Biba model
The Biba security model is used to control read and write access in computer systems based on existing user rights and their classification in a policy-based authorization system.
The Biba model was described in 1975 by Kenneth J. Biba .
The subject of the model is the integrity of the data. The Biba model is a reversal of the Bell LaPadula security model, which primarily addresses the confidentiality of data access. A variation of the Biba model is also known as Low Watermark Mandatory Access Control .
Two rules are checked before each access:
- No-Read-Down : It must not be possible for a higher level to read information from a lower security level.
- No-Write-Up : Layers that have a lower security level may not be allowed to write data to a higher security level.
Example:
- Calibration data from an ECG may only be read by normal users, never written, as the data cannot be trusted ( no-write-up ).
- Furthermore, the calibration process must never read data that have been created by a normal user, as this does not have sufficient integrity ( no-read-down ).
Footnotes
- ^ Biba, KJ, "Integrity Considerations for Secure Computer Systems," MTR-3153, Miter Corporation , June 1975.