In the Information Security class last week, the teacher left a assignment for the Biba model. Read the book and learn about it. The record is as follows.
Reference: Shi Wenchang introduction to Information System Security version 2nd ISBN: 978-7-121-22143-9
The Biba model is an integrity access control model proposed by K. J. Biba in 1977. It is a mandatory access model. Before introducing the Biba model, let's talk about the access control classification.
Access control category
The main role of access control is to allow authorized subjects to access objects. Colleagues prevent unauthorized subjects from accessing objects. Based on whether the owner of an object has the autonomy to determine whether the object can be accessed, access control can be divided into independent access control (DAC, Discretionary Access Control) and forced Access Control (MAC, mandatory Access Control.
- Independent access control
If the user individual as the owner of the object can set the access control attribute to allow or deny access to the object, such access control becomes autonomous access control.
For example, in school, every student can decide whether to allow other students to borrow their textbooks based on their own wishes. This is a DAC. Here, textbooks are equivalent to objects, A student is a user and a subject, and a borrowing operation is an access operation.
- Mandatory Access Control
If only the system can control access to objects, and the user individual cannot change this control, such access control is called forced access control.
This definition emphasizes that an ordinary user cannot determine the access authorization to the object according to his/her personal wishes. Whether the user is the owner of the object or not, the system has the right to make decisions.
For example, in school, no student has the right to decide to lend his or her exam to other students during the exam. This is a school rule and is mandatory access control. Among them, the exam is equivalent to an object, students are equivalent to users (that is, subjects), and schools are equivalent to systems.
Integrity Level
The Biba model quantitatively describes integrity at the integrity level. If the integrity level I2 is higher than the integrity level I1, integrity Level I2 absolutely controls integrity level I1 and is recorded:
I1 <I2
The Biba model defines the concept of information transfer path.
"Write"And"Run"Operation (rule1)
① If and only when I (o) is less than or equal to I (s), the subject s can write the object o.
② When and only when I (S2) ≤ I (S1), the main S1 can execute S2.
"Read operations"
For read operations, the Bi BA model is displayed in three slightly different forms by defining different rules.
- Low-water-mark)
If s is an arbitrary subject and O is an arbitrary object, Imin = min (I (s), I (O), s can read o regardless of the Integrity Level, however, after the read operation is executed, the integrity level of S is adjusted to Imin.
- Bi Ba Ring Model (ring)
Regardless of the Integrity Level, any subject can read any object.
- Strict integrity model (strict integrity)
Based on rule 1, subject s can read object o only when I (s) ≤ I (o. In a strict integrity model, when the subject and the object have the same integrity level, the subject can simultaneously perform "read" and "write" operations on the object.
Generally, the Biba model refers to the strict integrity model of Biba.
Introduction to the Biba model