5

Can Biba model always be combined with Bell-LaPadula model? What are the issues that arise?Would there be conflicts?How would information flow be affected?

CodesInChaos
  • 11,854
  • 2
  • 40
  • 50
zigglytones
  • 153
  • 1
  • 1
  • 3

2 Answers2

8

To answer all your questions at once, since the BLP is no read up, no write down data confidentiality model, and Biba is no read down, no write up data integrity model, you effectively end up with a prohibitive, same level only data confidentiality and integrity model. In theory, it shouldn't result in any less secure model, quite the contrary, it might be too strict to have any real life application.

What that means is, when both are properly implemented into a secure system, they will prohibit any security level moving vertically in either direction and you end up with all security levels isolated from one another both for read as well as write operations. I.e. discrete, non-interactive security levels. An information security equivalent of a stroboscope. I would only recommend it if this is exactly what you want, e.g. trying to isolate already existing down-vertical access control into standalone security groups, like maybe when dissolving a business partnership, or any other compartmental lockdown like that.

TildalWave
  • 10,801
  • 11
  • 45
  • 84
  • 2
    The problem with this model is that in real life, this is NEVER exactly what you will want, even if you think it is RIGHT NOW. So an organization will have two solutions available: either break the model (bad), or keep EVERYthing on the same level (worse, because you can't really know where the problem is). So hypothetically, as you say, IF this is EXACTLY what you want it is possible, but that ain't ne'er the case. – AviD Oct 14 '13 at 14:15
  • But imagine a big company based on Biba where each node is a smaller company based on Bell lapadula. – technazi Nov 07 '17 at 23:48
0

The two deal with different subjects, so they can't use the same levels and categories. In effect, they're orthogonal. [Anderson]

However, both are exceedingly simple-minded and narrow, and can be a pain to syadmin.

--dave

davecb
  • 313
  • 1
  • 6