Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSC 386 – Computer Security Scott Heggen. Agenda Bell-LaPadula Model of Computer Security.

Published byMoris Andrews Modified over 9 years ago

Similar presentations

Presentation on theme: "CSC 386 – Computer Security Scott Heggen. Agenda Bell-LaPadula Model of Computer Security."— Presentation transcript:

1 CSC 386 – Computer Security Scott Heggen

2 Agenda Bell-LaPadula Model of Computer Security

3 Bell-LaPadula (BLP) Goals: State machine model developed in the 1970s for the analysis of MLS operating systems. Subjects and objects labeled with security levels that form a partial ordering. The policy: No information flow from ‘high’ security levels down to ‘low’ security level (confidentiality). Only considers information flows that occur when a subject observes or alters an object. Access permissions defined through an access control matrix and security levels.

4 State Machine OffOn

5 BLP PublicSecret Top Secret Her Majesty’s Eyes Only Read? No Read-up!

6 BLP PublicSecret Top Secret Her Majesty’s Eyes Only Read? Read-down okay!

7 BLP PublicSecret Top Secret Her Majesty’s Eyes Only Write? No write-down!

8 BLP PublicSecret Top Secret Her Majesty’s Eyes Only Write? Write-up okay!

9 BLP Reading: Okay from high-to-low level Forbidden from low-to-high level Writing: Okay from low-to-high level Forbidden from high-to-low level No Read-up ss-property No Write-down ★ -property

10 BLP Other cases Should all “Top Secret” subjects be able to see all “Top Secret” objects? The discretionary security property (ds-property) handles individual cases

11 Implementing BLP Scenario: Create four people: Larry, Curly, Moe, and Shemp Give each person a security level: Moe - Her Majesty’s Eyes Only Larry – Top Secret Curly – Secret Shemp – Public Modify the blpmain.py program so that it: Allows any person to create a file. The file should include the creator’s security level (so you can check it later). Allow each person to READ files at or below their security level Allow each person to WRITE (append) to a file at or above their security level

Download ppt "CSC 386 – Computer Security Scott Heggen. Agenda Bell-LaPadula Model of Computer Security."

Similar presentations

1 Access Control. 2 Objects and Subjects A multi-user distributed computer system offers access to objects such as resources (memory, printers), data.

1 Access Control. 2 Objects and Subjects A multi-user distributed computer system offers access to objects such as resources (memory, printers), data.
Information Flow and Covert Channels November, 2006.

Information Flow and Covert Channels November, 2006.
1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.

1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.
Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.

Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 10 – Trusted Computing.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 10 – Trusted Computing.
Security Models and Architecture

Security Models and Architecture
Slide #5-1 Chapter 5: Confidentiality Policies Overview –What is a confidentiality model Bell-LaPadula Model –General idea –Informal description of rules.

Slide #5-1 Chapter 5: Confidentiality Policies Overview –What is a confidentiality model Bell-LaPadula Model –General idea –Informal description of rules.
COEN 150: Intro to IA Authorization.

COEN 150: Intro to IA Authorization.
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
1 Confidentiality Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 18, 2004.

1 Confidentiality Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 18, 2004.
Confidentiality Policies  Overview  What is a confidentiality model  Bell-LaPadula Model  General idea  Informal description of rules  Formal description.

Confidentiality Policies  Overview  What is a confidentiality model  Bell-LaPadula Model  General idea  Informal description of rules  Formal description.
 Introduction  Fundamentals  Capability Security  Challenges in Secure Capability Systems  Revoking Capabilities  Conclusion.

 Introduction  Fundamentals  Capability Security  Challenges in Secure Capability Systems  Revoking Capabilities  Conclusion.
Bell-LaPadula Model. www.wiley.com/go/gollmann2 Why Security Models?  When we have implemented a security policy, do we know that it will (and can) be.

Bell-LaPadula Model. Why Security Models?  When we have implemented a security policy, do we know that it will (and can) be.
EE579U/2 #1 Spring 2004 © 2000-2004, Richard A. Stanley EE579U Information Systems Security and Management 2. Policy Structure, Implementation, and Development.

EE579U/2 #1 Spring 2004 © , Richard A. Stanley EE579U Information Systems Security and Management 2. Policy Structure, Implementation, and Development.
Verifiable Security Goals

Verifiable Security Goals
Sicurezza Informatica Prof. Stefano Bistarelli

Sicurezza Informatica Prof. Stefano Bistarelli
MT Computer Security - Models & Policies

MT Computer Security - Models & Policies
User Domain Policies.

User Domain Policies.
Authorization and Policy. Is principal P permitted to perform action A on object O? – Authorization system will provide yes/no answer Authorization.

Authorization and Policy. Is principal P permitted to perform action A on object O? – Authorization system will provide yes/no answer Authorization.
1 IS 2150 / TEL 2810 Introduction to Security James Joshi Assistant Professor, SIS Lecture 5 September 27, 2007 Security Policies Confidentiality Policies.

1 IS 2150 / TEL 2810 Introduction to Security James Joshi Assistant Professor, SIS Lecture 5 September 27, 2007 Security Policies Confidentiality Policies.

Similar presentations

Ads by Google