Appendix B

Security Models

In this section we will be covering the popular security models listed below, with special attention given to how they apply to software security.

■ Confidentiality Models

¤ Bell-LaPadula (BLP)

■ Integrity Models

¤ Biba

¤ Clark and Wilson

■ Access Control Models

¤ Brewer and Nash

Bell-LaPadula (BLP) Confidentiality Model

If disclosure protection is the primary concern, one must consider the BLP confidentiality model in their software design. Bell-LaPadula is a confidentiality model which defines the notion of a secure state, i.e., access (read only, write only or read and write) to information is permitted ...

Get Official (ISC)2 Guide to the CSSLP CBK, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Official (ISC)2 Guide to the CSSLP CBK, 2nd Edition by Mano Paul

Appendix B

Security Models

Bell-LaPadula (BLP) Confidentiality Model

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly