PrepAway - Latest Free Exam Questions & Answers

Which security architecture model defines how to securely develop access rights between subjects and objects?

Which security architecture model defines how to securely develop access rights between subjects and objects?

PrepAway - Latest Free Exam Questions & Answers

A.
Brewer-Nash

B.
Clark-Wilson

C.
Graham-Denning

D.
Bell-LaPadula

Explanation:
C: The Graham-Denning model addresses how access rights between subjects and objects are defined, developed, and integrated. It defines a set of basic rights in
terms of commands that a specific subject can execute on an object. This model has eight primitive protection rights, or rules, on how these types of functionalities
should take place securely. They are: how to securely create an object; how to securely create a subject; how to securely delete an object; how to securely delete a
subject; how to securely provide the read access right; how to securely provide the grant access right; how to securely provide the delete access right; and how to
securely provide transfer access rights. These things may sound insignificant, but when we are talking about building a secure system, they are very critical.
A is incorrect because the Brewer-Nash model is intended to provide access controls that can change dynamically depending upon a user’s previous actions. The
main goal is to protect against conflicts of interest by users’ access attempts. For example, if a large marketing company provides marketing promotions and materials
for two banks, an employee working on a project for Bank A should not be able to look at the information the marketing company has on its other bank customer, Bank
B: Such action could create a conflict of interest because the banks are competitors. If the marketing company’s project manager for the Bank A project could view
information on Bank B’s new marketing campaign, he may try to trump its promotion to please his more direct customer. The marketing company would get a bad
reputation if it allowed its internal employees to behave so irresponsibly.
B is incorrect because the Clark-Wilson model is implemented to protect the integrity of data and to ensure that properly formatted transactions take place within
applications. It works on the following premises: subjects can access objects only through authorized programs; separation of duties is enforced; auditing is required.
The Clark-Wilson model addresses all three integrity goals: prevent unauthorized users from making modifications, prevent authorized users from making improper
modifications, and maintain internal and external consistency.
D is incorrect because the Bell-LaPadula model was developed to address the U.S. military’s concern with the security of its systems and the leakage of classified
information. The model’s main goal is to prevent sensitive information from being accessed in an unauthorized manner. It is a state machine model that enforces the
confidentiality aspects of access control. A matrix and security levels are used to determine if subjects can access different objects. The subject’s clearance is compared
to the object’s classification and then specific rules are applied to control how subject-to-object interactions take place.

One Comment on “Which security architecture model defines how to securely develop access rights between subjects and objects?

  1. joe says:

    Graham-Denning model addresses how access rights between subjects and objects are defined, developed, and integrated.

    Brewer-Nash model is intended to provide access controls that can change dynamically depending upon a user’s previous actions.

    Bell-LaPadula model was developed to address the U.S. military’s concern with the security of its systems and the leakage of classified information.

    Clark-Wilson model is implemented to protect the integrity of data and to ensure that properly formatted transactions take place within applications.




    0



    0

Leave a Reply