Chapter 8
Hybrid Policies
JULIET: Come, vial.
What if this mixture do not work at all?
Shall I be marry’d then tomorrow morning?
No, no! this shall forbid it, lie thou there.
— The Tragedy of Romeo and Juliet, IV, iii, 20–22.
Few organizations limit their security objectives to confidentiality, integrity, or availability only; most desire all, in some mixture. This chapter presents two such models. The Chinese Wall model is derived from the British laws concerning conflict of interest. The Clinical Information Systems security model is derived from medical ethics and laws about dissemination of patient data. Break-the-glass models examine cases in which the planned access control must be overridden due to exceptional circumstances. Two other ...
Get Computer Security Art and Science, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
