SECURITY MODELS

Security is one of the most crucial needs for any human being as defined in the second step of Maslow’s hierarchy. First step is food and clothing which refers to existence. Security is coming right after existence. In the world of technology, hierarchy has changed a little bit. We can literally say that security is almost equal to existence. How to ensure security is defined in security models. From this perspective, security models are like instructions to survive.

Security Models-1


Security models are developed depending on the organization’s needs. In the early days of information security, confidentiality was the main concern. Bell-Lapadula was ensuring the confidentiality by restricting the access to read and write in different directions. This model was widely used in government and military however, there were some other organizations that needs integrity and availability of the data more than restricting the access and ensuring the confidentiality. Business and security balance was causing models to evolve. Integrity concerns led to create Biba model. Biba was working in exactly the opposite way of Bell-Lapadula. Biba was created due to commercial needs, but it was still not mature enough to perform complicated functions of the business world.

Why are Security Models important?

Clark Wilson model brought a third dimension to security model. Former models were focusing on subjects and objects to manage access control. Clark Wilson model was including subjects, programs, and objects. Objects were only accessible via programs. In other words, there is no direct interaction between subjects and objects. Considering that each program has limitations on objects, it was making more detailed access control between subjects and objects possible. Dynamic needs of business environments were not accepting the static rules for security.

This created the Brewer and Nash model which is basically allows to change the access controls depending on user’s previous activity. Another security model that focuses on integrity and noninterference is Goguen Meseguer Model. Subjects are granted for only predetermined actions on predetermined objects. Similar users are grouped, thus interference between subjects is prevented. Finally, Graham Denning model is based on securely managing the subjects, objects and access rights. In this model, all secure actions have limitations. An access control matrix is used to define permissions of a subject over a set of objects.


Security models are still evolving. Dynamic attack surface is forcing the professionals to create new IAM (Identity and Access Management) solutions for defending their intellectual property. Enterprises are adopting powerful tools for ensuring their information security however, without applying the basic security models and principles, they will be useless. While I was designing an IAM (Identity and Access Management) system for a previous employer, I have experienced the lack of security model definition deeply. Despite having modern tools, I ended up with an ACL matrix in an excel sheet.


The most secure way of doing something is not doing it. Since we always need to remain the business and security balance, adopting a security model and applying it into our environment is the first step for security program. Overwhelming capabilities of the modern technology and tools may cause an ignorance of the basics of security however without a strong foundation and logic, it is not possible to have a good security posture for our network. Security models are the foundation of our security program.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>