fbpx
Wikipedia

Biba Model

December 20, 2023

The Biba Model or Biba Integrity Model developed by Kenneth J. Biba in 1975,[1] is a formal state transition system of computer security policy describing a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity. The model is designed so that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.

In general the model was developed to address integrity as the core principle, which is the direct inverse of the Bell–LaPadula model which focuses on confidentiality.[2]: 35 

Features edit

In general, preservation of data integrity has three goals:

  • Prevent data modification by unauthorized parties
  • Prevent unauthorized data modification by authorized parties
  • Maintain internal and external consistency (i.e. data reflects the real world)

This security model is directed toward data integrity (rather than confidentiality) and is characterized by the phrase: "read up, write down". This is in contrast to the Bell-LaPadula model which is characterized by the phrase "read down, write up".

In the Biba model, users can only create content at or below their own integrity level (a monk may write a prayer book that can be read by commoners, but not one to be read by a high priest). Conversely, users can only view content at or above their own integrity level (a monk may read a book written by the high priest, but may not read a pamphlet written by a lowly commoner). Another analogy to consider is that of the military chain of command. A General may write orders to a Colonel, who can issue these orders to a Major. In this fashion, the General's original orders are kept intact and the mission of the military is protected (thus, "read up" integrity). Conversely, a Private can never issue orders to his Sergeant, who may never issue orders to a Lieutenant, also protecting the integrity of the mission ("write down").

The Biba model defines a set of security rules, the first two of which are similar to the Bell–LaPadula model. These first two rules are the reverse of the Bell–LaPadula rules:

  1. The Simple Integrity Property states that a subject at a given level of integrity must not read data at a lower integrity level (no read down).
  2. The * (star) Integrity Property states that a subject at a given level of integrity must not write to data at a higher level of integrity (no write up).[3]
  3. Invocation Property states that a process from below cannot request higher access; only with subjects at an equal or lower level.

Implementations edit

  • In FreeBSD, the Biba model is implemented by the mac_biba MAC policy.[4]
  • In Linux, the Biba model is implemented in the General Dynamics Mission Systems PitBull product.
  • In XTS-400, the Biba model is implemented in the BAE Systems's XTS-400 operating system.

See also edit

References edit

  1. ^ Biba, K. J. "Integrity Considerations for Secure Computer Systems", MTR-3153, The Mitre Corporation, June 1975.
  2. ^ R. Shirey (August 2007). Internet Security Glossary, Version 2. Network Working Group. doi:10.17487/RFC4949. RFC 4949. Informational.
  3. ^ Harris, Shon (2013). All in One CISSP Exam Guide. New York: McGraw-Hill. p. 372.
  4. ^ "Mac_biba".

External links edit

  • "Integrity Policies" Power Point presentation from University of Colorado at Colorado Springs

December 20, 2023
biba, model, biba, integrity, model, developed, kenneth, biba, 1975, formal, state, transition, system, computer, security, policy, describing, access, control, rules, designed, ensure, data, integrity, data, subjects, grouped, into, ordered, levels, integrity. The Biba Model or Biba Integrity Model developed by Kenneth J Biba in 1975 1 is a formal state transition system of computer security policy describing a set of access control rules designed to ensure data integrity Data and subjects are grouped into ordered levels of integrity The model is designed so that subjects may not corrupt data in a level ranked higher than the subject or be corrupted by data from a lower level than the subject In general the model was developed to address integrity as the core principle which is the direct inverse of the Bell LaPadula model which focuses on confidentiality 2 35 Contents 1 Features 2 Implementations 3 See also 4 References 5 External linksFeatures editIn general preservation of data integrity has three goals Prevent data modification by unauthorized parties Prevent unauthorized data modification by authorized parties Maintain internal and external consistency i e data reflects the real world This security model is directed toward data integrity rather than confidentiality and is characterized by the phrase read up write down This is in contrast to the Bell LaPadula model which is characterized by the phrase read down write up In the Biba model users can only create content at or below their own integrity level a monk may write a prayer book that can be read by commoners but not one to be read by a high priest Conversely users can only view content at or above their own integrity level a monk may read a book written by the high priest but may not read a pamphlet written by a lowly commoner Another analogy to consider is that of the military chain of command A General may write orders to a Colonel who can issue these orders to a Major In this fashion the General s original orders are kept intact and the mission of the military is protected thus read up integrity Conversely a Private can never issue orders to his Sergeant who may never issue orders to a Lieutenant also protecting the integrity of the mission write down The Biba model defines a set of security rules the first two of which are similar to the Bell LaPadula model These first two rules are the reverse of the Bell LaPadula rules The Simple Integrity Property states that a subject at a given level of integrity must not read data at a lower integrity level no read down The star Integrity Property states that a subject at a given level of integrity must not write to data at a higher level of integrity no write up 3 Invocation Property states that a process from below cannot request higher access only with subjects at an equal or lower level Implementations editIn FreeBSD the Biba model is implemented by the mac biba MAC policy 4 In Linux the Biba model is implemented in the General Dynamics Mission Systems PitBull product In XTS 400 the Biba model is implemented in the BAE Systems s XTS 400 operating system See also editDiscretionary Access Control DAC Graham Denning model Mandatory Access Control MAC Multilevel security MLS Security Enhanced Linux Security Modes of Operation Take grant protection model Clark Wilson model Bell LaPadula modelReferences edit Biba K J Integrity Considerations for Secure Computer Systems MTR 3153 The Mitre Corporation June 1975 R Shirey August 2007 Internet Security Glossary Version 2 Network Working Group doi 10 17487 RFC4949 RFC 4949 Informational Harris Shon 2013 All in One CISSP Exam Guide New York McGraw Hill p 372 Mac biba External links edit Integrity Policies Power Point presentation from University of Colorado at Colorado Springs Retrieved from https en wikipedia org w index php title Biba Model amp oldid 1140939029, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.