Saturday, January 11, 2014

Biba’s Model

      Similar to Bell-LaPadula model

           s Î S can read o Î O iff i(s) ¡Â i(o)

           s Î S can write to o Î O iff i(o) ¡Â i(s)

           s1 Î S can execute s2 Î S iff i(s2) ¡Â i(s1)

      Add compartments and discretionary controls to get full dual of Bell-LaPadula model

      Information flow result holds

          Different proof, though

      Actually the “strict integrity model” of Biba’s set of models

LOCUS and Biba

      Goal: prevent untrusted software from altering data or other software

      Approach: make levels of trust explicit

    credibility rating based on estimate of software’s trustworthiness (0 untrusted, n highly trusted)

    trusted file systems contain software with a single credibility level

    Process has risk level or highest credibility level at which process can execute


    Must use run-untrusted command to run software at lower credibility level

at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)