Abstract model of data protection such as the Abstract , page 3

the model of information protection.

Any model
information security can not claim
full warranty against burglary. It is only
a abstract the aim of which is to describe
common terminology and criteria of the system
security. The model does not answer
the question is, how safe way to build
system, how to build a separate
components and configuration in General.

1977, was offered a huge
the number of abstract models of protection
information. The most popular:
the Biba model (1977), Sazerlendsky
model(1986), model Gauguin-Meziere
(1982), model Clark-Wilson (1987 and 1989

The General scheme
abstract model of information security
can be represented as follows:

The concept
trusted computing base is
Central in assessing the degree
warranty, which system
can be considered reliable. Reliable
computing base is the totality of
protective mechanisms of the computer
system (including hardware and software
support) responsible for
in a life security policy. Reliability
computing base is defined
exclusively its implementation and
correctness of source data that
introduces administrative staff.

Generally speaking,
components outside of the computational base
may not be reliable, but is not
affect the security of the system
in General. The main purpose of reliable
calculation means to serve as
monitor applications, that is, to control
the validity of the execution entities
certain operations on objects.
The monitor checks every request
a user or process that is running
on his behalf, to programs and data
consistency with the list
the actions allowed for a user.

From the monitor
of appeals requires three

– the monitor should be protected from
track your work;

-completeness –
the monitor needs to be called every
and location ways

– the monitor should be compact to
it can be perform and
to test to make sure
the fullness of his testing.

the reference monitor is called the kernel
security. Security kernel is
the basis on which to build all protective
mechanisms. In addition to the above
the properties of the reference monitor, the kernel should
to guarantee immutability.

The border
trusted computing base is called
a security perimeter. From components
outside of the security perimeter, not
required reliability. What’s inside
the security kernel is considered to be reliable,
and the fact that out – no. The relationship between the internal
and external worlds is
through the gateway system, which
the idea is able to resist
potentially unreliable or even
hostile environment.

From the
the beginning of the computer era one of the main
task for developers information
technology has become the task of ensuring
security. None of the existing
commercial or public
the electronic system can not do
without the protection of private information from
unauthorized access. Starting
with the 70-ies of the last century the world began
developed various concepts
and methods of information security that soon
led to the creation of a uniform
the approach to this problem was developed
the first security policy.

security – a set of formal rules,
defining the processing, distribution
and protection of information. Model policy
security – formal representation
security policy for a particular
system or class of systems, defines
methods of processing, distribution and
the protection of information.

General principles:

the rules in most models define
the following requirements in order of importance:

1) the Availability of




Each of
requirements responsible for their own area in
model security policies.

– demand responsible for access
information, namely:

• Providing
access legitimate users in
allowed scale.

• Prevention
the lack of it.

• Prevention
against illegal access.

responsible for two areas:

• Integrity
information – protection
information from illegal actions
the process of storage, processing and transmission.

• Integrity
system – the absence of duality
in the operation of the system.

Privacy policy
– requirement for protection of personal and
secret information is applied to
data during storage, processing
and transmission. Is the most important
requirement for certain types of data
or systems such as a secret key
or the authentication server.

– the requirement that any action
it would be possible to trace from the beginning to
the end. Allows to detect illegal
use of the system, provides
protect systems from errors and restore
system in the event of their occurrence.

All of these
requirements, ultimately to form
security that in each
the case should be taken as
a specific set of requirements
the foregoing objectives.

In addition to a set
requirements one of the most important attributes
models that directly affect her
implementation, are provided
in the model methods to control access
system. Most protected methods
monitoring system access share
into two classes:

• Free
(independent) control over access
the system (Discretionary Access Control) is
free in the sense that the owner
or Manager information can
self-change possible
access to your information. Characteristic
for models designed for
implemented in commercial and scientific

• Mandatory
access control (Mandatory Access Control) in
system means independence
the availability of information from its owner.
Usually in such cases, the control
the access is implemented on the basis of
properties of the information and properties
wanting to access it according to
independent from both of them rules.
Characteristic of models intended
for implementation in military and government
the protection systems.

Strictly speaking
criteria for determining what
the class is one or the other method
access control is not always
give a certain result, but are
very accurate for most
classic models policy

In the 80-ies
under the leadership of the Ministry of defence
USA (Department of Defense) developed the first
a document defining a system of standards
in the field of computer security
“Evaluation criteria for security
computer systems” (The
which is often called “Orange
book”. In particular, this document
includes a classification of security systems
according to the severity of the requirements
security inherent in their models
security policy. In the present
the time standards for computer security
identifies more than a dozen

  1. Abstract
    the model of information protection.

access control implements
practice some abstract (or
formal) model that defines the rules
tasks the dividing policy
access to protected resources, and rules
processing requests to access a protected

access control are the basis
resource protection, providing a solution
the task of the access control entities
to protect information and technical
resources — objects. As subjects
in the simplest case refers to
user. However, in the future it
the concept will be expanded.

In practice
the presence of access control mechanisms
it is necessary, even if the system can
to be the only one applied
user. This is because, as
rule, the system must also be
manages user rights
administrator who configures
system settings, protection and access rights
to resources of the protected object. When
this administrator is fundamentally
other rights than the applied user.

3.1 Model

Ten years
after a model has been developed
Clark-Wilson (Clark-Wilson model), providing
the requirement of integrity is more practical
method. In 1993, the model was expanded
and included the segregation of duties.
The main application of this
the model is Commerce, in particular

concept models are 2 of the principle:


properties of the internal state
system, achieved through
“The right agreements”.


the interaction of the internal state
system with the outside world, implemented
through segregation of duties.

implemented by a set of rules
and, unlike previous models, not
is mathematically formalized
model. Also, the subjects didn’t have
direct access to the objects between
subject and object is a “layer”
programs that have access to
objects. Control access to the system
is free.

for access to data divided into 2 groups:

• Determined
access operations that can be
to perform on each type of information
(only a specific set of programs
has access to specific objects).

• Determined
access operations that can be
made by a specific subject
(the subject has access only to a specific
set of programs).

All the data
in the model of Clark-Wilson is divided into 2

• Required
data item (CDI)

• Spontaneous
data item (UDI)

a set of rules governing
the interaction with both types of data
(Certification Rules):

• All initial
verification procedure (IVP) must ensure
that all CDI’s are reliable
condition during operation of the IVP.

• All procedures
change of (TP)must be certified
to be accurate, i.e. all
authentic CDI needs to go into
authentic CDI, with each procedure
the changes have the right to access only
to a specific set of CDI.

• Rules
access must meet all
the requirements of separation of duties.

• All procedures
changes must be recorded in
available only on the add log.

• Any
the procedure for changing the received input
UDI must either convert it to CDI
or cancel the operation.

This set
rules allows you to work with
the data in this manner, when fully
ensured safety and accountability
transitions in the system. The main achievement
these rules are compared with the model Biba
– separation of verification procedures
the integrity and procedures changes.
Allows to prevent or repair
most of the illegal action
perpetrated from within the business

To enhance
protection model Clark-Wilson was
introduced another set of rules (Enforcements

must maintain and protect the list
(Tpi:CDIa,CDIb,…) that maps TP and CDI and
certification access to them.

must maintain and protect the list
(UserID,Tpi:CDIa,CDIb,…) specifying which TP
the user can perform.

should authenticate each
the user requesting the execution of
the procedure changes.

Related Post

About the Author

Leave a Reply

Your email address will not be published. Required fields are marked *