Security Architecture & Design Models: Article Review

A security policy is indicated by Harris (2010) to be a set of rules as well as practices that dictates how sensitive information is to be protected, managed as well as distributed while a security model is a mere symbolic representation of the security policy. The following are the security models in use.

Lattice Models

This security model is based on a mathematical construct that is hugely base don the group notion. It has a set of elements, a partial ordering relations and combines both multilateral and multilevel security.It is used for access control and is mainly use din the military (Landwehr,1981,p.253).

Noninterference Models

This is a very a strict multilevel security policy model that is used for ensuring information confidentiality (McLean,1984).

Bell -- LaPadula Confidentiality Model

This is a confidentiality model that is part and parcel of the state machine-based multilevel security policy. It was originally designed for military use.It defined states woth the current permissions as well as current instances of the subjects that are accessing the objects. The system's security is satisfied by the very fact that the transitions of the systems from one secure state to the next happens without failure. It employs a layered classification scheme for the subjects as well as a layered categorization scheme for the system objects (Balon & Thabet,2004).This model imposes confidentiality but not integrity.

Biba Integrity Model

This is a formal state transition model that describes a set of access control rules that are designed to bring about data integrity. The subjects and data are grouped into ordered security levels of integrity (Biba,1977).This model was develop din order to circumvent the weaknesses in Bell -- LaPadula Confidentiality Model's weaknesses. In other words, it enforces integrity policies to the system.

Clark -- Wilson Integrity Model

This model is used to specify ways of protecting information against any sort of unauthorized modification (Xu,2009).

References

Balon, N, Thabet, I (2004). The Biba Security Model.v.Winter 2004 http://nathanbalon.net/projects/cis576/Biba_Security.pdf

Harris, S (2010).CISSP All-in-One Exam Guide, Sixth Edition. McGraw-Hill Osborne Media

Landwehr, CE (1981).Formal Models for Computer Security. Computing Surveys .Vol 13 (3)

McLean, John (1994). "Security Models." Encyclopedia of Software Engineering. 2. New York: John Wiley & Sons, Inc. pp. 1136 -- 1145.

Simhadi, H (202). Application Security Architecture. GSEC Practical Requirements (v1.4b) (August 2002).

http://www.giac.org/paper/gsec/2720/application-security-architecture/104640

Thorn, a et al. (2008).What is a Security Architecture? Information Security Society Switzerland. http://www.isss.ch/fileadmin/publ/agsa/Security_Architecture.pdf

Xu, Q (2009). Configuring Clark-Wilson Integrity Model to Enforce Flexible Protection. Computational Intelligence and Security. International Conference on Computing & Processing (Hardware/Software)