Security models in an operating system provide a structured approach to enforcing security policies. These models define how data access, user permissions, and system integrity are maintained to prevent unauthorized access, data breaches, and cyber threats.
1. Types of Security Models
A. Bell-LaPadula Model (BLP) β Confidentiality
π Focus: Prevents unauthorized access to sensitive data (confidentiality).
π Used in: Military and government systems.
π Rules:
β No Read Up (Simple Security Property): A lower-level user cannot read higher-level data.
β No Write Down (*-Property Rule): A higher-level user cannot write to a lower-level file (prevents data leaks).
β Example: A classified government document cannot be accessed by an unauthorized employee.
B. Biba Model β Integrity
π Focus: Prevents unauthorized modification of data (integrity).
π Used in: Banking, finance, and medical records systems.
π Rules:
β No Write Up (Integrity Axiom): A lower-level user cannot modify higher-level data.
β No Read Down (Simple Integrity Property): A higher-level user cannot read lower-level data to prevent corruption.
β Example: A regular bank employee cannot alter high-level financial reports.
C. Clark-Wilson Model β Integrity in Transactions
π Focus: Maintains integrity by enforcing well-formed transactions.
π Used in: Commercial applications, e-commerce, and financial databases.
π Rules:
β Separation of Duties (SoD): One user cannot perform both authorization and execution of a transaction.
β Auditing & Logging: Tracks data changes for accountability.
β Example: In an online banking system, one user enters a transaction, and another approves it.
D. Brewer-Nash Model (Chinese Wall) β Conflict of Interest Prevention
π Focus: Prevents conflicts of interest by restricting access based on past actions.
π Used in: Financial firms, law firms, and consulting agencies.
π Rules:
β A user who accessed Company Aβs confidential data cannot access competing Company Bβs data.
β Prevents leakage of sensitive business information.
β Example: An investment analyst advising one company cannot work with its competitor.
E. Harrison-Ruzzo-Ullman Model β Access Control
π Focus: Defines who can change access rights in a system.
π Used in: Operating system file permissions.
π Rules:
β Defines subjects (users), objects (files), and rights (read, write, execute).
β Dynamic access control β usersβ permissions can change over time.
β Example: A system administrator can grant and revoke file permissions dynamically.
F. Graham-Denning Model β Secure Object Management
π Focus: Defines how users interact with system objects (files, programs).
π Used in: Operating system security and resource management.
π Rules:
β Specifies eight operations (create/delete objects, grant/revoke access, etc.).
β Controls ownership and delegation of access rights.
β Example: A file owner in Windows can give or revoke access to other users.
2. Comparison of Security Models
| Model | Focus | Used In | Key Principle |
|---|---|---|---|
| Bell-LaPadula | Confidentiality | Military, government | No Read Up, No Write Down |
| Biba | Integrity | Finance, healthcare | No Write Up, No Read Down |
| Clark-Wilson | Data Integrity | Business transactions | Well-formed transactions |
| Brewer-Nash | Conflict of Interest | Financial & legal firms | Prevents unethical access |
| Harrison-Ruzzo-Ullman | Access Control | OS file permissions | Dynamic user permissions |
| Graham-Denning | Object Management | System security policies | Secure resource access |
Conclusion
Security models help organizations enforce access control, confidentiality, and integrity based on different needs. A well-designed OS security framework often combines multiple models to provide comprehensive protection against cyber threats.