PrepAway - Latest Free Exam Questions & Answers

What does the simple integrity axiom mean in the Biba model?

What does the simple integrity axiom mean in the Biba model?

PrepAway - Latest Free Exam Questions & Answers

A.
No write down

B.
No read down

C.
No read up

D.
No write up

Explanation:
The Biba model was developed after the Bell-LaPadula model. It is a state machine model similar to the BellLaPadula model. Biba addresses the integrity of data within applications.
The Biba model uses a lattice of integrity levels. If implemented and enforced properly, the Biba model prevents
data from any integrity level from flowing to a higher integrity level.
Biba has three main rules to provide this type of protection:
*-integrity axiom: A subject cannot write data to an object at a higher integrity level (referred to as “no write
up”).Simple integrity axiom: A subject cannot read data from a lower integrity level (referred to as “no read
down”).
Invocation property: A subject cannot request service (invoke) of higher integrity.
Incorrect Answers:
A: The * (star) integrity axiom means “no write up”, not “no read up”.
B: The * (star) integrity axiom means “no write up”, not “no write down”.
C: The * (star) integrity axiom means “no write up”, not “no read down”.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 372


Leave a Reply