416740
Description
Mind Map by Craig Parker, updated more than 1 year ago
|
Created by Craig Parker
almost 11 years ago
|
|
U4. Chinese Wall
- Aimed at a 'real' problem of preventing conflicts of interest
- Golden Rule = There must be no flow of
information that causes a conflict of interest.
- Golden Rule = There must be no flow of
information that causes a conflict of interest.
- Simple security (ss) property:
- A subject may only be granted
access to an object if:
- the object is in the same company dataset
as an object already accessed by the subject
- the object does not belong to any of the
conflict of interest classes of objects
already accessed by the subject
- the object is in the same company dataset
as an object already accessed by the subject
- deals with direct information flow
- A subject may only be granted
access to an object if:
- Star property
- deals with indirect flow
- A subject s is permitted write access to an object
only if s has no read access to any object o', which
is in a different company dataset and is unsanitised
- One of the implications of the *-property is that access rights
of subjects change dynamically with every access operation.
- deals with indirect flow
- You need to understand and appreciate how a different type of
security policy can be described in terms of a security model.
Want to create your own Mind Maps for free with GoConqr? Learn more.