bel la padula

pandimus

can someone give me a good link discribing this model, I couldnt find anything usefull except a definition. I read a post someone talking this was on the exam, I can find it in my all in one book

thanks

RussS

http://www-users.itlabs.umn.edu/classes/Spring-2002/csci8102/ClassNotes/Lecture12/Lecture12-6on1.pdf is not a bad resource.

Webmaster

www.techexams.net/technotes/securityplus/mac_dac_rbac.shtml

pandimus

My bad, didnt realize we had a technote here..

But thank both of you.

JDMurray

For the Security+ exam, make sure you know the (minor) differences between the Lattice and Bell-LaPadula models and how they relate to the MAC access control model. There will be one or two questions on it.

pandimus

cool.. Thanks, i will check it out..

RussS

And remember .... bell la padula is ...... wait for it ...

a RULE based access model

pandimus

When i get a good chance to study this theory, i will tell you if i remotly understand what you just said.. hehe

Webmaster

Note that Bell LaPadula uses primarily Mandatory Access Controls, BLP developed the early MAC. CompTIA uses three primary categories, which are MAC, DAC and RoleBAC (RuleBAC may turn up in the exam though...).

Although it's also described in the TechNote I metioned above, also check out this post for more detailed information:
www.techexams.net/forums/viewtopic.php?t=3069

RussS

Thanks for popping that in Johan. After our conversation I was meaning to post about how BLP uses RULES, but is NOT .... RBAC as in Comptias definition. Role Based Access Control.
The technotes actually explain this fairly well

Webmaster

You're welcome Russ and thanks

And you're right, a lot of what is going on in the BLP model is based on rules. For the CompTIA exam it is important to know BLP is MAC 'just' because an admin sets the controls and the labels (again, not entirely accurate because BLP includes a DAC property...), and therefore dictates the outcome of the rules. Perhaps the term Rule-Based-Mandatory Access Control model would be more in place. But than again, Rule-Based Access Control is usually considered as a 'type of MAC'

robocal2

i thought i understood but i am confused again....
if lattice and BLP are so closely related with 'minor' differences, would MAC be lattice or BLP :

JDMurray

Both Lattice and BLP are MAC-based models. BLP and Lattice are practically the same models, but BLP is a bit stricter in that a user is not permitted to write into a document with a lower security level than the user’s own security level. Lattice therefore does not prevent disclosure of higher-level information to lower-level users, but BLP does.

For example, let's say I have Admin privilages, and I have access to a document that only Admins can read. Under Lattice, I can create a new document with a lower privilage level, and then copy the data from the Admin-level document to this new, lower-level document. Lower-level users can now read the Admin-only information from this new document. Under BLP this is not possible.