01
Bell-LaPadula
No read up, no write down.
Confidentiality
SmartSeK Learning
Learning resource
The Security Models Atlas
The classic information security models, shown as instruments you can operate. Reading the rules does not make them stick. Seeing them fire does.
6 models. Pick one, work the diagram, and watch each rule allow or block an action in real time.
The three goals every model serves
CConfidentialityKeep secrets secret.
IIntegrityKeep data correct.
AAvailabilityKeep it reachable.
Most models guard C or I. Availability has no single formal model. It is handled through architecture: redundancy, fault tolerance, and DoS protection.
The gallery
Every model, one click away
02
Biba
No read down, no write up.
Integrity
03
Clark-Wilson
Touch data only through certified programs.
Integrity
04
Brewer-Nash
What you can access depends on what you already accessed.
Hybrid
05
Graham-Denning
Eight rules for creating, deleting, and sharing rights.
Foundations
06
Harrison-Ruzzo-Ullman
Can a right ever leak? In general you cannot prove it will not.
Foundations