Which of the following models does NOT include data integrity or conflict of interest?

A.
Biba

B.
Clark-Wilson

C.
Bell-LaPadula

D.
Brewer-Nash

Explanation:
In the 1970s, the U.S. military used time-sharing mainframe systems and was concerned about the security of
these systems and leakage of classified information. The Bell-LaPadula model was developed to address these
concerns. It was the first mathematical model of a multilevel security policy used to define the concept of a
secure state machine and modes of access, and outlined rules of access.
An important thing to note is that the Bell-LaPadula model was developed to make sure secrets stay secret;
thus, it provides and addresses confidentiality only. This model does not address the integrity of the data the
system maintains—only who can and cannot access the data and what operations can be carried out.
Incorrect Answers:
A: The Biba model deals with data integrity.
B: The Clark-Wilson model deals with data integrity.
D: The Brewer and Nash Model deals with conflict of interest. In this model, no information can flow between
the subjects and objects in a way that would create a conflict of interest.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 370