In which of the following models are Subjects and Objects identified and the permissions applied to each
subject/object combination are specified? Such a model can be used to quickly summarize what permissions a
subject has for various system objects.

A.
Access Control Matrix model

B.
Take-Grant model

C.
Bell-LaPadula model

D.
Biba model

Explanation:
An access control matrix is a table of subjects and objects indicating what actions individual subjects can take
upon individual objects. Matrices are data structures that programmers implement as table lookups that will be
used and enforced by the operating system. This type of access control is usually an attribute of DAC models.
The access rights can be assigned directly to the subjects (capabilities) or to the objects (ACLs).
Incorrect Answers:
B: The take-grant protection model is used to establish or disprove the safety of a given computer system that
follows specific rules. This is not what is described in the question.
C: The Bell–LaPadula Model is a state machine model used for enforcing access control in government and
military applications. This is not what is described in the question.
D: The Biba Model is a formal state transition system of computer security policy that describes a set of access
control rules designed to ensure data integrity. This is not what is described in the question.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 229