Computer security is based on the role of various entities within the system and their CIA requirement. Information security models address the CIA requirements in computing systems and data.
This computer security model is also called the take-grant protection model and it specifies obtaining (taking) rights from one entity and giving them to another or the transferring (granting) of rights by one entity to another. There are two entities defined in this model: a subject and object. In simple terms, this model proposes a directed graph that represents the transfer of rights.
There are four rules in this model; they are as follows:
This is a data-confidentiality model developed by David Elliot Bell and Len LaPadula. Since the focus is on confidentiality, this model prescribes access controls to classified or confidential information. This model specifies three security properties. The first two are related to Mandatory Access Control (MAC) and the last is Discretionary Access Control (DAC):
A simple way to remember this model is: no read up and no write down.
This model focuses on data integrity. This model was developed by Kenneth J. Biba.
This model states the following two rules:
A simple way to remember this model is: no read down and no write up.