ISC Exam Questions

What can be defined as a formal security model for the integrity of subjects and objects in a system

What can be defined as a formal security model for the integrity of subjects and objects in a system?

A.
Biba

B.
Bell LaPadulaLattice

C.
Lattice

D.
Info Flow

Explanation:
The Handbook of Information System Management, 1999 Edition, ISBN:
0849399742 presents the following definition:
In studying the two properties of the Bell-LaPadula model, Biba discovered a plausible notion of
integrity, which he defined as prevention of unauthorized modification. The resulting Biba integrity
model states that maintenance of integrity requires that data not flow from a receptacle of given
integrity to a receptacle of higher integrity. For example, if a process can write above its security
level, trustworthy data could be contaminated by the addition of less trustworthy data. SANS
glossary at http://www.sans.org/newlook/resources/glossary.htm define it as:
Formal security model for the integrity of subjects and objects in a system.