1. Bell-La Padula Confidentiality Model:
Prevents unauthorised data flow through "no read up, no write down" policy.
2. BIBA Integrity Model:
Focuses on integrity by implementing "no read down, no write up" policy;
primarily addresses external threats and doesn't prevent covert channels.
3. Clark Wilson Integrity Model:
Ensures integrity by prohibiting unauthorized modifications,
maintaining internal and external consistency;
uses access triple (Subject, Program, Object),
Separation of Duty (SoD),
Constrained Data Item (CDI), Unconstrained Data Item (UDI),
Integrity Verification Procedure (IVP), and Transformation Procedures (TP).
4. Brewer and Nash Model (Chinese Wall Model):
Access control mechanisms vary based on user authorization,
creating barriers between sensitive information.
5. Graham Denning Model:
Implemented through an Access Control Matrix, where subjects can perform actions on objects, each object owner holds special rights, and each subject has a special rights-granting subject.
6. Take Grant Model:
Defines rules for transferring rights: "Take" allows a subject to take rights over an object, "Grant" permits a subject to grant rights to an object, "Create" enables the creation of new rights, and "Remove" allows a subject to eliminate its own rights.
No comments:
Post a Comment