5.3. Models of Security

In security and elsewhere, models are often used to describe, study, or analyze a particular situation or relationship. In particular, security models are used to

  • test a particular policy for completeness and consistency

  • document a policy

  • help conceptualize and design an implementation

  • check whether an implementation meets its requirements

We assume that some access control policy dictates whether a given user can access a particular object. We also assume that this policy is established outside any model.

That is, a policy decision determines whether a specific user should have access to a specific object; the model is only a mechanism that enforces that policy. Thus, we begin studying models by considering simple ways to ...

Get Security in Computing, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.