Biba Model of Access Control

Questions and Answers

Which of the following best describes the Biba model of access control?

It focuses on both confidentiality and data integrity equally.

It prioritizes data integrity over confidentiality. (correct)

It prioritizes confidentiality over data integrity.

It does not prioritize either confidentiality or data integrity.

What is the simple integrity axiom in the Biba model?

No read down.

No write up.

Anyone accessing a resource can only write its contents to one classified at the same level or lower.

The level of access granted to an individual must be no lower than the classification of the resource. (correct)

What is the * integrity axiom in the Biba model?

No read down.

The level of access granted to an individual must be no lower than the classification of the resource.

No write up.

Anyone accessing a resource can only write its contents to one classified at the same level or lower. (correct)

Study Notes

Biba Model of Access Control

• The Biba model is a mandatory access control model that focuses on the integrity of data rather than confidentiality
• It is a discretionary access control model that prioritizes the integrity of data over confidentiality and availability

Integrity Axioms in the Biba Model

• The simple integrity axiom states that a subject at a certain level of integrity cannot write to an object of a higher level of integrity
• The * integrity axiom states that a subject at a certain level of integrity can read an object at the same or higher level of integrity, but cannot write to an object at a higher level of integrity

Description

Test your knowledge of the Biba model of access control with this quiz. Learn about its focus on data integrity and how it differs from the Bell-LaPadula model. Explore the two security rules of Biba and assess your understanding of its integrity axioms.