A security model maps the abstract goals of the policy to information system terms by specifying explicit data structures and techniques necessary to enforce the security policy.

A security policy outlines goals without regard to how they will be accomplished. A model is a framework that gives the policy form and solves security access problems for particular situations.

Bell-LaPadula Model

---

The Bell-LaPadula model enforces the confidentiality aspects of access control. A system that employs the Bell-LaPadula model is called a multilevel security system because users with different clearances use the system, and the system processes data at different classification levels.

The Bell-LaPadula model was developed to make sure secrets stay secret; thus, it provides and addresses confidentiality only.

Three main rules are used and enforced in the Bell-LaPadula model:

• Simple security rule

• *-property (star property) rule

• Strong star property rule

The simple security rule states that a subject at a given security level cannot read data that resides at a higher security level.

The *-property rule (star property rule) states that a subject in a given security level cannot write information to a lower security level.

The strong star property rule states that a subject who has read and write capabilities can only perform both of those functions at the same security level; nothing higher and nothing lower.

剩余内容请看本人公众号debugeeker, 链接为CISSP考试指南笔记：3.5 安全模型

本文同步分享在 博客“debugeeker”（CSDN）。
如有侵权，请联系 support@oschina.cn 删除。
本文参与“OSC源创计划”，欢迎正在阅读的你也加入，一起分享。