Biba Model: Information from Answers.com

The Biba Model or Biba Integrity Model developed by Kenneth J. Biba in 1977 ^[1], is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity. The model is designed so that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.

In general the model was developed to circumvent a weakness in the Bell-LaPadula Model which only addresses data confidentiality.

1 Features
2 Implementations
3 See also
4 References

Features

In general, preservation of data integrity has three goals:

Prevent data modification by unauthorized parties
Prevent unauthorized data modification by authorized parties
Maintain internal and external consistency (i.e. data reflects the real world)

This security model is directed toward data integrity (rather than confidentiality) and is characterized by the phrase: "no read down, no write up". This is in contrast to the Bell-LaPadula model which is characterized by the phrase "no write down, no read up".

In the Biba model, users can only create content at or below their own integrity level (a monk may write a prayer book that can be read by commoners, but not one to be read by a high priest). Conversely, users can only view content at or above their own integrity level (a monk may read a book written by the high priest, but may not read a pamphlet written by a lowly commoner).

The Biba model defines a set of security rules similar to the Bell-LaPadula model. These rules are the reverse of the Bell-LaPadula rules:

The Simple Integrity Axiom states that a subject at a given level of integrity may not read an object at a lower integrity level (no read down).
The * (star) Integrity Axiom states that a subject at a given level of integrity must not write to any object at a higher level of integrity (no write up).

Implementations

In FreeBSD, the Biba model is implemented by the mac_biba MAC policy^[2].

References

^ Biba, K. J. "Integrity Considerations for Secure Computer Systems", MTR-3153, The Mitre Corporation, April 1977.
^ http://man.freebsd.org/mac_biba

"Integrity Policies" Power Point presentation from University of Colorado at Colorado Springs

This computer science article is a stub. You can help Wikipedia by expanding it.

This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)

Donate to Wikimedia

	Low watermark (computer security)
	Computer security policy
	Brewer and Nash model

	How do you tell whether your older Rossi 38 5 shot revolver is a model 31 38 68 or other model since there is no visible model number behind the cylinder crane on the frame? Read answer...
	How do I tell whether my older Rossi 38 5 shot revolver is a model 31 38 68 or other model since there is no visible model number on the frame? Read answer...
	What is the model of a Smith and Wesson 357 with a 5'' barrel serial S 1733xx which is identical to the Model 27 early version with four screws but has no model number marked? Read answer...

	The model applicable when historical data are not available or when hard to use is A. the time series model B.judgmental model C. the customer survey D.econometric model E. focus group synthesis?
	If a company produces 15 different model of tv sets of 2 inchs screen and 4 different model of 4 inches screen size Then how many model should vendor has for all the model so that all models will di?
	What scientist atomic model was called the plum pudding model or the chocolate chip cookie dough model?

Biba Model

Contents

Features

Implementations

See also

References