Your guide to the Bell-LaPadula, Biba, and Chinese Wall Access Management Models
What is Access Management?
Access Management is all about making sure the right people have access to the right data at the right time. It’s usually part of a larger strategy to Identify, Control and Access Management (ICAM) that helps define and manage the roles and strategy for accessing specific data, networks, infrastructure, etc.
Why is it important?
Access Management is important because you need to be able to give the right people access to the right information without compromising security, and without causing a huge inconvenience to the user — think, being told to submit a ticket to get access to a document your boss needs you to access right away!
What’s the best way to make sure that the right people have access to the right data at the right time? This is where different models of access control can come into play. These control models help identify who should be able to read, edit, and know about specific data.
This isn’t an exhaustive list of control models, but these some of the most well-known.
The Bell-LaPadula Model
Bell-LaPadula Model was first created as a way to enforce different levels of access for government organizations that deal with highly classified organizations. Sometimes referred to as the Multi-Level Model, this type of access control model categorizes data and personnel into different classifications. The people are referred to as “subjects”, and the thing they are accessing (in most cases data or documentation) is referred to as the “objects”.
For example, we could classify people and documentation into three groups each:
Subject Access LevelObject Access LevelSubject A with top-secret level information accessObject 1 with top-secret informationSubject B with secret level information accessObject 2 with secret informationSubject C with unclassified level accessObject 3 with unclassified information
The Bell-LaPadula model states that no person can “read-up” from their current level nor can they “write down”. This keeps reading anything that they aren’t supposed to with more classified data, and also keeps employees with a more secret-level access from editing a document that might accidentally release classified knowledge, in an unclassified document. A great page by UNC-CH explains this model in more depth.
The Biba Model
The inverse of the Bell-LaPadula Model is the Biba Integrity Model. As the name suggests, this model addresses data integrity that isn’t necessarily addressed with the confidentiality focus of the Bell-LaPadula Model
With the Biba Model, users can “read up and write down”. In theory, those subjects with lower-level access should be able to read documentation from the higher-level users. At the end of the day though, the thought is that the higher-level users should be able to edit any data and override something written by a lower-level subject.
While this scenario may not necessarily be a best-use case in organizations with highly classified documents, it does work well for things like the ability to edit code. For example, you might want the ability to for a Senior Engineer to overwrite code from a new junior employee since they may be a more knowledgeable programmer.
Chinese Wall Model
The Chinese Wall Model is widely used across the commercial sector, specifically in regulated industries like financial services. This model differs from the Bell-LaPadula Model and the Biba Model, because of its focus on conflict of interest. Because of the rules and regulations around financial institutions, insider knowledge can cause an organization or an individual to face high fines and potential jail time if information is not handled properly. For example, if an employee is working with Bank X, then they should not be able to access the information from a competitor like Bank Y. Divya Aradhya does a great job of explaining this security policy and accessibility model.
Getting started with Access Management
Getting started with ICAM requires an advanced knowledge of systems, processes, and technologies. You need a partner that understands the nuances of your unique organization structure and how your technologies integrate with one another.
As a part of our diverse security portfolio, MindPoint Group provides in-depth ICAM solutions that can improve your organization’s security posture, while allowing you to meet compliance requirements and pass audits.