Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security Models (Security Management Models (NIST Security Models (SP 800…
Security Models
Security Management Models
NIST Security Models
SP 800-14
SP 800-18
SP 800-12
SP 800-30
SP 800-53
ISO 27000 Series
COSO
COBIT
ITIL
Information Security Governance Framework
Access Control Models
Based on their operational impact
Management:
Operational (administrative):
Technical:
degree of authority
DAC
NDAC
o Task-based controls
o Role-based
MAC
By characteristics:
Detective
Corrective
Recovery
Preventative
Deterrent
Compensating
Other
• Content-dependent access controls
• Constrained user interfaces
• Temporal (time-based) isolation
Security Architecture Models
o EVALUATION MODELS
ITSEC
common criteria
TCSEC
o IMPLEMENTATION MODELS
Bell-LaPadula
Confidentiality
Biba
integrity
Graham-Denning
how subjects may manipulate the objects
Harrison-Ruzzo-Ullman
allow changes to access rights and the addition and removal of subjects and objects
Clark-Wilson
change control rather than integrity
Brewer-Nash
conflicting sets of data