The True Nature of Bell-LaPadula Security Model

D.

BellLaPadula Confidentiality Model10 The BellLaPadula model is perhaps the most well-known and significant security model, in addition to being one of the oldest models used in the creation of modern secure computing systems.Like the Trusted Computer System Evaluation Criteria (or TCSEC), it was inspired by early U.S.

Department of Defense security policies and the need to prove that confidentiality could be maintained.

In other words, its primary goal is to prevent disclosure as the model system moves from one state (one point in time) to another.

When the strong star property is not being used it means that both the property and the Simple Security Property rules would be applied.

The Star (*) property rule of the Bell-LaPadula model says that subjects cannot write down, this would compromise the confidentiality of the information if someone at the secret layer would write the object down to a confidential container for example.

The Simple Security Property rule states that the subject cannot read up which means that a subject at the secret layer would not be able to access objects at Top Secret for example.

You must remember:The model tells you about are NOT allowed to do.Anything else would be allowed.For example within the Bell LaPadula model you would be allowed to write up as it does not compromise the security of the information.In fact it would upgrade it to the point that you could lock yourself out of your own information if you have only a secret security clearance.

The following are incorrect answers because they are all FALSE: "It allows read up" is incorrect.

The "simple security" property forbids read up.

"It addresses covert channels" is incorrect.

Covert channels are not addressed by the Bell-LaPadula model.

"It addresses management of access controls" is incorrect.

Management of access controls are beyond the scope of the Bell-LaPadula model.

Reference(s) used for this question: Hernandez CISSP, Steven (2012-12-21)

Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 17595-17600)

Auerbach Publications.

Kindle Edition.

The Bell-LaPadula (BLP) model is a security model that is used to enforce confidentiality policies in computer systems. The model defines a set of rules that specify how information can be accessed and modified based on the security clearance level of the user and the sensitivity level of the information.

The strong star property is a requirement in the BLP model that states that a user can only write to an object if their clearance level is greater than or equal to the sensitivity level of the object. If the strong star property is not being used, then the answer to the question is:

A. It allows "read up."

When the strong star property is not being used, it means that a user can read information from an object even if their clearance level is lower than the sensitivity level of the object. This is known as "read up" access. The idea is that a user with a lower clearance level can still benefit from access to less sensitive information, even if they are not cleared for the more sensitive information that is contained within the object.

Option B is incorrect because the Bell-LaPadula model does not directly address covert channels. A covert channel is a method of communication that is not explicitly designed or authorized by the system's security policy.

Option C is also incorrect because the Bell-LaPadula model is concerned with enforcing security policies, not with the management of access controls.

Option D is incorrect because without the strong star property, the BLP model does not allow "write up" access. "Write up" access would allow a user to modify an object with a sensitivity level higher than their clearance level, which could compromise the security of the system.

In summary, the correct answer is A. It allows "read up" when the strong star property is not being used in the Bell-LaPadula model.