High-water mark (computer security)

The high-water mark for access control was introduced by Clark Weissmann in 1969.[1] It pre-dates the Bell–LaPadula security model, whose first volume appeared in 1972.

Under high-water mark, any object less than the user's security level can be opened, but the object is relabeled to reflect the highest security level currently open, hence the name.

The practical effect of the high-water mark was a gradual movement of all objects towards the highest security level in the system. If user A is writing a CONFIDENTIAL document, and checks the unclassified dictionary, the dictionary becomes CONFIDENTIAL. Then, when user B is writing a SECRET report and checks the spelling of a word, the dictionary becomes SECRET. Finally, if user C is assigned to assemble the daily intelligence briefing at the TOP SECRET level, reference to the dictionary makes the dictionary TOP SECRET, too.

Low-water mark

Low-water mark is an extension to Biba Model. In the Biba model, no-write-up and no-read-down rules are enforced. In this model the rules are exactly opposite of the rules in Bell-La Padula model. In the low-water mark model, read down is permitted, but the subject label, after reading will be degraded to object label. It can be classified in floating label security models.[2][3]

gollark: I'm imagining all the evil stuff I could make stuff do.
gollark: You could call it "5.15". Probably shouldn't. But could.
gollark: Add and subtract are some kind of compose, I forgot which way round, and concat is... some kind of arrowy operator? It returns a new function which runs two functions on the same input and returns two outputs.
gollark: In potatOS you can add, subtract, and concatenate functions.
gollark: You could do CC's current "5.1ish", and a "5.4" option, and... rewrite all the BIOS/CraftOS code to work in both, I guess? I don't know how practical that is.

See also

References
  1. Clark Weissmann (1969). "Security controls in the ADEPT-50 timesharing system". AFIPS Conference Proceedings FJCC. 35. pp. 119–133.
  2. "The LOMAC project". Retrieved 16 February 2011.
  3. NAI Labs Advanced Research. "LOMAC: Low Water-Mark Integrity Protection for Linux" (PDF). Archived from the original (PDF) on 16 July 2011. Retrieved 16 February 2011.


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.