Biba Integrity Model PDF
| Title | Biba Integrity Model |
|---|---|
| Author | Plamond Colaso |
| Course | Network Routing |
| Institution | University of Missouri-Kansas City |
| Pages | 3 |
| File Size | 96.3 KB |
| File Type | |
| Total Downloads | 45 |
| Total Views | 157 |
Summary
Download Biba Integrity Model PDF
Description
Biba Integrity Model Business nowadays tends to focus on integrity rather than confidentiality. Subjects and Objects maybe labelled with integrity labels . Higher level = more trustworthy = higher integrity Information flows differently secret - unclassified, untrusted trusted 1) Biba prevents information from flowing down (disclosed). 2) BLP-upside-down will prevent information from flowing down (getting down) 3) Information flows through High Integrity -- Some Integrity - Suspicious Garbage
Biba Integrity Model •
The Biba Model, also known as the Biba Integrity Model, was introduced by Ken Biba. Biba model basically means level of access control list to people in authority and lower in the organization. This model captures integrity and authenticity in the state machine model.
•
Integrity Levels •
Integrity level of an object: It defines how valuable and secure the information is contained in the object. Such as a Network administrator(object) will have lower integrity of a report than the chief information officer which can be an (object)
•
Integrity level of a subject: It is the ability to handle information in a secure manner. Such as owner of a shop will have more integrity than the employee of the shop
Biba Integrity Model Mandatory Policies •
Biba model deals with subject (S) and objects (O). Each subject and object is assigned an integrity level. Thus, i(s) indicates the integrity level of the subject and i(o) indicates the integrity level of the object. Mandatory policies are: •
Strict Integrity Policy
•
Low-Water-Mark Policy for Subjects
•
Low-Water-Mark Policy for Objects
•
Low-Water-Mark Integrity Audit Policy
•
Ring Policy
Biba Integrity Model Discretionary Policies •
Access Control Lists
•
Object Hierarchy
•
Ring
•
The application four case study is SOCCER SPORTS TEAM
•
Biba Integrity Model Mandatory Policies
•
Simple Integrity Policy is where the subject and other subjects can read from objects where the integrity level is lower is lower than the objects
•
Use Case: - A coach and the assistant coach can see the formation of the team and information of the players. But, the higher level changes can only be done by the Main coach.
•
Strict Integrity Policy enforces “no write-up” and “no read-down” on the data in the system, which is the opposite of the Bell-LaPadula model. The main subject can only write to some objects if the integrity level is higher than the object
•
Use Case :- A Coach of a soccer game can change the formation of the players but the health and wellness coach cannot do the same changes cause the integrity of the coach is at the highest in the team.
•
Invocation property for objects can invoke another object where the integrity level is lower than the others.
•
Use Case: -A Coach can access information of the team where as the team members cannot access information of other team mates.
•
Invocation property for subjects
•
The Low-watermark policy for Objects is a dynamic policy where if a object is changed by a subject. The object integrity level is would become minimum of integrity level subjects than modified.
•
Use Case : - A team member can change his formation by talking to the coach so as well other team members can also change the formation according to his desires and the best success rate for the development of the team.
•
Audit Policy anybody can make changes to the object but all the changes are notified in the logs
•
Use Case: - Different team members and assistant coaches can make changes to the team formats but all the changes are associated in the logs.
•
Ring policy is the not as dynamic as other policy rather it follows some strict integration policy stating that any subject can read from any object where changes can be modified as well.
•
Use Case : - A team managers can read about all the information of the team so as the team members and other team members which can compromise the information at some point.
•
Discretionary Biba Policies
•
The Biba model has a number of discretionary policies that are not used as much as its mandatory policies. First discretionary policy is an access control list that can be used to determine which Ss can access which Os. The access control list can then be modified by the Ss with the correct privileges. Second, integrity can be enforced by using an O hierarchy. With this method, there is root and Os that are ancestors to the root. To access a particular O, S must have the observe privileges to that O and all the other ancestor Os all the way up to the root. Last, discretionary policy is the ring policy that numbers the rings in the system with the lower number being a higher privilege. The access modes of S must fall within a certain range of values to be permitted to access an O.
•
Access control list is basically like which person has what priviledges in a network to be accessed. Access list can be modified from person to person and also with proper priviledges
•
Use Case:- Team managers and owner can access detailed and high sensitive information regarding the stock of the team and its growth. Coach can also access the same information but team managers have more access to which players to sign and the growth of the team.
•
Object Hierarchy is basically subjects should gave access such as sudo users to access highly sensitive information and also it must have priviledges to acces the directories
•
Use Case: - The Team wellness team will have access to a different based of sudo priviledge users than the Team managers and access will be totally different. Team mates will also have completely different access to directories with low integrity comes low access
•
Ring where values can be assigned in a ring form ranging from highest to lowest privilege access. The group with the lowest priviledge access can have the highest integrity . The access mode of the subjects with a certain value from them can be access to other objects
•
Use Case:- the team managers can have the highest priviledge in the ring ranging from team coach. There on the other team members and then the teammates and the water boy and saf guards and so on.
Reference: Lecture Notes...
Similar Free PDFs
Biba Integrity Model
- 3 Pages
Jensen integrity
- 6 Pages
Academic Integrity Essay
- 2 Pages
Case on Executive Integrity
- 12 Pages
NCP Impaired Skin Integrity
- 2 Pages
Psychosocial Integrity chapt
- 19 Pages
Fundamentals – tissue integrity
- 9 Pages
Homework 2 - Database Integrity
- 4 Pages
COMM Academic Integrity Essay
- 5 Pages
Foundations - Psychosocial Integrity
- 12 Pages
Academic Integrity Quiz
- 6 Pages
Academic Integrity - Grade: A
- 4 Pages
Popular Institutions
- Tinajero National High School - Annex
- Politeknik Caltex Riau
- Yokohama City University
- SGT University
- University of Al-Qadisiyah
- Divine Word College of Vigan
- Techniek College Rotterdam
- Universidade de Santiago
- Universiti Teknologi MARA Cawangan Johor Kampus Pasir Gudang
- Poltekkes Kemenkes Yogyakarta
- Baguio City National High School
- Colegio san marcos
- preparatoria uno
- Centro de Bachillerato Tecnológico Industrial y de Servicios No. 107
- Dalian Maritime University
- Quang Trung Secondary School
- Colegio Tecnológico en Informática
- Corporación Regional de Educación Superior
- Grupo CEDVA
- Dar Al Uloom University
- Centro de Estudios Preuniversitarios de la Universidad Nacional de Ingeniería
- 上智大学
- Aakash International School, Nuna Majara
- San Felipe Neri Catholic School
- Kang Chiao International School - New Taipei City
- Misamis Occidental National High School
- Institución Educativa Escuela Normal Juan Ladrilleros
- Kolehiyo ng Pantukan
- Batanes State College
- Instituto Continental
- Sekolah Menengah Kejuruan Kesehatan Kaltara (Tarakan)
- Colegio de La Inmaculada Concepcion - Cebu