Ver:
· http://en.wikipedia.org/wiki/Bell-LaPadula_model
· [BLP:1976]
Modelo de
seguridad que controla el flujo de información en un sistema estableciendo unas
precisas reglas de control de acceso. Las entidades se dividen en objetos y
sujetos. Para determinar si un sujeto puede acceder (para leer o escribir) a un
objeto se comparan la habilitación del primero con la clasificación de
sensibilidad del segundo.
Este modelo
preserva exclusivamente la confidencialidad de la información.
[Ribagorda:1997]
(N) A formal,
mathematical, state-transition model of confidentiality policy for
multilevel-secure computer systems [Bell]. (Compare: Biba model, Brewer-Nash model.)
[RFC4949:2007]
A formal state
transition model of computer security policy that describes a set of access
control rules. In this formal model, the entities in a computer system are
divided into abstract sets of subjects and objects. The notion of a secure
state is defined and it is proven that each state transition preserves security
by moving from secure state to secure state; thus, inductively proving that the
system is secure. A system state is defined to be "secure" if the
only permitted access modes of subjects to objects are in accordance with a
specific security policy. In order to determine whether or not a specific
access mode is allowed, the clearance of a subject is compared to the classification
of the object and a determination is made as to whether the subject is
authorized for the specific access mode. The clearance/classification scheme is
expressed in terms of a lattice.
See also:
Lattice, Simple Security Property, *-Property.
[TCSEC:1985]
Temas relacionados