You are working for an organization in which every employee is granted a security clearance after completion of a thorough background check and assets are labeled after the classification process. Your access to classified resources is authorized based on if your security level dominates that of the resource. You are not allowed to write data to a lower security level. Which of the following may concern your organization most?
A. Biba Model
B. Integrity
C. Bell-LaPadula Model
D. Confidentiality
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. Confidentiality.
Bell LaPadula Model
The Bell LaPadula Model is a finite state machine which controls information flow for confidentiality with two security properties:
- Simple Security Condition (or Property): no read up
- *-Property (Star Property): no write down
Simple Security Condition
Simple Security Condition is a Bell-LaPadula security model rule allowing a subject read access to an object only if the security level of the subject dominates the security level of the object. (Orange Book)
*-Property (Star Property)
*-Property (Star Property) is a Bell-LaPadula security model rule allowing a subject write access to an object only if the security level of the subject is dominated by the security level of the object. Also known as the Confinement Property. (Orange Book)
Summary
According to the description of the question, we can infer that the organization implements the mandatory access control (MAC) model which is based on the Bell LaPadula Model to protect confidentiality.
The Bell LaPadula Model is the means, while confidentiality is the end. The organization should be concerned more about the end than the means.