Fundamental Concepts of Security Models - CISSP

Tom Olzak

18 Jul 202108:35

Summary

TLDRThis lesson covers foundational security models crucial for protecting data confidentiality and integrity. Unlike practical frameworks, these theoretical models aid in understanding security without delving into system complexities. Key models discussed include the Bell-LaPadula model, which emphasizes confidentiality with rules preventing unauthorized data access, and the Biba integrity model, focusing on data accuracy and usability. The Clark-Wilson model enforces data integrity through change audits and separation of duties, while the Brewer-Nash model addresses ethical conflicts in information handling. Understanding these models is essential for building a strong security skills foundation.

Takeaways

📚 Security models are foundational for protecting data confidentiality and integrity, though often theoretical and seen in textbooks.
🔍 Unlike frameworks, security models do not provide specific control areas across systems, allowing for system analysis without complexity.
🧮 Formal models involve mathematical analysis, while informal models do not require mathematical proofs.
🎓 Understanding security models is essential for CISSP exams and building a strong foundation for security professionals.
🔒 Models from military origins focus on confidentiality, while commercial models prioritize data accuracy and integrity.
📊 The finite state machine model assesses confidentiality, integrity, and availability in different states, while the lattice model assigns security levels to subjects and resources.
📜 The Bell-LaPadula model is a lattice model with three rules: simple security property (no read up), star property (no write down), and discretionary security property (access control matrix).
🔐 The Biba integrity model focuses on data accuracy and has two axioms: simple integrity (no read down) and star integrity (no write up).
🧩 The Clark-Wilson model requires maintaining data integrity through audit trails, integrity checks, and separation of duties to prevent fraud and mistakes.
⚖️ The Brewer-Nash model prevents conflicts of interest by restricting access to sensitive information across competing organizations.

Q & A

What is the primary focus of security models?
-Security models help us understand how to protect data confidentiality and integrity.
How do security models differ from frameworks?
-Unlike frameworks, security models do not provide specific areas of control across entire systems, enabling system analysis without the complexity of including all system details.
What are the two types of security models?
-Security models can be formal or informal. Formal models limit themselves to mathematical analysis, while informal models provide for assessments without mathematical proofs.
Why is it important to understand security models for the CISSP exam?
-Understanding security models helps build a strong skills foundation for security professionals, even though these models are not often discussed in risk assessments or other security design and management activities.
What is the main focus of models developed from military origin?
-Models of military origin focus on confidentiality.
What is the main focus of models developed from commercial origin?
-Models of commercial origin tend to focus on the accuracy and usability of the protected data or its integrity.
What are the two common components of security models?
-The two common components of security models are finite state machine and lattice.
What is the Bell-La Padula model known for?
-The Bell-La Padula model is known for specifying three rules: simple security property, star property, and discretionary security property, and it closely applies to mandatory access controls used by the government and the military.
How does the Biba integrity model protect data?
-The Biba integrity model consists of two axioms: simple integrity and star integrity. It protects data by denying read down and write up, ensuring that information of a lesser security level cannot compromise sensitive information.
What does the Clark-Wilson model require to maintain data integrity?
-The Clark-Wilson model requires that a subject can only make changes that maintain data integrity, which includes maintaining an audit trail of all changes and implementing integrity checking procedures where possible.
What is the purpose of the Brewer-Nash model?
-The Brewer-Nash model is concerned with the ethical handling of information and intends to prevent users with access to certain objects from accessing other objects that may cause a conflict of interest.
Can you provide an example of how a conflict of interest might arise according to the Brewer-Nash model?
-An example of a conflict of interest is when a consultant, Adam, has access to company data sets from Acme Widgets and is then asked to consult for Beta Widgets, a competitor. The Brewer-Nash model would prevent Adam from accessing both sets of data to avoid any potential conflict of interest.