Computer security model
Encyclopedia
A computer security model is a scheme for specifying and enforcing security policies
.
A security model may be founded upon a formal model of access rights, a model of computation, a model of distributed computing
, or no particular theoretical grounding at all.
For a more complete list of available articles on specific security models, see :Category:Computer security models.
Security policy
Security policy is a definition of what it means to be secure for a system, organization or other entity. For an organization, it addresses the constraints on behavior of its members as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys and walls...
.
A security model may be founded upon a formal model of access rights, a model of computation, a model of distributed computing
Distributed computing
Distributed computing is a field of computer science that studies distributed systems. A distributed system consists of multiple autonomous computers that communicate through a computer network. The computers interact with each other in order to achieve a common goal...
, or no particular theoretical grounding at all.
For a more complete list of available articles on specific security models, see :Category:Computer security models.
Selected Topics
- Access control listAccess control listAn access control list , with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject...
(ACL) - Bell-La Padula model
- Biba modelBiba modelThe Biba Model or Biba Integrity Model developed by Kenneth J. Biba in 1977, is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity...
- Brewer and Nash modelBrewer and Nash modelThe Brewer and Nash model was constructed to provide information security access controls that can change dynamically. This security model, also known as the Chinese wall model, was designed to provide controls that mitigate conflict of interest in commercial organizations, and is built upon an...
- Capability-based securityCapability-based securityCapability-based security is a concept in the design of secure computing systems, one of the existing security models. A capability is a communicable, unforgeable token of authority. It refers to a value that references an object along with an associated set of access rights...
- Clark-Wilson modelClark-Wilson modelThe Clark-Wilson integrity model provides a foundation for specifying and analyzing an integrity policy for a computing system.The model is primarily concerned with formalizing the notion of information integrity. Information integrity is maintained by preventing corruption of data items in a...
- Context-based access control (CBAC)
- Graham-Denning modelGraham-Denning modelThe Graham-Denning Model is a computer security model that shows how subjects and objects should be securely created and deleted.It also addresses how to assign specific access rights...
- Lattice-based access controlLattice-Based Access ControlIn computer security, lattice-based access control is a complex access control model based on the interaction between any combination of objects and subjects .In this type of label-based mandatory access control model, a lattice is used to define the levels of security...
(LBAC) - Multi-level security (MLS)
- Non-interference (security)
- Object-capability modelObject-capability modelThe object-capability model is a computer security model based on the Actor model of computation. The name "object-capability model" is due to the idea that the capability to perform an operation can be obtained by the following combination:...
- Role-based access controlRole-Based Access ControlIn computer systems security, role-based access control is an approach to restricting system access to authorized users. It is used by the majority of enterprises with more than 500 employees, and can be implemented via mandatory access control or discretionary access control...
(RBAC) - Take-grant protection modelTake-Grant Protection ModelThe take-grant protection model is a formal model used in the field of computer security to establish or disprove the safety of a given computer system that follows specific rules...