CISSP - 3) Security Engineering Domain

Terms in this set (192)

State Machine Model: - state describes a systems at a point in time. It describes the behavior of a system as it moves between one state and another, from one moment to another. The purpose is to define which actions will be permitted at any point in time to ensure that a secure state is preserved.
Time is very important. according to this rule set (i.e., security policy), a model system's secure state can only change at distinct points in time, such as when an event occurs or a clock triggers it.

Multilevel Lattice Models: describes strict layers of subjects and objects and defines clear rules that allow or disallow interactions between them based on the layers they are in. Subjects are assigned security clearances that define what layer that are assigned to and objects are classified into similar layers.

Noninterference Models: may be considered a type of multilevel model with a high degree of strictness, severely limiting any higher-classified information from being shared with lower-privileged subjects even when higher-privilege subjects are using the system at the same time.
Thus they address obvious and intentional interactions between subjects and objects, but the also deal with the effects of covert channels that may leak information inappropriately.
It minimizes leakages that may happen through covert channels because there is a complete separation between security levels. Thus a higher-security level has not way to interface with the activities at a lower level.

Matrix-based Models: Access control matrix is a two-dimensional table that allows for individual subjects and objects to be related to each other. Its a concise way to represent the capabilities that subjects have when accessing particular objects. Typical access methods for content are read, write, edit, and delete.

Information Flow Models: focus on how information is allowed or not allowed between individual objects. Its used to determine if information is being properly protected throughout a given process and may be used to identify potential covert channels, unintended information flow between compartments in compartmented systems.