（转16）Biba Model Biba安全模型

The Biba Model or Biba Integrity Model developed by Kenneth J. Biba in 1977 [1], is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity. The model is designed so that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.
In general the model was developed to circumvent a weakness in the Bell-LaPadula Model which only addresses data confidentiality.

[edit] Features
In general, preservation of data integrity has three goals:
Prevent data modification by unauthorized parties
Prevent unauthorized data modification by authorized parties
Maintain internal and external consistency (i.e. data reflects the real world)
This security model is directed toward data integrity (rather than confidentiality) and is characterized by the phrase: "no read down, no write up". This is in contrast to the Bell-LaPadula model which is characterized by the phrase "no write down, no read up".
In the Biba model, users can only create content at or below their own integrity level (a monk may write a prayer book that can be read by commoners, but not one to be read by a high priest). Conversely, users can only view content at or above their own integrity level (a monk may read a book written by the high priest, but may not read a pamphlet written by a lowly commoner).
The Biba model defines a set of security rules similar to the Bell-LaPadula model. These rules are the reverse of the Bell-LaPadula rules:
The Simple Integrity Axiom states that a subject at a given level of integrity may not read an object at a lower integrity level (no read down).
The * (star) Integrity Axiom states that a subject at a given level of integrity must not write to any object at a higher level of integrity (no write up).

[edit] See also
Multi-Level Security - MLS
Mandatory Access Control - MAC
Discretionary Access Control - DAC
Take-Grant Model
The Clark-Wilson Integrity Model
Graham-Denning Model
Security Modes of Operation

[edit] References
^ Biba, K. J. "Integrity Considerations for Secure Computer Systems", MTR-3153, The Mitre Corporation, April 1977.
"Integrity Policies" Power Point presentation from University of Colorado at Colorado Springs
This computer science-related article is a stub. You can help Wikipedia by expanding it.
Retrieved from "http://en.wikipedia.org/wiki/Biba_Model"