Which integrity model defines a constrained data item, an integrity verification procedure and a
transformation procedure?
A.
The Take-Grant model
B.
The Biba integrity model
C.
The Clark Wilson integrity model
D.
The Bell-LaPadula integrity model
Explanation:
The Clark-Wilson model was developed to address security issues in commercial environments. The
model uses two categories of mechanisms to realize integrity: well-formed transactions andseparation of duty. It defines a constraint data item, a integrity verification and a transformation of
that object. A possible way to represent a constraint that only certain trusted programs can modify
objects is using application:checksum condition, where the checksum ensures authenticity of the
application. Another way is using application:endorser condition, which indicates that a valid
certificate, stating that the application has been endorsed by the specified endorser, must be
presented. Static separation of duty is enforced by the security administrator when assigning group
membership. Dynamic separation of duty enforces control over how permissions are used at the
access time