How can you write up without having the ability to read up? Like you can’t even read what you write, not sure if I understand correctly but it doesn’t make sense to me.
hi Sorry for the late reply I am so happy that you understood the models and asked this question which most of the students miss..no answering your question If an unauthorized process is able to write at a higher security level, it could potentially violate the confidentiality principles of the Bell-LaPadula model. This unauthorized write access could allow the process to modify or tamper with sensitive data that it shouldn't have access to, potentially compromising confidentiality. It's important to note that the Bell-LaPadula model primarily focuses on preventing unauthorized read access and controlling the flow of information based on security levels. The destruction of data falls more into the realm of data sanitization and secure disposal practices, which are complementary to access control mechanisms in maintaining confidentiality. Thts the reason most of organizations combine bella phadula model with biba model. By combining the Bell-LaPadula model with the Biba model, organizations can establish a more comprehensive security framework that addresses both confidentiality and integrity concerns. The Bell-LaPadula model prevents unauthorized users or processes from accessing information at higher security levels (read-up) and from modifying information at lower security levels (write-down). This helps maintain confidentiality by controlling the flow of information and preventing unauthorized disclosure. On the other hand, the Biba model focuses on maintaining data integrity. It prevents users or processes with lower integrity levels from modifying or corrupting data at higher integrity levels (write-up) and from accessing data at lower integrity levels (read-down). This helps ensure that data remains accurate and trustworthy. Combining these two models allows organizations to create a more robust security posture by addressing both confidentiality and integrity aspects of information security. It helps establish a comprehensive access control framework that governs both read and write operations, preventing unauthorized access, disclosure, and tampering of sensitive information. I hope this helps Thanks for watching and plzsubscribe for more such videos..
hey hassan to achieve a secure system state in the BLP model, both the simple security property and the *-property must be satisfied simultaneously.( the standard BLP model) However, in practical situations, these two properties, particularly the *-property, can be too restrictive. For example, there may be scenarios where a trusted user needs to access sensitive data and, after appropriately sanitizing it, transfer it to an unclassified data object. In such cases, relaxing the *-property may be necessary to accommodate legitimate information flow while still maintaining security measures. Hi Hope this helps thanks for watching and plz subscribe for more such videos...
Hi Josh..double asterix confusion did not struck me..thanks fpr your feedback I shall keep that in mind while doing future videos...thanks for watching and plz subscribe for more🙏🙏
I like the way he explain. He explain the complex subjects on easy way
Hey Yousuf thanks for watching...plz subscribe for more such videos...🙏🙏
Dear Sir Thanks soo Much for delivering this type of Lecture. The way of your teaching is awesome.
I am giving *****100/100.
Hi bro thanks for watching...plz subscribe for more such videos..🙏🙏
Glad I found this!! Explains it so clearly!!!!
Hi thanks for watching...plz subscribe for more such videos...🙏🙏
thank you so much, this video was very helpful and informative. I appreciate your efforts.
You are always welcome..thanks for watching..plz subscribe for more such videos..🙏🙏
Well explained!
Very Informative 👍
Hey Amit thanks for watching...plz subscribe for more such videos...🙏🙏
Nice explanation.. thanks
Hey bro thanks for watching...plz subscribe for more such videos...🙏🙏
thank you very much, you are the best!!! I wish you were our university teacher
Hey bro thanks for watching...plz share and subscribe...🙏🙏
very helpful video
Hey naushad thanks for watching plz subscribe for more such videos...🙏🙏
Thank you Sir!
You are always welcome...thanks for watching and plz subscribe for more...🙏🙏
You are a very good teacher! 👍
Hi Mido thanks for watching....plz subscribe for more such videos..🙏🙏
Teachers of Hardvard, who? This man is legendary, he has mastered the most important aspect of teaching, which is clarity. Respect!
Well thanks for your kind words..🙏🙏 plz share and subscribe...🙏🙏
great video :3
Hey bro thanks for watching...plz share and subscribe..🙏🙏
Excellent explanation
Hey thanks for watching and plz subscribe for more...🙏🙏
cảm ơn anh nó giúp tôi rất nhiều
thanks you so much
Hey bro thanks for watching...plz subscribe for more such videos...🙏🙏
👍❤
Thank you sir
You r always welcome bro...thnks for watching...plz subscribe fr more such videos..🙏🙏
How can you write up without having the ability to read up? Like you can’t even read what you write, not sure if I understand correctly but it doesn’t make sense to me.
Sir suppose if unauthorized process can write on high level. How this provide confidentiality, when data is destroyed. I am confused in this issue.
hi Sorry for the late reply I am so happy that you understood the models and asked this question which most of the students miss..no answering your question
If an unauthorized process is able to write at a higher security level, it could potentially violate the confidentiality principles of the Bell-LaPadula model. This unauthorized write access could allow the process to modify or tamper with sensitive data that it shouldn't have access to, potentially compromising confidentiality.
It's important to note that the Bell-LaPadula model primarily focuses on preventing unauthorized read access and controlling the flow of information based on security levels. The destruction of data falls more into the realm of data sanitization and secure disposal practices, which are complementary to access control mechanisms in maintaining confidentiality.
Thts the reason most of organizations combine bella phadula model with biba model. By combining the Bell-LaPadula model with the Biba model, organizations can establish a more comprehensive security framework that addresses both confidentiality and integrity concerns.
The Bell-LaPadula model prevents unauthorized users or processes from accessing information at higher security levels (read-up) and from modifying information at lower security levels (write-down). This helps maintain confidentiality by controlling the flow of information and preventing unauthorized disclosure.
On the other hand, the Biba model focuses on maintaining data integrity. It prevents users or processes with lower integrity levels from modifying or corrupting data at higher integrity levels (write-up) and from accessing data at lower integrity levels (read-down). This helps ensure that data remains accurate and trustworthy.
Combining these two models allows organizations to create a more robust security posture by addressing both confidentiality and integrity aspects of information security. It helps establish a comprehensive access control framework that governs both read and write operations, preventing unauthorized access, disclosure, and tampering of sensitive information.
I hope this helps Thanks for watching and plzsubscribe for more such videos..
Ye kis subject k topics hn? Cyber security
Yes this topic is of computer security.
what about the ds property of blp model
hey hassan to achieve a secure system state in the BLP model, both the simple security property and the *-property must be satisfied simultaneously.( the standard BLP model)
However, in practical situations, these two properties, particularly the *-property, can be too restrictive. For example, there may be scenarios where a trusted user needs to access sensitive data and, after appropriately sanitizing it, transfer it to an unclassified data object. In such cases, relaxing the *-property may be necessary to accommodate legitimate information flow while still maintaining security measures.
Hi Hope this helps thanks for watching and plz subscribe for more such videos...
not a great idea to use asterisks as bullet points when one of the list items is "* security property" because now you've written "* * security..."
Hi Josh..double asterix confusion did not struck me..thanks fpr your feedback I shall keep that in mind while doing future videos...thanks for watching and plz subscribe for more🙏🙏
If someone can't read up, how can he write up🤔
He cant get the information from the top level but he can give the information to the top level...
Concurrent
Hey Ethan nice to see you again..👍👍