Which of the following security models characterizes the rights of each subject with respect to every object in the computer system?

Which of the following security models characterizes the rights of each subject with respect to
every object in the computer system?

A.
Clark-Wilson model

B.
Bell-LaPadula model

C.
Biba model

D.
Access matrix

Explanation:
The access matrix or access control matrix is an abstract, formal security model of
protection state in computer systems that characterizes the rights of each subject with respect to
every object in the system. It was first introduced by Butler W. Lampson in 1971. According to the
access matrix model, the protection state of a computer system can be abstracted as a set of
objects ‘O’, that is the set of entities that needs to be protected (e.g. processes, files, memory
pages) and a set of subjects ‘S’ that consists of all active entities (e.g. users, processes). Further
there exists a set of rights ‘R’ of the form r(s,o), where s S, o O and r(s,o) R. A right thereby
incorrect. The Bell-La Padula Model is a state machine model used for enforcing access control in
government and military applications. The model is a formal state transition model of computer
security policy that describes a set of access control rules which use security labels on objects and
clearances for subjects. Security labels range from the most sensitive (e.g.,”Top Secret”), down to
the least sensitive (e.g., “Unclassified” or “Public”). The Bell-La Padula model focuses on data
confidentiality and controlled access to classified information, in contrast to the Biba Integrity
computing system. The model is primarily concerned with formalizing the notion of information
integrity. Information integrity is maintained by preventing corruption of data items in a system due
to either error or malicious intent. The model’s enforcement and certification rules define data
items and processes that provide the basis for an integrity policy. The core of the model is based
system of computer security policy that describes a set of access control rules designed to ensure

data integrity. Data and subjects are grouped into ordered levels of integrity. The model is
designed so that subjects may not corrupt data in a level ranked higher than the subject, or be
corrupted by data from a lower level than the subject.