13-1 Flashcards
an information barrier preventing information flow between different groups within the same organization
chinese wall model
one of the oldest security models, based on the basic security theorem
Bell-LaPadula model
an older security model with similarities to bell-lapadula
biba integrity model
this is the oldest IT security certification and one of the most often asked for in job adds
CISSP ( Certified Information Systems Security Progfessional )
a subject object model first published in 1987 that attempts to achieve data security via well formed transactions and a separation of duties
Clark-Wilson Model
CCTPEC
Canadian trust computer product evaluation criteria
the policies that control access based on named users and named objects
discretionary security property
numeric levels 1 to 7 that define security assurance as a defined in the common criteria.
evaluation assurance levels
this means that a subject can read an object only if the security level of the subject is higher than o equal to the security of the object.
simple security property
this means that a subject can read an object only if the security level of the subject is higher than or equal to the security of the object,
simple security property
a model that looks at a system transition from one state to another. it starts by capturing the current state of the system. later the system’s state at that point in time is compared to the previous state of the system to determine whether there has been a security violation in the interim.
state machine model
in a computer security models, the subject is any entity that is attempting to access a system or data
subject
also TOE, an independent eval of a product to show that the product does
target evaluation
the TCB is everything in a computing system that provides a secure environment
trusted computing base
security guidelines created by the Commission of the European communities, analogous to the common criteria
information technology security evaluation
