Data, Users, and Applications

Policies, Procedures, and Protocols

Hardware, Software, and Network

People, Process, and Technology

Bell-LaPadula Model

Role-Based Access Control

Discretionary Access Control

Attribute-Based Access Control

Access rights are based on user attributes

Permissions are attached to objects

Users have unrestricted access

Access is defined around roles and privileges

By preventing data corruption from lower integrity levels

By allowing data modification only through specific programs

By using security labels on data

By defining access based on user roles

ABAC uses security labels

ABAC is older than RBAC

ABAC grants access based on user attributes

ABAC uses roles and privileges

Chinese Wall Model

Clark-Wilson Model

Biba Integrity Model

Bell-LaPadula Model

To document data flow in a system

To ensure software is free from vulnerabilities

To define access control rules

To manage user roles and permissions