Certified Secure Software Lifecycle Professional (CSSLP) — Question 72
Which of the following security models characterizes the rights of each subject with respect to every object in the computer system?
Answer options
- A. Clark-Wilson model
- B. Bell-LaPadula model
- C. Biba model
- D. Access matrix
Correct answer: A, B
Explanation
The correct answer is the Clark-Wilson model, which specifically focuses on ensuring data integrity through well-formed transactions and separation of duties. The other models, while important, address different aspects of security; for example, Bell-LaPadula is concerned with confidentiality, and Biba emphasizes data integrity but does not use the concept of rights in relation to objects as directly as the Clark-Wilson model.