Comparisong between the Bell-LaPadula model and the Biba model Essay

Comparisong between the Bell-LaPadula model and the Biba model - Essay Example The Biba model does not reflect â€Å"write-up† or â€Å"write-down†, however, if a highly confidential or top secret information access is granted, the privileged user cannot read highly confidential information and cannot write to any authorized level other than the assigned authorized level. This restriction prevents the integrity of highly confidential information from low important information to be intermixed. Another explanation of the Biba model would incorporate integrity as its main focus i.e. gauging integrity in a scenario where a highly sensitive data placed in a way that it intermixes with low sensitive data by retrieving the data from a low level application or program, the integrity of that information can be demoted. For example, if an employee in an organization is utilizing an insecure application or program to view highly sensitive or top secret information, the application may corrupt that information or make temporary files that can be viewed by so meone else later. A scenario is selected incorporating Clark Wilson deployment in the UNIX operating system environment. Phantoms users are used in this scenario, as they resemble to locked accounts and their identity cannot be visible to users (Bishop 2003). In a selected scenario where, a triple user is donated by ‘TP’ and every TP is configured to be an owner of the phantom user (Bishop 2003). We will allocate the phantom user in groups that preserves every CDI allocated in the CDI sets. Now we will allocate all users ‘execute’ rights for executing TP located on the CDI’s allocated on the CDI set that is available in the ‘group owner’ of that specific TP. One of the examples of this scenario incorporates access to each specific CDI is limited to users only i.e. in the triple, TP is assumed to be any one of the TP