A computer security policy defines the goals and elements of an organization's computer systems. The definition can be highly formal or informal. Security policies are enforced by organizational policies or security mechanisms. A technical implementation defines whether a computer system is ''secure'' or ''insecure''. These formal policy

models A model is an informative representation of an object, person, or system. The term originally denoted the plans of a building in late 16th-century English, and derived via French and Italian ultimately from Latin , . Models can be divided int ...

can be categorized into the core security principles of confidentiality, integrity, and availability. For example, the

Bell–LaPadula model The Bell–LaPadula model (BLP) is a state-machine model used for enforcing access control in government and military applications. It was developed by David Elliott Bell, and Leonard J. LaPadula, subsequent to strong guidance from Roger R. ...

is a ''confidentiality policy model'', whereas the

Biba model The Biba Model or Biba Integrity Model developed by Kenneth J. Biba in 1975, is a formal state transition system of computer security policy describing a set of access control rules designed to ensure data integrity. Data and subjects are grouped i ...

is an ''integrity policy model''.

Formal description

If a system is regarded as a

finite-state automaton A finite-state machine (FSM) or finite-state automaton (FSA, plural: ''automata''), finite automaton, or simply a state machine, is a mathematical model of computation. It is an abstract machine that can be in exactly one of a finite number o ...

with a set of transitions (operations) that change the system's state, then a ''security policy'' can be seen as a statement that partitions these states into authorized and unauthorized ones. Given this simple definition, one can define a ''secure system'' as one that starts in an authorized state and will never enter an unauthorized state.

Formal policy models

Confidentiality policy model

* Bell-La Padula model

Integrity policies model

* Clark-Wilson model

Hybrid policy model

Chinese wall A Chinese wall or ethical wall is an information barrier protocol within an organization designed to prevent exchange of information or communication that could lead to conflicts of interest. For example, a Chinese wall may be established to sep ...

(Also known as

Brewer and Nash model The Brewer and Nash model was constructed to provide information security access controls that can change dynamically. This security model, also known as the Chinese wall model, was designed to provide controls that mitigate conflict of interest in ...

)

Policy languages

To represent a concrete policy, especially for automated enforcement of it, a language representation is needed. There exist a lot of application-specific languages that are closely coupled with the security mechanisms that enforce the policy in that application. Compared with this abstract policy languages, e.g., the Domain Type Enforcement-Language, is independent of the concrete mechanism.

References

* * *Clark, D.D. and Wilson, D.R., 1987, April. A comparison of commercial and military computer security policies. In ''1987 IEEE Symposium on Security and Privacy'' (pp. 184–184). IEEE. {{DEFAULTSORT:Computer Security Policy Computer security procedures Computer security models