Study Document
Pages:2 (889 words)
Sources:2
Subject:Business
Topic:System Architecture
Document Type:Article Review
Document:#48966125
A security policy is indicated by Harris (2010) to be a set of rules as well as practices that dictates how sensitive information is to be protected, managed as well as distributed while a security model is a mere symbolic representation of the security policy. The following are the security models in use.
Lattice Models
This security model is based on a mathematical construct that is hugely base don the group notion. It has a set of elements, a partial ordering relations and combines both multilateral and multilevel security.It is used for access control and is mainly use din the military (Landwehr,1981,p.253).
Noninterference Models
This is a very a strict multilevel security policy model that is used for ensuring information confidentiality (McLean,1984).
Bell -- LaPadula Confidentiality Model
This is a confidentiality model that is part and parcel of the state machine-based multilevel security policy. It was originally designed for military use.It defined states woth the current permissions as well as current instances of the subjects that are accessing the objects. The system's security is satisfied by the very fact that the transitions of the systems from one secure state to the next happens without failure. It employs a layered classification scheme for the subjects as well as a layered categorization scheme for the system objects (Balon & Thabet,2004).This model imposes confidentiality but not integrity.
Biba Integrity Model
This is a formal state transition model that describes a set of access control rules that are designed to bring about data integrity. The subjects and data are grouped into ordered security levels of integrity (Biba,1977).This model was develop din order to circumvent the weaknesses in Bell -- LaPadula Confidentiality Model's weaknesses. In other words, it enforces integrity policies to the system.
Clark -- Wilson Integrity Model
This model is used to specify ways of protecting information against any sort of unauthorized modification (Xu,2009).
References
Balon, N, Thabet, I (2004). The Biba Security Model.v.Winter 2004 http://nathanbalon.net/projects/cis576/Biba_Security.pdf
Harris, S (2010).CISSP All-in-One Exam Guide, Sixth Edition. McGraw-Hill Osborne Media
Landwehr, CE (1981).Formal Models for Computer Security. Computing Surveys .Vol 13 (3)
McLean, John (1994). "Security Models." Encyclopedia of Software Engineering. 2. New York: John Wiley & Sons, Inc. pp. 1136 -- 1145.
Simhadi, H (202). Application Security Architecture. GSEC Practical Requirements (v1.4b) (August 2002).
http://www.giac.org/paper/gsec/2720/application-security-architecture/104640
Thorn, a et al. (2008).What is a Security Architecture? Information Security Society Switzerland. http://www.isss.ch/fileadmin/publ/agsa/Security_Architecture.pdf
Xu, Q (2009). Configuring Clark-Wilson Integrity Model to Enforce Flexible Protection. Computational Intelligence and Security. International Conference on Computing & Processing (Hardware/Software)
References
Balon, N, Thabet, I (2004). The Biba Security Model.v.Winter 2004 http://nathanbalon.net/projects/cis576/Biba_Security.pdf
Harris, S (2010).CISSP All-in-One Exam Guide, Sixth Edition. McGraw-Hill Osborne Media
Landwehr, CE (1981).Formal Models for Computer Security. Computing Surveys .Vol 13 (3)
McLean, John (1994). "Security Models." Encyclopedia of Software Engineering. 2. New York: John Wiley & Sons, Inc. pp. 1136 -- 1145.
Study Document
Wireless Broadband Technology Overview of Wireless technology Presently it is quite evident to come across functioning of a sort of wireless technology in the form of mobile phone, a Palm pilot, a smart phone etc. With the inception of fast connectivity in the sphere of commerce it is customary and useful to operate from central locations communicating with the remote branches, conducting conferences in remote places, discussing with every body at every