SlideShare a Scribd company logo

Lecture #7: Bell Lapdula and Biba Model of Multilevel Security

D
Dr. Ramchandra Mangrulkar

Module 1: Advanced System Security and Digital Forensics

Engineering
1 of 27
Download to read offline
Lecture #7: Bell Lapdula Model and Biba Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai August 14, 2020 Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 1 / 27
Multilevel Security Models Bell La Padula Model Biba Model Chinese Wall Model Clark-Wilson Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 2 / 27
Bell LaPadula Model David Bell, Len Lapadula, DoD, TCSEC An abstract model intended to control information flow Prevent unauthorized disclosure of information Objects have a security level (e.g., unclassified, classified, secret, top secret) Security levels are arranged in Linear order Subjects (think: principals, processes) have a level Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 3 / 27
Bell LaPadula Model : An Institute Example Security Level Subject Object TOP SECRET PRINCIPAL AICTE FILE SECRET HOD & FACULTY ANSWER SHEETS CONFIDENTIAL STUDENT, T.ASSISTANT ASSIGNMENTS UNCLASSIFIED DAILY-WAGES BILLS, RECEIPTS Table 1: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 4 / 27
Bell LaPadula Model Figure 1: Information Flow 1 Information Flow “UP”not “DOWN” “No Read up”and “No Write Down” 1www.cs.utexas.edu/~byoung/cs361 Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 5 / 27
Reading Information Figure 2: Reading Information 2 2http://nob.cs.ucdavis.edu/ Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 6 / 27
Simple-Security Property The Simple-Security Property: Subject S with clearance (LS , CS ) may be granted read access to object O with classification (LO, CO) only if (LS , CS ) dominates (LO, CO). OR Subject S with clearance (LS , CS ) may be granted read access to object O with classification (LO, CO) only if (LS , CS ) ! (LO; CO): LX Security Level Subject Object 4 Top Secret PRINCIPAL AICTE FILE 3 Secret HOD, FACULTY 2 Confidential STUDENT & T.ASSISTANT 1 Unclassified DAILYWAGES Table 2: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 7 / 27
Simple-Security Property HOD Trying to READ file Available with PRINCIPAL Level (PRINCIPAL) = 4, LS = L(PRINCIPAL) = 4; CS = C(PRINCIPAL) = 4; Level (HOD) = 3, LS = L(HOD) = 3; CS = C(HOD) = 3; Object = AICTE FILE belongs to PRINCIPAL LO=4,CO=4 (LS,CS) = (3,3) & (LO,CO) = (4,4) (LS,CS) ! (LO; CO)     FALSE i.e. (3,3) ! (4; 4)     FALSE READS UP - DISALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 8 / 27
Simple-Security Property LX Security Level Subject Object 4 Top Secret PRINCIPAL 3 Secret HOD, FACULTY 2 Confidential STUDENT & T.ASSISTANT ASSIGNMENT 1 Unclassified DAILYWAGES Table 3: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 9 / 27
Simple-Security Property FACULTY Trying to READ ASSIGNMENTS of STUDENTS Level (FACULTY) = 3, LS = L(FACULTY) = 3; CS = C(FACULTY) = 3; Level (STUDENTS) = 2, LS = L(STUDENT) = 2; CS = C(STUDENT) = 2; Object = ASSIGNMENT belongs to STUDENT LO=2,CO=2 (LS,CS) = (3,3) & (LO,CO) = (2,2) (LS,CS) ! (LO; CO)     TRUE i.e. (3,3) ! (2; 2)     TRUE READS DOWN - ALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 10 / 27
Figure 3: READS DOWN-ALLOWED Figure 4: READS UP - DISALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 11 / 27
Figure 5: Writing Information 3 3http://nob.cs.ucdavis.edu/ Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 12 / 27
The *-Property The *-Property: Subject S with clearance (LS , CS ) may be granted write access to object O with classification (LO, CO) only if (LS , CS ) (LO; CO): Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 13 / 27
*- Property LX Security Level Subject Object 4 Top Secret PRINCIPAL 3 Secret HOD, FACULTY ANSWER-SHEETS 2 Confidential STUDENT & T.ASSISTANT 1 Unclassified DAILYWAGES Table 4: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 14 / 27
*- Property STUDENTS Trying to WRITE ANSWER-SHEETS DISCTRIBUTED by FACULTY Level (FACULTY) = 3, LS = L(FACULTY) = 3; CS = C(FACULTY) = 3; Level (STUDENTS) = 2, LS = L(STUDENT) = 2; CS = C(STUDENT) = 2; Object = ANSWER-SHEETS belongs to FACULTY LO=3,CO=3 (LS,CS) = (2,2) & (LO,CO) = (3,3) (LS,CS) (LO; CO)     TRUE i.e. (2,2) (3; 3)     TRUE HENCE, WRITE UP ALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 15 / 27
*- Property LX Security Level Subject Object 4 Top Secret PRINCIPAL 3 Secret HOD, FACULTY 2 Confidential STUDENT & T.ASSISTANT ASSIGNMENT 1 Unclassified DAILYWAGES Table 5: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 16 / 27
Simple-Security Property FACULTY Trying to WRITE Assignment of STUDENT Level (FACULTY) = 3, LS = L(FACULTY) = 3; CS = C(FACULTY) = 3; Level (STUDENTS) = 2, LS = L(STUDENT) = 2; CS = C(STUDENT) = 2; Object = ASSIGNMENT belongs to STUDENT LO=2,CO=2 (LS,CS) = (3,3) & (LO,CO) = (2,2) (LS,CS) (LO; CO)     TRUE i.e. (3,3) (2; 2)     TRUE HENCE, WRITE DOWN DISALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 17 / 27
Bell Lapdula Model : No Read Up, No Write Down Figure 6: Bell Lapdula Model : No Read Up, No Write Down 4 4https://www.ktunotes.in/wp-content Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 18 / 27
Bell Lapdula Model : No Read Up, No Write Down Figure 7: Bell Lapdula Model : No Read Up, No Write Down 5 5https://www.ktunotes.in/wp-content Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 19 / 27
Open Questions Design suitable hierarchy and demonstrate the working of Bell-Lapdula Model 1 : HR at office writes remarks on file available with Principal. 2 : HODs putting their remarks on Students Journal Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 20 / 27
BIBA MODEL The Bell-LaPadula model was designed strictly to address confidentiality. The Biba model is a similar multi-level security model that is designed to address data integrity. With confidentiality, we were primarily interested with who could read the data and ensuring that nobody at a lower classification level was able to access the data. With integrity, we are primarily concerned with imposing constraints on who can write data and ensuring that a lower-integrity subject cannot write or modify higher-integrity data. Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 21 / 27
Biba Model Objects and users are assigned integrity levels that form a partial order, similar to the BLP model. The integrity levels in the Biba model indicate degrees of trustworthiness, or accuracy, for objects and users. e.g. a file stored on a machine in a closely monitored data center would be assigned a higher integrity level than a file stored on a laptop In general, a data-center computer is less likely to be compromised than a random laptop computer. e.g.when it comes to users, a senior employee with years of experience would have a higher integrity level than an intern. Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 22 / 27
The Biba Model : The Simple Integrity Property: The access-control rules for Biba are the reverse of those for BLP. Biba does not allow reading from lower levels and writing to upper levels. If we let I(S) denote the integrity level of a Subject S and I(O) denote the integrity level for an object, O, we have the The Simple Integrity Property: A Subject S can read an Object O only if I(S) I(O): i.e A subject cannot read an object from a lower integrity level. This ensures that subjects will not be corrupted with information from objects at a lower integrity level. For example, a process will not read a system configuration file created by a lower-integrity-level process. Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 23 / 27
The Biba Model : The *-property (Star Property) The *-property (Star Property): A Subject S can write (create, edit or append to) an Object O only if I(S) I(O): A subject cannot write to an object of a higher integrity level. This means that lower-integrity subjects will not corrupt objects at a higher integrity level. For example, A web browser may not write a system configuration file. Biba rules express the principle that information can only flow down, going from higher integrity levels to lower integrity levels. Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 24 / 27
The Biba Model Example Figure 8: The Biba Model Example 6 6https://www.researchgate.net/ Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 25 / 27
The Biba Model Example Figure 9: The Biba Model Example 7 7https://www.researchgate.net/ Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 26 / 27
Workling Example Microsoft implemented support for the Biba model in Windows with their Mandatory Integrity Control. File objects are marked with an integrity level: -Critical files: System -Regular users and objects: Medium -Elevated users: High] -Internet Explorer: Low Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 27 / 27

Recommended

Lecture #8: Clark-Wilson & Chinese Wall Model for Multilevel Security
Lecture #8: Clark-Wilson & Chinese Wall Model for Multilevel SecurityLecture #8: Clark-Wilson & Chinese Wall Model for Multilevel Security
Lecture #8: Clark-Wilson & Chinese Wall Model for Multilevel SecurityDr. Ramchandra Mangrulkar
 
Information Security and the SDLC
Information Security and the SDLCInformation Security and the SDLC
Information Security and the SDLCBDPA Charlotte - Information Technology Thought Leaders
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA AlgorithmSrinadh Muvva
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
Security services
Security servicesSecurity services
Security servicesGayan Geethanjana
 
Security in Cyber-Physical Systems
Security in Cyber-Physical SystemsSecurity in Cyber-Physical Systems
Security in Cyber-Physical SystemsBob Marcus
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Tcp/ip server sockets
Tcp/ip server socketsTcp/ip server sockets
Tcp/ip server socketsrajshreemuthiah
 

Recommended

Lecture #8: Clark-Wilson & Chinese Wall Model for Multilevel Security
Lecture #8: Clark-Wilson & Chinese Wall Model for Multilevel SecurityLecture #8: Clark-Wilson & Chinese Wall Model for Multilevel Security
Lecture #8: Clark-Wilson & Chinese Wall Model for Multilevel SecurityDr. Ramchandra Mangrulkar
 
Information Security and the SDLC
Information Security and the SDLCInformation Security and the SDLC
Information Security and the SDLCBDPA Charlotte - Information Technology Thought Leaders
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA AlgorithmSrinadh Muvva
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
Security services
Security servicesSecurity services
Security servicesGayan Geethanjana
 
Security in Cyber-Physical Systems
Security in Cyber-Physical SystemsSecurity in Cyber-Physical Systems
Security in Cyber-Physical SystemsBob Marcus
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Tcp/ip server sockets
Tcp/ip server socketsTcp/ip server sockets
Tcp/ip server socketsrajshreemuthiah
 
Access Controls
Access ControlsAccess Controls
Access Controlsprimeteacher32
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
The security sdlc
The security sdlcThe security sdlc
The security sdlcMohamed Siraj
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
Basic of SSDLC
Basic of SSDLCBasic of SSDLC
Basic of SSDLCChitpong Wuttanan
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2MLG College of Learning, Inc
 
Cryptographic algorithms
Cryptographic algorithmsCryptographic algorithms
Cryptographic algorithmsAnamika Singh
 
computer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationcomputer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationAlex Punnen
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System SecurityAdel Barkam
 
Embedded Systems Security
Embedded Systems Security Embedded Systems Security
Embedded Systems Security Malachi Jones
 
INFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfINFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfEarlvonDeiparine1
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithmArpana shree
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAltacit Global
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3 WE-IT TUTORIALS
 
Metadata Cloud
Metadata CloudMetadata Cloud
Metadata CloudNorm Friesen
 
Keyword-based Search and Exploration on Databases (SIGMOD 2011)
Keyword-based Search and Exploration on Databases (SIGMOD 2011)Keyword-based Search and Exploration on Databases (SIGMOD 2011)
Keyword-based Search and Exploration on Databases (SIGMOD 2011)weiw_oz
 

More Related Content

What's hot

User authentication
User authenticationUser authentication
User authenticationCAS
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Securityvishnukp34
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2MLG College of Learning, Inc
 
Cryptographic algorithms
Cryptographic algorithmsCryptographic algorithms
Cryptographic algorithmsAnamika Singh
 
computer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationcomputer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationAlex Punnen
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notesgangadhar9989166446
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System SecurityAdel Barkam
 
Embedded Systems Security
Embedded Systems Security Embedded Systems Security
Embedded Systems Security Malachi Jones
 
INFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfINFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfEarlvonDeiparine1
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3 WE-IT TUTORIALS
 

What's hot (20)

Access Controls
Access ControlsAccess Controls
Access Controls
 
User authentication
User authenticationUser authentication
User authentication
 
The security sdlc
The security sdlcThe security sdlc
The security sdlc
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
 
Basic of SSDLC
Basic of SSDLCBasic of SSDLC
Basic of SSDLC
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2
 
Cryptographic algorithms
Cryptographic algorithmsCryptographic algorithms
Cryptographic algorithms
 
computer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentationcomputer-security-and-cryptography-a-simple-presentation
computer-security-and-cryptography-a-simple-presentation
 
Network security & cryptography full notes
Network security & cryptography full notesNetwork security & cryptography full notes
Network security & cryptography full notes
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System Security
 
Embedded Systems Security
Embedded Systems Security Embedded Systems Security
Embedded Systems Security
 
INFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfINFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdf
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architecture
 
RSA algorithm
RSA algorithmRSA algorithm
RSA algorithm
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication Codes
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
 

Similar to Lecture #7: Bell Lapdula and Biba Model of Multilevel Security

Keyword-based Search and Exploration on Databases (SIGMOD 2011)
Keyword-based Search and Exploration on Databases (SIGMOD 2011)Keyword-based Search and Exploration on Databases (SIGMOD 2011)
Keyword-based Search and Exploration on Databases (SIGMOD 2011)weiw_oz
 
Course-Plan-Object Oriented Concept (18CS45)1.pdf
Course-Plan-Object Oriented Concept (18CS45)1.pdfCourse-Plan-Object Oriented Concept (18CS45)1.pdf
Course-Plan-Object Oriented Concept (18CS45)1.pdfabhijit.tec
 
CO PO MAPPING CO3I DMS 22319
CO PO MAPPING CO3I DMS 22319CO PO MAPPING CO3I DMS 22319
CO PO MAPPING CO3I DMS 22319ARVIND SARDAR
 
CO PO MAPPING CO3I DMS 22319
CO PO MAPPING CO3I DMS 22319CO PO MAPPING CO3I DMS 22319
CO PO MAPPING CO3I DMS 22319ARVIND SARDAR
 
Crash Course in Objective-C
Crash Course in Objective-CCrash Course in Objective-C
Crash Course in Objective-CStephen Gilmore
 
Object oriented programming using java
Object oriented programming using javaObject oriented programming using java
Object oriented programming using javashrutisrivastava5021
 
Object oriented programming
Object oriented programmingObject oriented programming
Object oriented programmingsana younas
 
Unit No. 1 Introduction to Java.pptx
Unit No. 1 Introduction to Java.pptxUnit No. 1 Introduction to Java.pptx
Unit No. 1 Introduction to Java.pptxDrYogeshDeshmukh1
 
JAVA design patterns and Basic OOp concepts
JAVA design patterns and Basic OOp conceptsJAVA design patterns and Basic OOp concepts
JAVA design patterns and Basic OOp conceptsRahul Malhotra
 
Ios fundamentals with ObjectiveC
Ios fundamentals with ObjectiveCIos fundamentals with ObjectiveC
Ios fundamentals with ObjectiveCMadusha Perera
 
WCLOUDVIZ: Word Cloud Visualization of Indonesian News Articles Classificatio...
WCLOUDVIZ: Word Cloud Visualization of Indonesian News Articles Classificatio...WCLOUDVIZ: Word Cloud Visualization of Indonesian News Articles Classificatio...
WCLOUDVIZ: Word Cloud Visualization of Indonesian News Articles Classificatio...TELKOMNIKA JOURNAL
 
SURVEY ON MONGODB: AN OPEN-SOURCE DOCUMENT DATABASE
SURVEY ON MONGODB: AN OPEN-SOURCE DOCUMENT DATABASESURVEY ON MONGODB: AN OPEN-SOURCE DOCUMENT DATABASE
SURVEY ON MONGODB: AN OPEN-SOURCE DOCUMENT DATABASEIAEME Publication
 
Code Documentation. That ugly thing...
Code Documentation. That ugly thing...Code Documentation. That ugly thing...
Code Documentation. That ugly thing...Christos Manios
 

Similar to Lecture #7: Bell Lapdula and Biba Model of Multilevel Security (20)

Metadata Cloud
Metadata CloudMetadata Cloud
Metadata Cloud
 
Keyword-based Search and Exploration on Databases (SIGMOD 2011)
Keyword-based Search and Exploration on Databases (SIGMOD 2011)Keyword-based Search and Exploration on Databases (SIGMOD 2011)
Keyword-based Search and Exploration on Databases (SIGMOD 2011)
 
Course-Plan-Object Oriented Concept (18CS45)1.pdf
Course-Plan-Object Oriented Concept (18CS45)1.pdfCourse-Plan-Object Oriented Concept (18CS45)1.pdf
Course-Plan-Object Oriented Concept (18CS45)1.pdf
 
opps.pptx
opps.pptxopps.pptx
opps.pptx
 
CO PO MAPPING CO3I DMS 22319
CO PO MAPPING CO3I DMS 22319CO PO MAPPING CO3I DMS 22319
CO PO MAPPING CO3I DMS 22319
 
CO PO MAPPING CO3I DMS 22319
CO PO MAPPING CO3I DMS 22319CO PO MAPPING CO3I DMS 22319
CO PO MAPPING CO3I DMS 22319
 
Crash Course in Objective-C
Crash Course in Objective-CCrash Course in Objective-C
Crash Course in Objective-C
 
Object oriented programming using java
Object oriented programming using javaObject oriented programming using java
Object oriented programming using java
 
Java Software
Java Software Java Software
Java Software
 
Object oriented programming
Object oriented programmingObject oriented programming
Object oriented programming
 
Unit No. 1 Introduction to Java.pptx
Unit No. 1 Introduction to Java.pptxUnit No. 1 Introduction to Java.pptx
Unit No. 1 Introduction to Java.pptx
 
JAVA design patterns and Basic OOp concepts
JAVA design patterns and Basic OOp conceptsJAVA design patterns and Basic OOp concepts
JAVA design patterns and Basic OOp concepts
 
2 rel-algebra
2 rel-algebra2 rel-algebra
2 rel-algebra
 
Ah java-ppt2
Ah java-ppt2Ah java-ppt2
Ah java-ppt2
 
KCS-501-3.pdf
KCS-501-3.pdfKCS-501-3.pdf
KCS-501-3.pdf
 
Ch2
Ch2Ch2
Ch2
 
Ios fundamentals with ObjectiveC
Ios fundamentals with ObjectiveCIos fundamentals with ObjectiveC
Ios fundamentals with ObjectiveC
 
WCLOUDVIZ: Word Cloud Visualization of Indonesian News Articles Classificatio...
WCLOUDVIZ: Word Cloud Visualization of Indonesian News Articles Classificatio...WCLOUDVIZ: Word Cloud Visualization of Indonesian News Articles Classificatio...
WCLOUDVIZ: Word Cloud Visualization of Indonesian News Articles Classificatio...
 
SURVEY ON MONGODB: AN OPEN-SOURCE DOCUMENT DATABASE
SURVEY ON MONGODB: AN OPEN-SOURCE DOCUMENT DATABASESURVEY ON MONGODB: AN OPEN-SOURCE DOCUMENT DATABASE
SURVEY ON MONGODB: AN OPEN-SOURCE DOCUMENT DATABASE
 
Code Documentation. That ugly thing...
Code Documentation. That ugly thing...Code Documentation. That ugly thing...
Code Documentation. That ugly thing...
 

More from Dr. Ramchandra Mangrulkar

Manuscript Preparation using Latex: A Cloud Based Approach(Overleaf)
Manuscript Preparation using Latex: A Cloud Based Approach(Overleaf)Manuscript Preparation using Latex: A Cloud Based Approach(Overleaf)
Manuscript Preparation using Latex: A Cloud Based Approach(Overleaf)Dr. Ramchandra Mangrulkar
 
Lecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingLecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingDr. Ramchandra Mangrulkar
 
Lecture #24 : Cross Site Request Forgery (CSRF)
Lecture #24 : Cross Site Request Forgery (CSRF)Lecture #24 : Cross Site Request Forgery (CSRF)
Lecture #24 : Cross Site Request Forgery (CSRF)Dr. Ramchandra Mangrulkar
 
Lecture #18 - #20: Web Browser and Web Application Security
Lecture #18 - #20: Web Browser and Web Application SecurityLecture #18 - #20: Web Browser and Web Application Security
Lecture #18 - #20: Web Browser and Web Application SecurityDr. Ramchandra Mangrulkar
 
Lecture #15: Buffer Overflow Attack (Non Malicious Attack)
Lecture #15: Buffer Overflow Attack (Non Malicious Attack)Lecture #15: Buffer Overflow Attack (Non Malicious Attack)
Lecture #15: Buffer Overflow Attack (Non Malicious Attack)Dr. Ramchandra Mangrulkar
 
Lecture # 14: Salami and Linearization Attacks
Lecture # 14: Salami and Linearization Attacks Lecture # 14: Salami and Linearization Attacks
Lecture # 14: Salami and Linearization Attacks Dr. Ramchandra Mangrulkar
 
Lecture #12,#13 : Program and OS Security -Part I
Lecture #12,#13 : Program and OS Security -Part ILecture #12,#13 : Program and OS Security -Part I
Lecture #12,#13 : Program and OS Security -Part IDr. Ramchandra Mangrulkar
 
Lecture #9 : Single Sign on and Federation Identity Management
Lecture #9 : Single Sign on and Federation Identity ManagementLecture #9 : Single Sign on and Federation Identity Management
Lecture #9 : Single Sign on and Federation Identity ManagementDr. Ramchandra Mangrulkar
 

More from Dr. Ramchandra Mangrulkar (20)

Blockchain#2.pdf
Blockchain#2.pdfBlockchain#2.pdf
Blockchain#2.pdf
 
Blockchain#1.pdf
Blockchain#1.pdfBlockchain#1.pdf
Blockchain#1.pdf
 
Blockchain#3.pdf
Blockchain#3.pdfBlockchain#3.pdf
Blockchain#3.pdf
 
Manuscript Preparation using Latex: A Cloud Based Approach(Overleaf)
Manuscript Preparation using Latex: A Cloud Based Approach(Overleaf)Manuscript Preparation using Latex: A Cloud Based Approach(Overleaf)
Manuscript Preparation using Latex: A Cloud Based Approach(Overleaf)
 
Lecture #32: Forensic Duplication
Lecture #32: Forensic DuplicationLecture #32: Forensic Duplication
Lecture #32: Forensic Duplication
 
Lecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Lecture #32: Digital Forensics : Evidence Handling, Validation and ReportingLecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
Lecture #32: Digital Forensics : Evidence Handling, Validation and Reporting
 
LEcture #28-#30
LEcture #28-#30LEcture #28-#30
LEcture #28-#30
 
Lecture #31 : Windows Forensics
Lecture #31 : Windows ForensicsLecture #31 : Windows Forensics
Lecture #31 : Windows Forensics
 
Lecture #25 : Oauth 2.0
Lecture #25 : Oauth 2.0Lecture #25 : Oauth 2.0
Lecture #25 : Oauth 2.0
 
Lecture #24 : Cross Site Request Forgery (CSRF)
Lecture #24 : Cross Site Request Forgery (CSRF)Lecture #24 : Cross Site Request Forgery (CSRF)
Lecture #24 : Cross Site Request Forgery (CSRF)
 
Lecture #22: Web Privacy & Security Breach
Lecture #22: Web Privacy & Security BreachLecture #22: Web Privacy & Security Breach
Lecture #22: Web Privacy & Security Breach
 
Lecture #22 : Web Privacy & Security Breach
Lecture #22 : Web Privacy & Security BreachLecture #22 : Web Privacy & Security Breach
Lecture #22 : Web Privacy & Security Breach
 
Lecture #21: HTTPS , SSL & TLS
Lecture #21: HTTPS , SSL & TLSLecture #21: HTTPS , SSL & TLS
Lecture #21: HTTPS , SSL & TLS
 
Lecture #18 - #20: Web Browser and Web Application Security
Lecture #18 - #20: Web Browser and Web Application SecurityLecture #18 - #20: Web Browser and Web Application Security
Lecture #18 - #20: Web Browser and Web Application Security
 
Lecture #15: Buffer Overflow Attack (Non Malicious Attack)
Lecture #15: Buffer Overflow Attack (Non Malicious Attack)Lecture #15: Buffer Overflow Attack (Non Malicious Attack)
Lecture #15: Buffer Overflow Attack (Non Malicious Attack)
 
Lecture # 14: Salami and Linearization Attacks
Lecture # 14: Salami and Linearization Attacks Lecture # 14: Salami and Linearization Attacks
Lecture # 14: Salami and Linearization Attacks
 
Lecture #12,#13 : Program and OS Security -Part I
Lecture #12,#13 : Program and OS Security -Part ILecture #12,#13 : Program and OS Security -Part I
Lecture #12,#13 : Program and OS Security -Part I
 
Lecture #9 : Single Sign on and Federation Identity Management
Lecture #9 : Single Sign on and Federation Identity ManagementLecture #9 : Single Sign on and Federation Identity Management
Lecture #9 : Single Sign on and Federation Identity Management
 
Lecture #6: Multilevel Security Models
Lecture #6: Multilevel Security ModelsLecture #6: Multilevel Security Models
Lecture #6: Multilevel Security Models
 
Lecture #4: Access Control Policies
Lecture #4: Access Control PoliciesLecture #4: Access Control Policies
Lecture #4: Access Control Policies
 

Recently uploaded

OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Satyam Kumar
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxKartikeyaDwivedi3
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 

Recently uploaded (20)

OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .Churning of Butter, Factors affecting .
Churning of Butter, Factors affecting .
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
POWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examplesPOWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examples
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptx
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 

Lecture #7: Bell Lapdula and Biba Model of Multilevel Security

  • 1. Lecture #7: Bell Lapdula Model and Biba Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai August 14, 2020 Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 1 / 27
  • 2. Multilevel Security Models Bell La Padula Model Biba Model Chinese Wall Model Clark-Wilson Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 2 / 27
  • 3. Bell LaPadula Model David Bell, Len Lapadula, DoD, TCSEC An abstract model intended to control information flow Prevent unauthorized disclosure of information Objects have a security level (e.g., unclassified, classified, secret, top secret) Security levels are arranged in Linear order Subjects (think: principals, processes) have a level Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 3 / 27
  • 4. Bell LaPadula Model : An Institute Example Security Level Subject Object TOP SECRET PRINCIPAL AICTE FILE SECRET HOD & FACULTY ANSWER SHEETS CONFIDENTIAL STUDENT, T.ASSISTANT ASSIGNMENTS UNCLASSIFIED DAILY-WAGES BILLS, RECEIPTS Table 1: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 4 / 27
  • 5. Bell LaPadula Model Figure 1: Information Flow 1 Information Flow “UP”not “DOWN” “No Read up”and “No Write Down” 1www.cs.utexas.edu/~byoung/cs361 Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 5 / 27
  • 6. Reading Information Figure 2: Reading Information 2 2http://nob.cs.ucdavis.edu/ Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 6 / 27
  • 7. Simple-Security Property The Simple-Security Property: Subject S with clearance (LS , CS ) may be granted read access to object O with classification (LO, CO) only if (LS , CS ) dominates (LO, CO). OR Subject S with clearance (LS , CS ) may be granted read access to object O with classification (LO, CO) only if (LS , CS ) ! (LO; CO): LX Security Level Subject Object 4 Top Secret PRINCIPAL AICTE FILE 3 Secret HOD, FACULTY 2 Confidential STUDENT & T.ASSISTANT 1 Unclassified DAILYWAGES Table 2: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 7 / 27
  • 8. Simple-Security Property HOD Trying to READ file Available with PRINCIPAL Level (PRINCIPAL) = 4, LS = L(PRINCIPAL) = 4; CS = C(PRINCIPAL) = 4; Level (HOD) = 3, LS = L(HOD) = 3; CS = C(HOD) = 3; Object = AICTE FILE belongs to PRINCIPAL LO=4,CO=4 (LS,CS) = (3,3) & (LO,CO) = (4,4) (LS,CS) ! (LO; CO)     FALSE i.e. (3,3) ! (4; 4)     FALSE READS UP - DISALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 8 / 27
  • 9. Simple-Security Property LX Security Level Subject Object 4 Top Secret PRINCIPAL 3 Secret HOD, FACULTY 2 Confidential STUDENT & T.ASSISTANT ASSIGNMENT 1 Unclassified DAILYWAGES Table 3: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 9 / 27
  • 10. Simple-Security Property FACULTY Trying to READ ASSIGNMENTS of STUDENTS Level (FACULTY) = 3, LS = L(FACULTY) = 3; CS = C(FACULTY) = 3; Level (STUDENTS) = 2, LS = L(STUDENT) = 2; CS = C(STUDENT) = 2; Object = ASSIGNMENT belongs to STUDENT LO=2,CO=2 (LS,CS) = (3,3) & (LO,CO) = (2,2) (LS,CS) ! (LO; CO)     TRUE i.e. (3,3) ! (2; 2)     TRUE READS DOWN - ALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 10 / 27
  • 11. Figure 3: READS DOWN-ALLOWED Figure 4: READS UP - DISALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 11 / 27
  • 12. Figure 5: Writing Information 3 3http://nob.cs.ucdavis.edu/ Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 12 / 27
  • 13. The *-Property The *-Property: Subject S with clearance (LS , CS ) may be granted write access to object O with classification (LO, CO) only if (LS , CS ) (LO; CO): Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 13 / 27
  • 14. *- Property LX Security Level Subject Object 4 Top Secret PRINCIPAL 3 Secret HOD, FACULTY ANSWER-SHEETS 2 Confidential STUDENT & T.ASSISTANT 1 Unclassified DAILYWAGES Table 4: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 14 / 27
  • 15. *- Property STUDENTS Trying to WRITE ANSWER-SHEETS DISCTRIBUTED by FACULTY Level (FACULTY) = 3, LS = L(FACULTY) = 3; CS = C(FACULTY) = 3; Level (STUDENTS) = 2, LS = L(STUDENT) = 2; CS = C(STUDENT) = 2; Object = ANSWER-SHEETS belongs to FACULTY LO=3,CO=3 (LS,CS) = (2,2) & (LO,CO) = (3,3) (LS,CS) (LO; CO)     TRUE i.e. (2,2) (3; 3)     TRUE HENCE, WRITE UP ALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 15 / 27
  • 16. *- Property LX Security Level Subject Object 4 Top Secret PRINCIPAL 3 Secret HOD, FACULTY 2 Confidential STUDENT & T.ASSISTANT ASSIGNMENT 1 Unclassified DAILYWAGES Table 5: Example: Simple Bell Lapdula Model Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 16 / 27
  • 17. Simple-Security Property FACULTY Trying to WRITE Assignment of STUDENT Level (FACULTY) = 3, LS = L(FACULTY) = 3; CS = C(FACULTY) = 3; Level (STUDENTS) = 2, LS = L(STUDENT) = 2; CS = C(STUDENT) = 2; Object = ASSIGNMENT belongs to STUDENT LO=2,CO=2 (LS,CS) = (3,3) & (LO,CO) = (2,2) (LS,CS) (LO; CO)     TRUE i.e. (3,3) (2; 2)     TRUE HENCE, WRITE DOWN DISALLOWED Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 17 / 27
  • 18. Bell Lapdula Model : No Read Up, No Write Down Figure 6: Bell Lapdula Model : No Read Up, No Write Down 4 4https://www.ktunotes.in/wp-content Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 18 / 27
  • 19. Bell Lapdula Model : No Read Up, No Write Down Figure 7: Bell Lapdula Model : No Read Up, No Write Down 5 5https://www.ktunotes.in/wp-content Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 19 / 27
  • 20. Open Questions Design suitable hierarchy and demonstrate the working of Bell-Lapdula Model 1 : HR at office writes remarks on file available with Principal. 2 : HODs putting their remarks on Students Journal Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 20 / 27
  • 21. BIBA MODEL The Bell-LaPadula model was designed strictly to address confidentiality. The Biba model is a similar multi-level security model that is designed to address data integrity. With confidentiality, we were primarily interested with who could read the data and ensuring that nobody at a lower classification level was able to access the data. With integrity, we are primarily concerned with imposing constraints on who can write data and ensuring that a lower-integrity subject cannot write or modify higher-integrity data. Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 21 / 27
  • 22. Biba Model Objects and users are assigned integrity levels that form a partial order, similar to the BLP model. The integrity levels in the Biba model indicate degrees of trustworthiness, or accuracy, for objects and users. e.g. a file stored on a machine in a closely monitored data center would be assigned a higher integrity level than a file stored on a laptop In general, a data-center computer is less likely to be compromised than a random laptop computer. e.g.when it comes to users, a senior employee with years of experience would have a higher integrity level than an intern. Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 22 / 27
  • 23. The Biba Model : The Simple Integrity Property: The access-control rules for Biba are the reverse of those for BLP. Biba does not allow reading from lower levels and writing to upper levels. If we let I(S) denote the integrity level of a Subject S and I(O) denote the integrity level for an object, O, we have the The Simple Integrity Property: A Subject S can read an Object O only if I(S) I(O): i.e A subject cannot read an object from a lower integrity level. This ensures that subjects will not be corrupted with information from objects at a lower integrity level. For example, a process will not read a system configuration file created by a lower-integrity-level process. Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 23 / 27
  • 24. The Biba Model : The *-property (Star Property) The *-property (Star Property): A Subject S can write (create, edit or append to) an Object O only if I(S) I(O): A subject cannot write to an object of a higher integrity level. This means that lower-integrity subjects will not corrupt objects at a higher integrity level. For example, A web browser may not write a system configuration file. Biba rules express the principle that information can only flow down, going from higher integrity levels to lower integrity levels. Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 24 / 27
  • 25. The Biba Model Example Figure 8: The Biba Model Example 6 6https://www.researchgate.net/ Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 25 / 27
  • 26. The Biba Model Example Figure 9: The Biba Model Example 7 7https://www.researchgate.net/ Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 26 / 27
  • 27. Workling Example Microsoft implemented support for the Biba model in Windows with their Mandatory Integrity Control. File objects are marked with an integrity level: -Critical files: System -Regular users and objects: Medium -Elevated users: High] -Internet Explorer: Low Dr.Ramchandra Mangrulkar, DJSCE Mumbai Lecture #7: Bell Lapdula Model and Biba Model August 14, 2020 27 / 27