- Biba Model
The Biba Model or Biba Integrity Model developed by Kenneth J. Biba in 1977 [Biba, K. J. "Integrity Considerations for Secure Computer Systems", MTR-3153, The
Mitre Corporation , April 1977.] , is a formalstate transition system ofcomputer security policy that describes a set ofaccess control rules designed to ensuredata integrity . Data and subjects are grouped into ordered levels of integrity. The model is designed so that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.In general the model was developed to circumvent a weakness in the
Bell-LaPadula Model which only addresses dataconfidentiality .Features
In general, preservation of data integrity has three goals:
* Prevent data modification by unauthorized parties
* Prevent unauthorized data modification by authorized parties
* Maintain internal and external consistency (i.e. data reflects the real world)This security model is directed toward data integrity (rather than confidentiality) and is characterized by the phrase: "no write up, no read down". This is in contrast to the Bell-LaPadula model which is characterized by the phrase "no write down, no read up".
In the Biba model, users can only create content at or below their own integrity level (a monk may write a prayer book that can be read by commoners, but not one to be read by a high priest). Conversely, users can only view content at or above their own integrity level (a monk may read a book written by the high priest, but may not read a pamphlet written by a lowly commoner).
The Biba model defines a set of security rules similar to the Bell-LaPadula model. These rules are the reverse of the Bell-LaPadula rules:
# "The Simple Integrity Axiom" states that a subject at a given level of integrity may not read an object at a lower integrity level (no read down).
# "The * (star) Integrity Axiom" states that a subject at a given level of integrity must not write to any object at a higher level of integrity (no write up).See also
*
Multi-Level Security - MLS
*Mandatory Access Control - MAC
* Discretionary Access Control - DAC
*Take-Grant Model
*The Clark-Wilson Integrity Model
*Graham-Denning Model
* Security Modes of OperationReferences
* [http://cs.uccs.edu/~cs691/confidentialityPolicyies/IntegrityPolicy.ppt "Integrity Policies" Power Point presentation from University of Colorado at Colorado Springs]
Wikimedia Foundation. 2010.