Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
security issues that potentially impact safety. Figure 26 displays and compares how the Bell-<br />
LaPadula Confidentiality and Biba Integrity Models operate.<br />
Bell-LaPadula Confidentiality Model<br />
Biba Integrity Model<br />
High-Sensitivity Level<br />
High-Integrity Level<br />
Write OK<br />
(* property)<br />
Read OK<br />
(ss property)<br />
Medium-Sensitivity Level<br />
Medium-Integrity Level<br />
Read OK<br />
(ss property)<br />
Write OK<br />
(* property)<br />
Low-Sensitivity Level<br />
Low-Integrity Level<br />
Figure 26. Bell-LaPadula Confidentiality and Biba Integrity Models Compared<br />
The Biba Integrity Model was created as a direct analog to the Bell-LaPadula Confidentiality<br />
Model to address <strong>in</strong>tegrity issues. Specifically, <strong>in</strong>tegrity is usually characterized as compris<strong>in</strong>g<br />
the follow<strong>in</strong>g three goals (taken from page 204 of reference 85):<br />
• The data or system is protected from modification by unauthorized users or processes.<br />
• The data or system is protected from unauthorized modification by authorized users or<br />
processes.<br />
• The data or system is <strong>in</strong>ternally and externally consistent. For example, the data held <strong>in</strong> a<br />
database must balance <strong>in</strong>ternally and must accurately correspond to the external, realworld<br />
situation that it represents.<br />
These <strong>in</strong>tegrity issues directly correspond to the safety policy concerns that DO-178B and ARP<br />
4754 address.<br />
The Biba Integrity Model shares the same concepts as the Bell-LaPadula Confidentiality Model,<br />
except that its mandatory policies are the <strong>in</strong>verse of each other (see figure 26). The Biba<br />
Integrity Model is Lattice-based and uses a lattice structure that represents a set of <strong>in</strong>tegrity<br />
classes and an ordered relationship among those classes such as the DO-178B levels of safety<br />
(see section 6.3). The Biba simple <strong>in</strong>tegrity axiom (ss) requires that a subject at one level of<br />
82