Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
This lesson covers security models and access control models. A security model dictates how a system will explore security policy. Three common security models covered in this unit include: • Bell-LaPadula: designed for US Government Systems that protect state secrets; it is designed to protect CONFIDENTIALITY. • Biba: designed to protect the INTEGRITY of the knowledge base. • Clark-Wilson: Don't allow untrusted users to directly access your trusted resource of they'll break them. Instead, form them to access resources through a trusted interface. Access Control models covered in this unit are: • Discretionary access control (DAC): security of an object is at the owner's discretion. • Mandatory Access control (MAC): More secure than DAC as data owners cannot grant access • Role based access control (RBAC): The owner of an object does not control access. Each role has a set of fights and permission which cannot be changed unless a security administrator is involved.