Bell-LaPadula Model - Strong Star vs. Discretionary Security

While reading about the rules used to control the flow of information I ran across a bit of confusion. The first two are fine. The third is listed by different names and I am not sure if they mean the same thing or not.

Simple Security Property
* (Star) Security Property
Discretionary Security Property vs. Strong Star

Discretionary Security - states that the system uses an access matrix to enforce discretionary access control.

Strong Star - This property states that a subject cannot read/write to object of higher/lower sensitivity. Is this another way of describing how an access matrix works?

Thanks!

Find more posts tagged with

Comments

whotime

An access matrix is the principal that is assigned. It is what users have access to and do not have access to. With BLP a user can write up but can not write down from their approved level. They can how ever read down. With strong star they can only read/write to the level assigned. Here is a diagram.

blp.jpg

g33k3r

That is how I understood the access matrix and the first two rules. Thanks for the diagram and explanation. Apparently, according to wikipedia:

"The Strong ★ Property is an alternative to the ★-Property, in which subjects may write to objects with only a matching security level. Thus, the write-up operation permitted in the usual ★-Property is not present, only a write-to-same operation."