--Originally published at The Hitchhiker's Guide to information security… according to me!
You know guys I’m a true believer that in order to accomplish your dreams you need to be awake. You think of that beautiful car, that penthouse on the beach, those Australian models swimming in your pool (boys, girls, maybe both… not judging here) and that gorgeous PC with Intel Core i7-6950X Extreme Edition, 4.2 GHz of processing speed, 32 GB of RAM, 2.2 TB of storage capacity and Nvidia GeForce GTX 1080 graphics card. All of this floats in the vacuous void of our minds, but in order to make it a reality we need to put our feet in the ground, and oh such coincidence of an obviously not arranged metaphor, it’s the same way security models help us achieved the desired expectations of our security policies. (Check the previous post coff coff)
“So what are this so call security models?” you ask. Well a security model is a scheme used in order to accomplish the abstract goals specified by the security policy. The security model maps those goals and dictates explicit techniques and system specifications in order to achieve them. It’s like the idea of living a healthy life will be a security policy and the instructions for a diet, exercise routine and time management will be the security model, a series of steps that helps you achieve a healthy life.
You want another real life example?! Ok… You sure like examples. Let say that in your security policy you state that all users must be authorized in order to access information, then the security model will then contain the design of a real world system, with data structures, mathematical formulas and stuff; that will physically allow you to control access. Not just idealistically control it.
There are different types of security models that
State machine Models
State machine refers to a model that checks the state of the subject when it is trying to access any type of information. If within the state, the subject has cleared all the security policies regulation, then he may access the object he requested permission. Transitions between states are all secured.
Bell-LaPadula Model: this model focuses in confidentiality and it was use for securing military system. It defines different layers of clearance in order to access information, and within that state of clearance user will only have access to certain information and certain utilities. For example, the highest clearance level can access sensitive data but may not modify data from a lower level in order for information in that clearance level not flowing to a lower level.
Biba Model: this model focuses on data integrity. The difference with the BLP model is that even under the same clearance level, object may have another layer of security that will protect the modification of data even though the user has access to that clearance level. Also it differs on the fact that user with a certain clearance level may create content for lower levels, but not read it, and they may read from higher levels, but not create content.
Other Models
Information Flow model: this model focuses on information availability. Information can flow from one security level to another if and only if there is no restricted operation attempted within that flow of information.
Non-interference model: this model focuses on preserving the state of different clearance levels. It restricts the modification of lower level by higher level in order for users with higher clearance may not attempt to leak or modify information through lower levels.
Brewer Nash Model (Chinese wall): this model allows for the clearance level of a user to change dynamically depending on their actions. You may have a certain clearance level, but when you try to access certain information that you’re not allow to, even though you’re in the same level of security, your state will change and you will be denied access.
Even more models are the Graham Denning and the Harrison-Ruzzo-Ullman models… but we are running out of time here, and there are more.
The moral of the story is to choose the security model that will help achieve the dreams you stated in that beautiful security policy. Don’t let your dream be just dreams! And start designing the security model you deserve.
