Terminologies
Various Terminologies in Cyber security
- Bell-La Padula Model
The Bell-La Padula Model is a model that is used to achieve
Confidentiality
in the CIA triad.This model works by granting access to the objects(data) in the organisation.
This model follows the rule
'no write down, no read up'
.This model is useful for Government and military organisations, where every members of the organisation are presumed to have already done with the
vetting
process.So, the higher authorities know the data/read the data of the lower personnel.
- Biba Model
It the equivalent of Bell-La Padula Model for the
Integrity
element in the CIA Triad.This model works by granting access to the objects(data) and subjects(users), on the rule
'no write up, no read down'
.This means that in the organisation, one can read or write data only on his level and can read above his level.
If you were a software developer, your company may use this model for the integrity of the data.
- Threat Modelling
Threat modelling is the process of reviewing, improving, and testing the security protocols in place in the organisation's information security infrastructure and services.
An effective threat model includes:
Threat Intelligence
Asset Identification
Mitigation Capabilities
Risk Assessment
Last updated