Lecture

Mandatory Access Control: Multi-property Security Models

Description

This lecture covers the Chinese Wall model, which addresses conflicts of interest by combining confidentiality and integrity. It explains how entities with different properties may oppose each other and the role of Trusted 3rd parties, Trusted Hardware, and Advanced Cryptography in securing the Trusted Computing Base. The Chinese Wall Security Policy, inspired by UK financial sector rules, enforces a separation between conflicting activities within the same firm. It introduces the concept of conflict sets, labels denoting object origins, and access rules based on information flow restrictions. The lecture also discusses indirect flows within conflict sets and the necessity of sanitization to prevent information leakage. Additionally, it summarizes security models like BLP and BIBA, emphasizing declassification, integrity, and the trade-offs between confidentiality and availability.

About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.