Question

A.Consider the Bell-LaPadula confidentiality model. Can a subject labeled ( “Secret”, {“France”} ) read the object labeled (“Top Secret”, {“France”,”Germany”} )?

What property (rule) is applied to allow or to deny this operation?

B. Consider the Biba integrity model. Can a subject labeled
( “Secret”, {“Germany”} ) write to the object labeled ( “Top Secret”, {“France”,”Germany”} )?
What property (rule) is applied to allow or to deny this operation?

Answer 1

Q1:

A)

Ans:

According to Bell-LaPadula confidentiality model, a subject labelled ( “Secret”, {“France”} ) CANNOT read the object labelled (“Top Secret”, {“France”,“Germany”} ) due to the application of : The Simple Security Rule (also known as the No Read Up rule or Reading Down Rule) which states that: “An object/entity at a classification/security level cannot read the object/entity at a higher classification/security level than the entity itself.” Here, the Top Secret security level is having a higher classification level than the Secret security level hence, ( “Secret”, {“France”} ) CANNOT read the object labelled (“Top Secret”, {“France”,“Germany”} )

B)

Ans:

According to Bell-LaPadula confidentiality model, a subject labelled ( “Secret”, {“Germany”} ) CAN write to the object labelled ( “Top Secret”, {“France”,“Germany”} ) due to the application of : The Star Property Rule (also known as the No Write Down rule or Writing Up Rule) which states that: “An object/entity at a classification/security level can write/append data to the object/entity at a higher classification/security level than the entity itself.” Here, the Secret security level is having a lower classification level than the Top Secret security level hence, ( “Secret”, {“Germany”} ) CAN write to the object labelled ( “Top Secret”, {“France”,“Germany”} )

(Thank You!!, please consider upvoting if it was helpful!!)