Security Model Practice Question


Which of the following security models is depicted in the above diagram?

A. Bell-LaPadula model
B. Biba model
C. Clark-Wilson model
D. Brewer and Nash model

The diagram in question is captured from The Official (ISC)2 Guide to the CISSP CBK Reference 5th Edition on page 236. Its figure caption, see the picture below, is “FIGURE 3.4 Brewer-Nash security model”; namely, the correct answer to this question is D, “Brewer and Nash model,” isn’t it? However, I am afraid not.

The correct answer, I believe, should be C, the Clark-Wilson model based on the keywords: TP, IVP, and UDI. Even though we can infer from those terminologies, this diagram still can’t convey the ideas behind the Clark-Wilson model well.

IMHO, the diagram must be misplaced. It should be relocated to and under the topic of the Clark-Wilson model and be revised to cover the CDI.

What do you think about this diagram? Your feedback and comments are welcome!



One thought on “Security Model Practice Question

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.