I have been reading on security policies and the question wether Bell-LaPadula can be used to implement Chinese Wall. Does anyone know more about it?
Asked
Active
Viewed 2,707 times
2 Answers
3
first the Bell-LaPadula Model cannot capture changes over time. second, more serious problem arises when one considers that subjects in the Chinese Wall model may choose which CDs(company dataset) to access; in other words, initially a subject is free to access all objects. the Bell-LaPadula Model cannot emulate the Chinese Wall model.
siddharth
- 173
- 1
- 6
2
Ravi S. Sandhu has given a part of a positive answer in his 1992 paper entitled Lattice-Based Enforcement of Chinese Walls (preprint). The idea is to build a lattice from the $n$ Conflict Of Interest (COI) classes defined in the Chinese Wall: elements are tuples of the form $[l_1, \ldots, l_n]$ where $l_i$ is either $\bot$ when no document from class $i$ has been accessed yet or a document's identifier from the class $i$.
To capture the dynamic character of the Chinese Wall policy model, the users' labels have to be updated when he/she reads a document pertaining to a COI class. In this sense, the translation is closer to high-water mark than to pure Bell-LaPadula.
Romuald
- 1,289
- 8
- 14