SSCP · Question #137
SSCP Question #137: Real Exam Question with Answer & Explanation
The correct answer is A: Bell-LaPadula model. Bell-LaPadula (A) was specifically designed in the 1970s for the U.S. Department of Defense to enforce confidentiality in classified government and military systems, using the "no read up, no write down" rules to prevent information leakage across security clearance levels. Biba
Question
Which access control model was proposed for enforcing access control in government and military applications?
Options
- ABell-LaPadula model
- BBiba model
- CSutherland model
- DBrewer-Nash model
Explanation
Bell-LaPadula (A) was specifically designed in the 1970s for the U.S. Department of Defense to enforce confidentiality in classified government and military systems, using the "no read up, no write down" rules to prevent information leakage across security clearance levels.
Biba (B) is also a military-relevant model but focuses on integrity rather than confidentiality - it's essentially Bell-LaPadula's complement, not the one proposed for government access control enforcement.
Sutherland (C) addresses integrity through information flow and interference, targeting covert channels - it's an academic integrity model, not the canonical government/military access control framework.
Brewer-Nash (D), also called the "Chinese Wall" model, is designed for commercial conflict-of-interest scenarios (e.g., preventing a consultant from accessing competing clients' data), not government or military use.
Memory tip: Think "Bell-LaPadula = Big Locked Pentagon" - the model locks information behind clearance levels, exactly what the Pentagon needs.
Topics
Community Discussion
No community discussion yet for this question.