Tuesday, 11 September 2012

Models & information security

Information security use a number of different types of models to describe information flow and the controls that are required to prevent problems with the confidentiality, integrity and availability of information.

Information Assurance Models


CIA Triad

This is the classic model of information assurance, showing the confidentiality, integrity and availability.

 

Subjects & Objects


Most information security models discuss the flow of information or the access rights between subjects and objects, these have been defined in the Orange book as being.

Subject: An active entity, generally in the firm of a person, process, or device that causes information to flow among objects or changes in the system state.

Object: A passive entity that contains or receives information. Access to an object potentially implies access to the information it contains. Examples of objects are: records, blocks, pages, segments, files, directories, directory trees, and programs, as well as bits, bytes, words, fields, processors, video displays, keyboards, clocks, printers, network nodes, etc

In addition to the above they also discuss labelling.

Labelling:  the assignment of sensitivity labels to every subject and object, part of an information classification process.

Access control models


These models look at the control of access between subjects and objects

Mandatory Access Control (MAC) http://en.wikipedia.org/wiki/Mandatory_Access_Control

Uses labelling of subjects and objects where the classification labelling is set by an organisation authority, access is based on matching the level of classification of the label on the subject and object. Classification is not controlled by the central IT department.

Discretionary Access Control (DAC) http://en.wikipedia.org/wiki/Discretionary_access_control

This is the opposite to the MAC, commonly described as the subject owners can set access by other subjects to the objects (resources) they own. However this is not the orange book definition of the term.

Role-Based Access Control (RBAC) http://en.wikipedia.org/wiki/Role-based_access_control

This is a more efficient way of setting access controls, subjects are grouped together into roles, the role is then given access rights to objects dependent on the role's requirements for the objects. If a subject changes roles, they move to another group and have a differnet set of access rules applied.

Rule-Based Access Control (RBAC)

An enhancement to the role based access control, this uses a set of rules to govern the access between subject and object, can include the use of location based access where the type of access is based upon when access is originated, this can be used to limit access for non-secure remote access.

Graham-Denning model http://en.wikipedia.org/wiki/Graham-Denning_Model 

A matrix based access control model where the access rights for a particular subject and object are defined at the intersection of the relevent column and row, often used in distributed system it is concerned with the secure creation and deletion of subjects and objects.

Harrison, Ruzzo, Ullman model http://en.wikipedia.org/wiki/HRU_(security)

Extends the Graham-Denning model and which deals with the integrity of access rights.

Confidentiality Models


Bell–LaPadula model  http://en.wikipedia.org/wiki/Bell%E2%80%93LaPadula_model

The Bell-LaPadula (BLP) is concerned with confidentiality and in particuler with classified information and works with the classification labelling of objects and subjects.

Integrity Models


Biba model http://en.wikipedia.org/wiki/Biba_Integrity_Model

This model looks similiar to the BLP model have it is focussed on Integrity and not confidentiality. It is to reduce the change of information by the introduction of less accurate information.

Clark–Wilson model http://en.wikipedia.org/wiki/Clark%E2%80%93Wilson_model 

Is concerned with the protection of integrity of data and uses a set of rules to govern how data can be accessed to ensure the information is kept valid as it changes state,

Information flow models


Brewer and Nash Model http://en.wikipedia.org/wiki/Brewer_and_Nash_model

To prevent conflict of interest (COI) no information that could create a COI flows between subject and objects. Also know as the Chinese Wall

No comments:

Post a Comment