Notes

Control policies and models

DAC

Discretionary Access Control Gives total control to owner Security totally depended on owners wish and practices DAC

MAC

Mandatory Access Control Restricts the ability of owners to grant or deny access Rules are defined by system administrator and enforced by OS Considered most secure MAC

RBAC

Role based access control assigning permissions to users based on role within organisation Simple , manageable and roll based responsibilities RBAC

Check CIA_Triad!

BIBA

Invented by Kenneth J. Biba Used to maintain Integrity Data and subjects grouped into ordered levels Read and write on own level No read down No write up

3 Integrity Rules:

SIMPLE INTEGRITY RULE: NO READ DOWN
STAR INTEGRITY RULE: NO WRITE-UP
STRONG STAR INTEGRITY RULE : NO READ WRITE UP DOWN

biba

Bell-LaPadula

Invented by David Elliot Bell and Leonard J. LaPadula Used to maintain Confidentiality Read and write on own level No read up No write down

3 Confidentiality Rules:

SIMPLE CONFIDENTIALITY RULE: NO READ UP
STAR CONFIDENTIALITY RULE: **NO WRITE DOWN **
STRONG STAR CONFIDENTIALITY RULE: NO READ WRITE UP DOWN

bell-lapadula

Source:

Lecture notes from IT Infra
DAC
MAC
geekforgeeks