--Originally published at Mental Droppings of a Tired Student
A security model is a specification of a security policy it describes the entities governed by the policy, it states the rules that constitute the policy.
There are various types of security models:
- Models can capture policies for confidentiality or for integrity.
- Some models apply to environments with static policies, others consider dynamic changes of access rights.
- Security models can be informal, semi-formal, or formal.
Model vs Policy
A security model maps the abstract goals of the policy to information system terms by specifying explicit data structures and techniques that are necessary to enforce the security policy. A security model is usually represented in mathematics and analytical ideas, which are then mapped to system specifications, and then developed by programmers through programming code.
For Example, if a security policy states that subjects need to be authorized to access objects, the security model would provide the mathematical relationships and formulas explaining how x can access y only through the outlined specific methods
A security policy outlines goals without regard to how they will be accomplished. A model is a framework that gives the policy form and solves security access problems for particular situations.
Read more about secuirty policies in my next post.
Here are three classic security architecture models:
Lattice Models
- A lattice is a mathematical construct that is built upon the notion of a group.
- A lattice is a mathematical construction with:
- a set of elements
- a partial ordering relation
- The property that any two elements must have unique least upper bound and greatest lower bound
A security lattice model combines multilevel and multilateral security Lattice elements are security labels that consist of a security level and set of categories.
State Machine Models
In state machine model, the state of a machine is captured in order to verify the security
Continue reading "Classic Security Architecture Models"