Information Security Models Link -

BLP focuses solely on confidentiality. It does not address integrity—meaning a low-level user could corrupt a high-level file (e.g., by writing junk data into it, which is allowed since it’s writing up). 2. The Integrity Guardian: Biba Model If BLP is about keeping secrets in, the Biba model (1977) is about keeping poison out. It was designed to address the integrity flaw in Bell–LaPadula. Biba ensures that data is not corrupted or modified by unauthorized subjects.

As we enter the era of quantum computing, zero-trust architectures, and AI-driven systems, these foundational models will inevitably evolve. But their core questions— Who can read this? Who can change that? Under what conditions? —will remain the eternal blueprint of digital defense. information security models

A consultant working on a merger between two banks is walled off from viewing any confidential data about other banks in the same sector. This model perfectly balances productivity (initial free access) with ethical separation. The Modern Abstract: Noninterference and Beyond As systems grew more complex—think virtual machines, cloud databases, and side-channel attacks—traditional models struggled. This gave rise to Noninterference , a formal model stating that high-level actions should have no observable effect on low-level users. BLP focuses solely on confidentiality