 - Risk Intro
06:25
Part 7 - Risk Assessment
08:38
Part 8 - Risk Analysis
09:58
Part 9 - Risk Mitigation and Review
CSSLP Module 02
CSSLP Module 03
CSSLP Module 04
CSSLP Module 05
CSSLP Module 06
CSSLP Module 07
Instructed By
Kelly Handerhan
Senior Instructor