Security Model Practice Question


Which of the following security models is depicted in the above diagram?

A. Bell-LaPadula model
B. Biba model
C. Clark-Wilson model
D. Brewer and Nash model

The diagram in question is captured from The Official (ISC)2 Guide to the CISSP CBK Reference 5th Edition on page 236. Its figure caption, see the picture below, is “FIGURE 3.4 Brewer-Nash security model”; namely, the correct answer to this question is D, “Brewer and Nash model,” isn’t it? However, I am afraid not.

The correct answer, I believe, should be C, the Clark-Wilson model based on the keywords: TP, IVP, and UDI. Even though we can infer from those terminologies, this diagram still can’t convey the ideas behind the Clark-Wilson model well.

IMHO, the diagram must be misplaced. It should be relocated to and under the topic of the Clark-Wilson model and be revised to cover the CDI.

What do you think about this diagram? Your feedback and comments are welcome!



1 thought on “Security Model Practice Question

  1. Pingback: Highlights of The CISSP CBK 5th Edition – Wentz Wu

Leave a Reply