I've been reading a Computer Security book by William Stallings and have found this example of an Access Control Matrix:
Any example will do. I just thought I'd screenshot this off CourseSmart.
How does one convert an access control matrix like the above into a Bell-LaPadula model and if there should be any additional security level(s) added?
If I recall correctly, BLP is an example of a MAC (mandatory access control) system, while the access matrix you post is a simple RBAC system. You can't necessarily 'convert' between the two. MAC is based on the idea of labels (secret, top-secret etc), preventing information flow in certain directions between labels. RBAC is a completely 'flat' system; users are given rights to objects without regards to information flow.
So, you can't 'convert' the access matrix, but you can arrive at a lattice based on the access matrix by 'inventing' the extra information needed. Try to categorize the objects into MAC levels, and then assign users to those levels. You may arrive at conflicts: a user that has write access to a lower level (which violates the no-write-down property of BLP). Perhaps you could split the user in two, but in reality you wouldn't want people using multiple accounts. Another solution is to upgrade the classification of some objects, but that may give rise to new conflicts.
