Comparing Major Security Models: Biba, Clark-Wilson, Brewer-Nash, and Bell-LaPadula

A comparison of four major security models -- Biba Integrity, Clark-Wilson, Brewer-Nash (Chinese Wall), and Bell-LaPadula -- covering their features and differences.

2 min read

To effectively manage security governance, the following major security models are available.

Biba Integrity Model

  • Creator: Kenneth J. Biba
  • Year: 1977
  • Country: United States
  • Features:
    • A security model designed to protect data integrity.
    • The main rule is “no write up, no read down,” preventing low-trust-level data from being written to higher trust levels and preventing higher-trust-level data from being read by lower trust levels.
    • Primarily used for maintaining data integrity in commercial environments.
  • Differences:
    • Specializes in integrity; confidentiality and availability are not in scope.
    • Better suited for commercial rather than military use.

Clark-Wilson Model

  • Creators: David D. Clark and David R. Wilson
  • Year: 1987
  • Country: United States
  • Features:
    • A model designed to ensure the security of commercial transactions.
    • Maintains integrity using three key concepts: CDI (Constrained Data Items), TP (Transformation Procedures), and IVP (Integrity Verification Procedures).
    • Emphasizes separation of duties to prevent fraud.
  • Differences:
    • Specializes in transactions and integrity; other security attributes are secondary.
    • Particularly suited for commercial environments.

Brewer-Nash Model (Chinese Wall Model)

  • Creators: David F.C. Brewer and Michael J. Nash
  • Year: 1989
  • Country: United Kingdom
  • Features:
    • A model designed to prevent conflicts of interest.
    • Once a user accesses information, their access to competing data is restricted based on what they have previously accessed.
    • Primarily used in finance and law.
  • Differences:
    • Specializes in conflict-of-interest management; other security attributes are not in scope.
    • Provides dynamic access control.

Bell-LaPadula Model

  • Creators: David E. Bell and Leonard J. LaPadula
  • Year: 1973
  • Country: United States
  • Features:
    • A security model designed to protect confidentiality.
    • The main rule is “no read up, no write down,” preventing users with lower clearance from reading higher-clearance data and preventing users with higher clearance from writing data to lower clearance levels.
    • Primarily used in military and government organizations.
  • Differences:
    • Specializes in confidentiality; integrity and availability are not in scope.
    • Suited for military use and classified information management.

関連記事