CISSP - Bell-La Padula
I just finished Security+ and have started to study for CISSP. It seems harder and is more detailed.
I have read about Bell-La Padula and understand it, I think, except nothing I have read tells you how to actually implement it. You must work from a security policy, I would guess.
Is the acutal implementation done by setting access controls on the directories? Like do you use AD (in Windows) to define each file and user? Do you use group permissions? Will windows do B-LP at all? Is Linux different? Is there software?
I wish the books gave more actual examples of how you do these things.
I have read about Bell-La Padula and understand it, I think, except nothing I have read tells you how to actually implement it. You must work from a security policy, I would guess.
Is the acutal implementation done by setting access controls on the directories? Like do you use AD (in Windows) to define each file and user? Do you use group permissions? Will windows do B-LP at all? Is Linux different? Is there software?
I wish the books gave more actual examples of how you do these things.
Comments
You won't find a system based on Bell-La Padula's model(s) in corporate environements. It's used (and originally developed) for military mainframe systems where confidentiality has the highest priority.
Last but not least, Bell-La Padula's model is a MAC (Mandatory Access Control) model, in which, as you know from your Sec+ studies
In Bell-La Padula's model there are two main rules:
- Simple security rule which dictates that a subject cannot read up.
- * security rule which dictates that a subject cannot write down.
Both of these ensure confidentiality, the first rule is obvious, it means a user cannot read data with a higher security label than himself. The second rule means a user cannot read write data with a lower security label than himself. The latter prevents people with a high security level of create files with a lower level, so someone with Top secret clearance (hence top secret knowledge) cannot create files readable by people with a lower level. It's all about keeping those secrets secret. Note again, the subjects are not able to create files and assign a label/security level to it other than their own.
Another important term in this context is lattice, which defines the lower and upper bounds of a subjects security level.
Bell-La Padula's model is originally developed around 1970. I don't know if it is still in use in a system. Likely some principals from this model are still used, but mostly combined with, or established a basis for, other models, hence other systems.
I hope this helps!
How would you actually implement it? Like just set the file permissions according to the plan on each file and directory?
I didn't know it wasn't in use.
The Bell-La Padula model provides read, write and read/write permissions, which a subject has based on his own clearance and the classification of the object it is trying to access. So you wouldn't set file permissions, you would assign labels to subjects and objects. The operating system that is build according to the Bell-La Padula model will automatically know the appropriate permission based on those labels. 'That' is what the Bell-La Padula does.
Also important to understand is that you won't find this in the kind of operating systems you and I are used to (unless you have experience with military mainframes). Subject don't browse for objects like we do, they use the mainframes applications. I.e. a terminal to connect to a central system. What you can see and do on that system depends on your security clearance label. The object and subjects are labeled by an admin, security officer. That's the mandatory part.
I didn't say it isn't in use, 'I' just don't know whether it's still in use.
I think access control models is one of the more difficult topics for the CISSP exam, and the problem is that there is so much info available but much of it is way too detailed, or on an academic level in which they do their utmost best to make things sound more complicated than the really are.
What sources are you using to study for this exam?
A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA
I agree, Sec+ is an good primer and there is a fair amount of overlap. CISSP goes a 'bit' further into the topics and covers a lot of additional, though often related, material. I'm amazed how broad it is, CPU states, laws, neural networks
Webmaster....I am glad you mentioned cccure.org. I have wanted to mention the site before, but didn't want to promote other sites here. I would not attempt the exam without going through all 500 questions they have online. They are the closest to the type of wording you will face on exam.
A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA
The free CISSP 'study guide' available for download at ISC2, basically the exam objectives, also contains a list with book references (references not cert guides).
I don't mind promotion of other, especially non-commercial, cert and tech sites with quality content, by someone else than the owner, at all.
A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA
I just looked into this new edition. I think I may have to get this one also, since it covers the ISSEP as well.
A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA