Tejas Jain

This was the first formal state machine model developed to protect confidentiality. The Bell-LaPadula model focuses on data confidentiality, unlike Biba model (which focuses on integrity). It is also called "read down, write up" model. This implies trusted subjects may read content below their security level and write content above their security level. Bell-LaPadula Model The model defines two mandatory access control (MAC) rules: The Simple Security Property states that a subject at a given security level may not read an object at a higher security level . The * (star) Security Property states that a subject at a given security level may not write to any object at a lower security level . Limitations Only addresses Confidentiality (out of the three - confidentiality, integrity and availability) Covert channel communication is not addressed comprehensively

Origin: Published in 1977 at the Mitre Corporation, one year after the Bell La-Padula model. While BLP model addresses Confidentiality (and nothing about Integrity), Biba proposed this model to address Integrity Biba Integrity model describes a set of access control rules that are designed to ensure data integrity. Subjects and Objects are grouped into various ordered levels of integrity. Access modes of Biba Model Modify : This allows a subject to write to an object. In layman parlance, it is equivalent to write mode in other models. Observe : This allows a subject to read an object. This command is synonymous to the read command of other models. Invoke : This allows one subject to communicate with another subject. Execute: This allows a subject to execute an object. The command essentially allows a subject to execute a program which is the object This model is directed towards data integrity (rather than confidentiality). It is also called "read up, write down" model. This