What security model implies a central authority that defines rules and sometimes global rules, dictating what
subjects can have access to what objects?

A.
Flow Model

B.
Discretionary access control

C.
Mandatory access control

D.
Non-discretionary access control

Explanation:
A central authority determines what subjects can have access to certain objects based on the organizational
security policy. The access controls may be based on the individual’s role in the organization (role-based) or the
subject’s responsibilities and duties (task-based). In an organization where there are frequent personnel
changes, non-discretionary access control is useful because the access controls are based on the individual’s
role or title within the organization. These access controls do not need to be changed whenever a new person
takes over that role. Another type of non-discretionary access control is lattice-based access control. In this
type of control, a lattice model is applied. In a lattice model, there are pairs of elements that have the least
upper bound of values and greatest lower bound of values. To apply this concept to access control, the pair of
elements is the subject and object, and the subject has the greatest lower bound and the least upper bound of
access rights to an object.
Incorrect Answers:
A: A flow model does not use a central authority that defines rules and sometimes global rules, dictating what
subjects can have access to what objects.
B: Discretionary access control does not use a central authority that defines rules and sometimes global rules,
dictating what subjects can have access to what objects.
C: Mandatory access control does not use a central authority that defines rules and sometimes global rules,
dictating what subjects can have access to what objects.

Krutz, Ronald L. and Russell Dean Vines, The CISSP and CAP Prep Guide: Mastering CISSP and CAP, Wiley
Publishing, Indianapolis, 2007, p. 48