Which of the following statements relating to the Bell-LaPadula security model is FALSE (assuming the Strong Star property is not being used) ?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
It is not a property of Bell LaPadula model.
The other answers are incorrect because: A subject is not allowed to read up is a property of the 'simple security rule' of Bell LaPadula model.
Theproperty restriction can be escaped by temporarily downgrading a high level subject can be escaped by temporarily downgrading a high level subject or by identifying a set of trusted objects which are permitted to violate the property as long as it is not in the middle of an operation.
It is restricted to confidentiality as it is a state machine model that enforces the confidentiality aspects of access control.
The Bell-LaPadula security model is a formal model for enforcing confidentiality policies. It was first introduced by David Bell and Len LaPadula in 1973. The model has several properties, including the simple security property, the *-property, and the strong star property.
Assuming the Strong Star property is not being used, the false statement relating to the Bell-LaPadula security model is:
B. The property restriction can be escaped by temporarily downgrading a high level subject.
This statement is false because the Bell-LaPadula security model is a strict information flow model, which means that information can only flow from subjects at a lower level of security to objects at a higher level of security. This means that a high-level subject cannot read or access information from a lower level object. The model does not allow for any exceptions or temporary downgrades, and any such attempt would violate the model's security policy.
The other statements are true:
A. A subject is not allowed to read up: This means that a subject cannot access information at a higher security level than its own level. For example, a user with a secret security clearance cannot access top-secret information.
C. A subject is not allowed to read down: This means that a subject cannot access information at a lower security level than its own level. For example, a user with top-secret security clearance cannot access secret or unclassified information.
D. It is restricted to confidentiality: The Bell-LaPadula model is focused on enforcing confidentiality policies, which means that it is concerned with preventing unauthorized disclosure of information.
In summary, the Bell-LaPadula security model is a strict information flow model that enforces confidentiality policies. High-level subjects cannot access lower-level information, and there are no exceptions or temporary downgrades allowed.