Biba Security Model

D.

The Biba security model addresses the integrity of data being threatened when subjects at lower security levels are able to write to objects at higher security levels and when subjects can read data at lower levels.

Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, Chapter 5: Security Models and Architecture (Page 244).

The Biba security model is primarily concerned with ensuring the integrity of data. The model was developed by Ken Biba in 1975 and is based on the concept of integrity levels. The integrity levels of data are based on the sensitivity of the data and the trustworthiness of the users who are accessing the data.

The Biba model consists of two main rules: the Simple Integrity Axiom and the *-property. The Simple Integrity Axiom states that "no read up" should be allowed, meaning that data with a higher integrity level should not be read by users with a lower integrity level. This ensures that sensitive data cannot be accessed by users who do not have the appropriate clearance to access it.

The *-property states that "no write down" should be allowed, meaning that data with a lower integrity level should not be written to a higher integrity level. This ensures that data is not corrupted by users who do not have the appropriate clearance to modify it.

In addition to these rules, the Biba model also includes a set of integrity levels, ranging from the lowest level, which represents untrusted data, to the highest level, which represents the most trusted data. These integrity levels are used to determine which users are authorized to access and modify specific data.

Overall, the Biba security model is concerned with ensuring the integrity of data by preventing unauthorized users from accessing or modifying sensitive data, and by ensuring that data is not corrupted by users who do not have the appropriate clearance to modify it.