High-water Mark (computer Security)
   HOME

TheInfoList



Click Here for Items Related To - High-water Mark (computer Security)
OR:
High-water Mark (computer Security) on:   [Wikipedia]   [Google]   [Amazon]

In the fields of
physical security Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm (such as espionage, theft, or terrorist attacks). Physica ...
and
information security Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorize ...
, the high-water mark for
access control In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of ''accessing'' may mean consuming ...
was introduced by
Clark Weissmann Clark is an English language surname, ultimately derived from the Latin with historical links to England, Scotland, and Ireland ''clericus'' meaning "scribe", "secretary" or a scholar within a religious order, referring to someone who was educated ...
in 1969. It pre-dates the Bell–LaPadula security model, whose first volume appeared in 1972. Under high-water mark, any object less than the user's security level can be opened, but the object is relabeled to reflect the highest security level currently open, hence the name. The practical effect of the high-water mark was a gradual movement of all objects towards the highest security level in the system. If user A is writing a CONFIDENTIAL document, and checks the unclassified dictionary, the dictionary becomes CONFIDENTIAL. Then, when user B is writing a SECRET report and checks the spelling of a word, the dictionary becomes SECRET. Finally, if user C is assigned to assemble the daily intelligence briefing at the TOP SECRET level, reference to the dictionary makes the dictionary TOP SECRET, too.


Low-water mark

Low-water mark is an extension to
Biba Model The Biba Model or Biba Integrity Model developed by Kenneth J. Biba in 1975, is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are group ...
. In the Biba model, no-write-up and no-read-down rules are enforced. In this model the rules are exactly opposite of the rules in Bell-La Padula model. In the low-water mark model, read down is permitted, but the subject label, after reading will be degraded to object label. It can be classified in floating label security models.


See also

*
Watermark (data synchronization) A Watermark for data synchronization describes an object of a predefined format which provides a point of reference value for two systems/datasets attempting to establish delta/incremental synchronization; any object in the queried data source whic ...


References

Computer security models {{computer-security-stub