Network Security - network security models—Bell-LaPadula, Biba, and Clark-Wilson:

1. Bell-LaPadula Model (BLP)

Purpose:

  • Focuses on confidentiality in government and military systems.

  • Ensures that secret information is not leaked to unauthorized users.

Key Concepts:

  1. Security Levels:

    • Classified as Top Secret > Secret > Confidential > Unclassified.

    • Users and data are assigned security levels.

  2. Rules:

    • Simple Security Property (“no read up”):

      • A subject (user) cannot read data at a higher security level.

      • Example: A Secret-level user cannot read Top Secret data.

    • Star (*) Property (“no write down”):

      • A subject cannot write information to a lower security level, preventing data leakage.

      • Example: A Top Secret user cannot write Top Secret info to a Secret document.

Strength:

  • Strongly protects confidentiality.

Limitation:

  • Does not enforce integrity.

  • Cannot prevent authorized users from corrupting data at their level.

Use Case:

  • Military or government systems handling classified information.

2. Biba Model

Purpose:

  • Focuses on integrity rather than confidentiality.

  • Ensures that data is not improperly modified, either intentionally or accidentally.

Key Concepts:

  1. Integrity Levels:

    • Data and users are assigned levels like High, Medium, Low based on trustworthiness.

  2. Rules:

    • Simple Integrity Property (“no read down”):

      • A subject cannot read data at a lower integrity level.

      • Prevents a high-integrity user from reading unreliable data.

    • Star (*) Integrity Property (“no write up”):

      • A subject cannot write data to a higher integrity level.

      • Prevents low-integrity users from contaminating high-integrity data.

Strength:

  • Strongly protects data integrity.

Limitation:

  • Does not protect confidentiality.

Use Case:

  • Financial systems, e.g., banking or accounting software, where data accuracy is critical.

3. Clark-Wilson Model

Purpose:

  • Focuses on integrity through well-formed transactions and controlled access.

  • Designed for commercial applications rather than military systems.

Key Concepts:

  1. Well-formed Transactions:

    • Data can only be modified using authorized programs, called Transformation Procedures (TPs).

    • Prevents unauthorized changes to data.

  2. Separation of Duties:

    • Different users have different roles to prevent fraud or errors.

    • Example: One person can create a transaction, another must approve it.

  3. Constrained Data Items (CDIs):

    • Critical data that requires controlled access.

    • Can only be accessed through TPs.

  4. Certification & Enforcement Rules:

    • Rules ensure that only valid transactions occur.

    • Prevents users from bypassing security controls.

Strength:

  • Ensures data integrity in commercial systems.

  • Prevents fraud through separation of duties and controlled processes.

Use Case:

  • Banking, payroll, e-commerce, and enterprise systems where data integrity and process control are critical.