Chapter 7. Hybrid Policies
JULIET: Come, vial.What if this mixture do not work at all?Shall I be marry'd then tomorrow morning?No, no! this shall forbid it, lie thou there.
|--The Tragedy of Romeo and Juliet, IV, iii, 20–22.|
Few organizations limit their security objectives to confidentiality or integrity only; most desire both, in some mixture. This chapter presents two such models. The Chinese Wall model is derived from the British laws concerning conflict of interest. The Clinical Information Systems security model is derived from medical ethics and laws about dissemination of patient data. Two other models present alternative views of information management. Originator controlled access control lets the creator determine (or assign) who should ...