Security Models: Part 4 - Biba Integrity Model

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> After talking about the Bell-LaPadula model,
00:00
we're going to move on to the Biba Integrity Model.
00:00
Now I want you to notice,
00:00
integrity is different than confidentiality.
00:00
The Bell-LaPadula has one approach
00:00
because their goal is confidentiality,
00:00
Biba as a security model has
00:00
a totally different approach because
00:00
they're focused on integrity.
00:00
Let's look at this. As a matter of fact,
00:00
I always tell people,
00:00
if Bell-LaPadula makes sense to you,
00:00
great, we're just going to reverse it in Biba.
00:00
Everybody looks at me and says "That makes no sense",
00:00
but it actually does,
00:00
hang with me for a minute.
00:00
When we talk about integrity of data,
00:00
what we're talking about doing is protecting
00:00
the sanctity of knowledge,
00:00
protecting the knowledge base.
00:00
Making sure the knowledge base is pure and has integrity.
00:00
As a matter of fact, you can sum up
00:00
the Biba Integrity Model with three words,
00:00
and those three words are down data's dirty.
00:00
Let's see how this works.
00:00
Just like Bell-LaPadula,
00:00
Biba is made up of rules,
00:00
and there are three basic rules with Biba.
00:00
We see this simple and we see the star again.
00:00
Remember, simple properties
00:00
and axioms are always about read.
00:00
Star properties and axioms are always about write.
00:00
The simple integrity axioms is no read down.
00:00
A subject can't read to
00:00
a lower level than they are where they exist.
00:00
Can I read up?
00:00
Not only can I read up,
00:00
it's encouraged that I read above my level.
00:00
What? Let go of thinking about confidentiality.
00:00
Let go of thinking about protecting secrets.
00:00
If I want to improve my knowledge,
00:00
if I want to improve my understanding,
00:00
I will go to more trusted sources.
00:00
I will not go to less trusted sources.
00:00
Let me give you an example.
00:00
In a particularly dark period
00:00
of my life I'm not proud about,
00:00
I watched the television show, Honey Boo Boo.
00:00
That's an old TV show,
00:00
but because it left such a mark,
00:00
I'm hoping many of you remember this,
00:00
but it was the story of
00:00
a child beauty queen pageant who lived in West Virginia,
00:00
and had a very interesting life.
00:00
I was watching this one episode,
00:00
and these folks were really from
00:00
the boondocks and really
00:00
had their own way of doing things.
00:00
One episode, the only episode I watched by the way,
00:00
they made dinner with spaghetti, ketchup and butter.
00:00
That was the sauce for the spaghetti.
00:00
[NOISE] If I get
00:00
my cooking knowledge from
00:00
Honey Boo Boo, we're in trouble.
00:00
I'm no longer making a decent meal.
00:00
That's a less trusted entity.
00:00
But if I'm baking a cake,
00:00
and I watch the British Baking Show,
00:00
they're much more knowledgeable on that show than I am.
00:00
I'm going to learn,
00:00
we're going to keep our knowledge base clean,
00:00
and we're even going to increase
00:00
our knowledge base if we'd read up.
00:00
You could also think about it
00:00
as maybe I'm a college student,
00:00
and I go to the library,
00:00
and they don't want me looking at
00:00
freshmen books because maybe
00:00
they're too simple, they're more simplified.
00:00
If I'm a senior, they want me to look at
00:00
senior level and grad student level books.
00:00
I'm going to improve my knowledge.
00:00
So Biba makes perfect sense if
00:00
you think about it in terms of academia.
00:00
No read down, because down data's dirty.
00:00
I'm not going to protect the sanctity of knowledge
00:00
if I'm getting information from less trusted sources.
00:00
The star integrity axiom says no write up.
00:00
You know why? Because I'll
00:00
pollute somebody else's knowledge base.
00:00
Never does Paul Hollywood
00:00
on the British Baking Show call me and say,
00:00
"Kelly, I'd like you to write
00:00
the recipe for our next challenge."
00:00
Why? Because I'll mess it up.
00:00
I'll have some recipe like pepperoni pizza on there,
00:00
which is not with the keeping of the show.
00:00
The bottom line is, we're protecting knowledge.
00:00
I don't read less trusted sources,
00:00
and because I could be a less trusted source,
00:00
I don't right above my level.
00:00
That's the star integrity axiom.
00:00
The invocation property says,
00:00
no read or write above.
00:00
You can do what you want below,
00:00
but you can't modify what's above or read it.
00:00
Remember, like we talked about with Bell-LaPadula,
00:00
if the rule doesn't
00:00
specifically restrict an action, you can perform it.
00:00
With the simple integrity axiom,
00:00
I can read above my level.
00:00
Remember, this isn't about protecting secrets,
00:00
this is about knowledge,
00:00
it's about me learning,
00:00
so I can go to more trusted sources.
00:00
The star integrity axiom says no write up,
00:00
but I can write down.
00:00
I could read up,
00:00
I could read down if that's the only axiom I apply.
00:00
Again, I want to stress to you,
00:00
most likely you're going to need
00:00
to apply multiple axioms.
00:00
In the real world,
00:00
you're not sitting there thinking,
00:00
"Oh, let me go back and review the Biba security model."
00:00
But these are just thought processes
00:00
that you take that are based on
00:00
models created by engineers
00:00
back in the day and mathematicians.
00:00
We're not worried about
00:00
the detailed and complex math that's
00:00
built into a system to make this happen,
00:00
we're just worried about the general purpose and rules.
00:00
Quickly, we have our friend Tavera again, and Tavera,
00:00
if you remember from the last section on Bell-LaPadula,
00:00
Tavera has confidential clearance.
00:00
According to Biba's star integrity axiom,
00:00
to which files can Tavera write?
00:00
It's written in the stars,
00:00
and Biba says no write up
00:00
so I don't pollute somebody else's knowledge base.
00:00
I cannot write to file A or B, can't write up.
00:00
I can write to my own level,
00:00
and I can write lower.
00:00
Then the next question according to
00:00
Biba's simple integrity axiom,
00:00
where can Tavera write?
00:00
Well, anywhere, because
00:00
the simple integrity axiom has
00:00
nothing to do with write, it's strictly read.
00:00
Man, I got to tell you the truth,
00:00
that's a great way to ask
00:00
a Biba or Bell-LaPadula question.
00:00
That's why I put it on here.
00:00
Make sure that these makes sense to you.
00:00
Just to wrap up, we talked about
00:00
the Biba Integrity Model,
00:00
and we talked about the fact that down data's dirty.
00:00
Biba is all about
00:00
protecting our knowledge base and making
00:00
sure that we don't get subjected to misinformation,
00:00
that we don't pollute the knowledge base.
00:00
Very different from Bell-LaPadula.
00:00
Bell-LaPadula was confidentiality, Biba is integrity.
Up Next