Biba Model

From Wikipedia, the free encyclopedia

It has been suggested that Biba Integrity Model be merged into this article or section. (Discuss)

The Biba Model or Biba Integrity Model developed by Kenneth J. Biba in 1977 [1], is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity. The model is designed such that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.

In general the model was developed to circumvent a weakness in the Bell-LaPadula Model which only address data confidentiality.

In general, preservation of data integrity has three goals:

  • Prevent data modification by unauthorized parties
  • Prevent unauthorized data modification by authorized parties
  • Maintain internal and external consistency (i.e. data reflects the real world)

This security model is directed toward data integrity (rather than confidentiality) and is characterized by the phrase: "no write up, no read down". This is in contrast to the Bell-LaPadula model which is characterized by the phrase "no write down, no read up".

In the Biba model, users can only create content at or below their own integrity level (a monk may write a prayer book that can be read by commoners, but not one to be read by a high priest). Conversely, users can only view content at or above their own integrity level (a monk may read a book written by the high priest, but may not read a pamphlet written by a lowly commoner).

As with the Bell-LaPadula model, the Biba model defines a Simple Security Property and a * (star) property. In this case they are reversed to Bell-LaPadula:

  1. The Simple Security Property states that a subject at a given level of integrity may not read an object at a lower integrity level (no read down).
  2. The * (star) Security Property states that a subject at a given level of integrity must not write to any object at a higher level of integrity (no write up).

  1. ^ Biba, K. J. "Integrity Considerations for Secure Computer Systems", MTR-3153, The Mitre Corporation, April 1977.


 This computer-related article is a stub. You can help Wikipedia by expanding it.
Retrieved from "http://en.wikipedia.org../../../b/i/b/Biba_Model_8d13.html"
Advanced Search
Included Web Search Engines


Safe Search

close

Top Matching Results

Occasionally Search.com will highlight specialized results that are based on the context of your query. Examples of specialized results include specific links to news, images, or video.

Top Matching Results may highlight information from other Search.com pages, content from the CNET Network of sites, or third party content. The listings are based purely on relevance. Search.com does not receive payment for listings in this section but our partners that provide this data may get paid for listing these products.

Sponsored Links

This section contains paid listings which have been purchased by companies that want to have their sites appear for specific search terms and related content. These listings are administered, sorted and maintained by a third party and are not endorsed by Search.com.

Search Results

Search.com sends your search query to several search engines at one time and integrates the results into one list which has been sorted by relevance using Search.com's proprietary algorithm. You can customize the list of search engines included in your metasearch from the preferences.

The search engines that are used in your metasearch may allow companies to pay to have their Web sites included within the results. To view the Paid Inclusion policy for a specific search engine, please visit their Web site. Search.com does not accept payment or share revenue with any search engine partner for listings in this section.