Bell-LaPadula Model - Strong Star vs. Discretionary Security

g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
in SSCP
While reading about the rules used to control the flow of information I ran across a bit of confusion. The first two are fine. The third is listed by different names and I am not sure if they mean the same thing or not.
  1. Simple Security Property
  2. * (Star) Security Property
  3. Discretionary Security Property vs. Strong Star
Discretionary Security - states that the system uses an access matrix to enforce discretionary access control.

Strong Star - This property states that a subject cannot read/write to object of higher/lower sensitivity. Is this another way of describing how an access matrix works?

Thanks!
· Share on FacebookShare on Twitter

Comments

  • whotimewhotime Member Posts: 122 ■■■□□□□□□□
    An access matrix is the principal that is assigned. It is what users have access to and do not have access to. With BLP a user can write up but can not write down from their approved level. They can how ever read down. With strong star they can only read/write to the level assigned. Here is a diagram.

    blp.jpg 14.2K
    WGU BS: IT-Security
    In Progress: C170, C246
    To Be Completed: C247, C299, C697, C698, C435, C436, C179
    · Share on FacebookShare on Twitter
  • g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
    That is how I understood the access matrix and the first two rules. Thanks for the diagram and explanation. Apparently, according to wikipedia:

    "The Strong ★ Property is an alternative to the ★-Property, in which subjects may write to objects with only a matching security level. Thus, the write-up operation permitted in the usual ★-Property is not present, only a write-to-same operation."
    · Share on FacebookShare on Twitter
Sign In or Register to comment.