5.3. Models of Security
In security and elsewhere, models are often used to describe, study, or analyze a particular situation or relationship. In particular, security models are used to
test a particular policy for completeness and consistency
document a policy
help conceptualize and design an implementation
check whether an implementation meets its requirements
We assume that some access control policy dictates whether a given user can access a particular object. We also assume that this policy is established outside any model.
That is, a policy decision determines whether a specific user should have access to a specific object; the model is only a mechanism that enforces that policy. Thus, we begin studying models by considering simple ways to ...
Get Security in Computing, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
