Ask
Login
0
7.8kviews
What is access control? How does Bell-Lapadula model achieve access control.
written 8.0 years ago by gravatar for teamques10 teamques10 68k •   modified 4.7 years ago
cryptography and system security
ADD COMMENT EDIT
1 Answer
0
146views
written 8.0 years ago by gravatar for teamques10 teamques10 68k
  • Information security is an important issue in modern world.
  • For this purpose many security models have been developed to enforce it. One of the most popular models is the Bell-LaPadula model.
  • All Information is not of the same priority level as another. Information’s like military confidential are matters of grave national importance and needs to be highly secured.
  • The different subjects (people or programs) have varying rights of access to objects (information)
  • E.g. In military, the documents can be categorized as Unclassified, ,confidential, secret, etc. Now different subjects (officers) have different access rights to this information based on the classification.
  • Such security enforcement is referred to as multilevel security. Bell-LaPadula is a form of multilevel security.
  • The general statement of the requirement for multilevel security is that a subject (e.g military-field marshal –the highest rank) at a high level may not convey information to a subject at a lower(e.g. subedar) or incompatible level unless that flow accurately reflects the will of an authorized user
  • This can be implemented using the Bell LaPadula Model, in which a multilevel secure system must enforce:
    • No read up (Simple Security Property):
      • a subject can only read/write an object if the current security level of the subject dominates (>=) the classification of the object
      • In simpler terms, a subject can only read an object of less or equal security level.
    • No write down: (*-property)
      • a subject can only append/write to an object if the current security level of the subject is dominated by (<=) the classification of the object
      • In simpler terms, a subject can only write into an object of greater or equal security level
    • Strong Star
    • The strong star property states that a subject that has read and write capabilities can only perform those at the same security level , nothing higher or nothing lower.
    • A subject to read and write to an object , clearance(security level of document) and classification(security level of officer) must be equal

Bell-LaPadula model has two major limitations:

  • It provides confidentiality only. (no integrity, authentication ,etc.)
  • It provides no method for management of classifications:
    • It assumes all data are assigned with a classification
    • It assumes that the data classification will never change.

enter image description here
ADD COMMENT EDIT
Please log in to add an answer.