Abstract

The objective of this article is to give a tutorial on lattice-based access control models for computer security. The paper begins with a review of Denning's axioms for information flow policies, which provide a theoretical foundation for these models. The structure of security labels in the military and government sectors, and the resulting lattice is discussed. This is followed by a review of the Bell-LaPadula model, which enforces information flow policies by means of its simple-security and *-properties. It is noted that information flow through covert channels is beyond the scope of such access controls. Variations of the Bell-LaPadula model are considered. The paper next discusses the Biba integrity model, examining its relationship to the Bell-LaPadula model. The paper then reviews the Chinese Wall policy, which arises in a segment of the commercial sector. It is shown how this policy can be enforced in a lattice framework.

Citations

619	Security policies and security models - Goguen, Meseguer
478	A lattice model of secure information flow - DENNING - 1976
366	Integrity considerations for secure computer systems - Biba - 1977
353	Secure computer systems: Mathematical foundations and model - Bell, LaPadula - 1973
339	A note on the confinement problem - Lampson
304	The chinese wall security policy - Brewer, Nash - 1989
266	D.: Role-based access control - Ferraiolo, Kuhn - 1992
120	A practical alternative to hierarchical integrity policies - Boebert, Kain - 1985
105	The typed access matrix model - Sandhu - 1992
60	Access rights administration in role-based security systems - Nyanchama, Osborn - 1994
43	An examination of Federal and commercial access control policy needs - Ferraiolo, Gilbert, et al. - 1993
41	Non-discretionary controls for commercial applications - Lipner - 1982
36	Conceptual foundations for a model of task-based authorizations - Thomas, Sandhu - 1994
24	A lattice interpretation of the chinese wall policy - Sandhu - 1992
24	A note on the con nement problem - Lampson - 1973
19	User group structures in object-oriented database authorization - Fernandez, Wu, et al. - 1994
18	Design for dynamic user-role-based security - Mohammed, Dilts - 1994
18	Architectural Implications of Covert Channels - Proctor, Neumann - 1992
16	Delegation of Authority - Moffett, Sloman
13	User-role based security in the ADAM object-oriented design and analyses environment - Hu, Demurjian, et al. - 1995
13	Protection." 5th Princeton Symposium on Information Science and Systems - Lampson - 1971
10	Criteria Editorial Board, “Common Criteria for Information Technology Security Evaluation - Common - 1996
5	von Solms and Isak van der Merwe. The management of computer security profiles using a role-oriented approach. Computers & Securitu - H - 1994
3	Extending access controls with duties|realized by active mechanisms - Jonscher - 1993
1	The Modeling and Representation of Security Semantics for Database Applications - Smith - 1990