SSCP Integrity Model | Constrained Data Item, Verification, and Transformation Procedure

SSCP Integrity Model

Prev Question Next Question

Question

Which integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

The Clark Wilson integrity model addresses the three following integrity goals: 1) data is protected from modification by unauthorized users; 2) data is protected from unauthorized modification by authorized users; and 3) data is internally and externally consistent.

It also defines a Constrained Data Item (CDI), an Integrity Verification Procedure (IVP), a Transformation Procedure (TP) and an Unconstrained Data item.

The Bell-LaPadula and Take-Grant models are not integrity models.

Source: KRUTZ, Ronald L.

& VINES, Russel.

D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 5: Security Architecture and Models (page 205).

The integrity of data is an essential aspect of information security. Various integrity models have been developed to ensure that the data is not modified or accessed by unauthorized users.

Among the given options, the integrity model that defines a constrained data item, an integrity verification procedure, and a transformation procedure is the Clark Wilson integrity model (option C).

The Clark Wilson integrity model is a framework for specifying and analyzing the security of commercial computer systems. It is designed to ensure the integrity of data in a system by using a set of rules and procedures. The model is based on the separation of duties and the concept of a "well-formed transaction."

In the Clark Wilson model, the constrained data item is a data object that can only be modified by authorized users through well-formed transactions. Well-formed transactions are a sequence of operations that modify the data object in a consistent and verifiable way.

The integrity verification procedure is a process that ensures that the data in the system is consistent and has not been tampered with. This is achieved by comparing the data in the system to a known, trusted source.

The transformation procedure is a set of rules that govern the modification of data objects in the system. The transformation procedure ensures that only authorized users can modify the data objects and that the modifications are done in a consistent and verifiable way.

In summary, the Clark Wilson integrity model defines a constrained data item, an integrity verification procedure, and a transformation procedure to ensure the integrity of data in a system. It is a useful framework for specifying and analyzing the security of commercial computer systems.