PrepAway - Latest Free Exam Questions & Answers

What is the name of the FIRST mathematical model of a m…

What is the name of the FIRST mathematical model of a multi-level security policy used to define the concept
of a secure state, the modes of access, and rules for granting access?

PrepAway - Latest Free Exam Questions & Answers

A.
Clark and Wilson Model

B.
Harrison-Ruzzo-Ullman Model

C.
Rivest and Shamir Model

D.
Bell-LaPadula Model

Explanation:
In the 1970s, the U.S. military used time-sharing mainframe systems and was concerned about the security of
these systems and leakage of classified information. The Bell-LaPadula model was developed to address these
concerns. It was the first mathematical model of a multilevel security policy used to define the concept of a
secure state machine and modes of access, and outlined rules of access. Its development was funded by the
U.S. government to provide a framework for computer systems that would be used to store and process
sensitive information. The model’s main goal was to prevent secret information from being accessed in an
unauthorized manner.
A system that employs the Bell-LaPadula model is called a multilevel security system because users with
different clearances use the system, and the system processes data at different classification levels.
Incorrect Answers:
A: The Clark-Wilson Model is an integrity model. This is not what is described in the question.
B: The HRU security model (Harrison, Ruzzo, Ullman model) is an operating system level computer security
model which deals with the integrity of access rights in the system. This is not what is described in the question.
C: Rivest and Shamir is not a model. They created RSA cryptography. This is not what is described in the
question.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 369


Leave a Reply