A security architect is designing a system for a military intelligence agency where data classification labels (Top Secret, Secret, Confidential, Unclassified) are mandatory. Users are cleared to a specific level and must not read data above their clearance. Which security model enforces this type of access control?
Trap 1: Biba model
Biba addresses integrity, not confidentiality.
Trap 2: Brewer-Nash model
Brewer-Nash (Chinese Wall) prevents conflict of interest, not classification-based access.
Trap 3: Clark-Wilson model
Clark-Wilson focuses on commercial integrity and well-formed transactions.
- A
Bell-LaPadula model
Correct. Bell-LaPadula enforces confidentiality via no read up and no write down.
- B
Biba model
Why wrong: Biba addresses integrity, not confidentiality.
- C
Brewer-Nash model
Why wrong: Brewer-Nash (Chinese Wall) prevents conflict of interest, not classification-based access.
- D
Clark-Wilson model
Why wrong: Clark-Wilson focuses on commercial integrity and well-formed transactions.