Biba is about integrity (unauthorized changes to data), Bell-LaPadula is about
security( unauthorized access to the data) so the answers given in text are
correct.
_____
From: wang shujing [mailto:shujingwang@hotmail.com]
Sent: Monday, November 15, 2004 11:55 PM
To: CISSP-Discuss@yahoogroups.com
Subject: [CISSP-D] Fw: Two questions about Security Models and Architecture in
All-In-One
I sent the email to group. Why can I not received it myself?
Shujing
Hi, everybody,
I read the All In One. The following two questions confused me. would you please
help me?
Chap.5---22
Which best describes the *-integrity axiom?
A. No wirte up in the Biba model
B. No read down in the Biba model
C. No write down in the Bell-lapadula model
D. No read up in the Bell-lapadula model
The answer is A. Why not C?
Chap.5---23
Which best describes the simple security rule?
A. No wirte up in the Biba model
B. No read down in the Biba model
C. No write down in the Bell-lapadula model
D. No read up in the Bell-lapadula model
The answer is D. Why not B?
The Bell-lapadula has the simple security rule, the *-property rule.
The Biba has two integrity rules.
I think the first one is because of the "integrity". What's the reason for the
second one? Is there special names for Biba rules?
Thanks a lot.
Shujing
Yahoo! Groups Sponsor
ADVERTISEMENT
<http://us.ard.yahoo.com/SIG=12944mois/M=298184.5584357.6650215.3001176/D=groups
/S=1705007140:HM/EXP=1100699297/A=2426683/R=0/SIG=11eeoolb0/*http://www.netflix.
com/Default?mqso=60185400> click here
<http://us.adserver.yahoo.com/l?M=298184.5584357.6650215.3001176/D=groups/S=:HM/
A=2426683/rand=442945292>
_____
Yahoo! Groups Links
* To visit your group on the web, go to:
http://groups.yahoo.com/group/CISSP-Discuss/
* To unsubscribe from this group, send an email to:
CISSP-Discuss-unsubscribe@yahoogroups.com
<mailto:CISSP-Discuss-unsubscribe@yahoogroups.com?subject=Unsubscribe>
* Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service
<http://docs.yahoo.com/info/terms/> .
