Francais | English | Espanõl

From Wikipedia, the free encyclopedia

The Biba Model is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity. The model is designed such that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.

[edit] Features

This security model is directed toward data integrity (rather than confidentiality) and is characterized by the phrase: "no write up, no read down". Compare this with the Bell-LaPadula model.

With Biba, users can only create content at or below their own security level (a monk may write a prayer book that can be read by commoners, but a high priest would not be allowed to view the work of the (presumably) less pious monk). Conversely, users can only view content at or above their own security level (a monk may read a book written by the high priest, but may not read a pamphlet written by a lowly commoner).

As with Bell-La Padula security model, the Biba model defines a Simple Security Property and a * (star) property. In this case they are sort of reversed to Bell-La Padula:

1. The Simple Security Property states that a subject at a given level of integrity may not read an object at a lower integrity level (no read-down).
2. The * (star) Security Property states that a subject at a given level of integrity must not write to any object at a higher level of integrity (no write-up).

[edit] See also

• Bell-LaPadula model
• Multi-Level Security - MLS
• Mandatory Access Control - MAC
• Discretionary Access Control - DAC
• Take-Grant Model
• The Clark-Wilson Integrity Model
• Graham-Denning Model
• Security Modes of Operationde:Biba-Modell