Step 6: Security Models Summary
Confidentiality, integrity, and availability (CIA triad) as well as authentication and nonrepudiation are fundamental security concepts that must be considered when assessing and developing security options. Cybersecurity models have been developed to address some or all of these security concepts. While these models were generally created to address a specific business case, each of the models has attributes that could be used to assemble a custom security plan. In order to draft a custom security plan for your organization, you will need to understand basic security models. You will identify key features, weaknesses, and targeted sectors and/or infrastructures. In this step and in Step 7, you will develop a short summary for each of the security models listed. These reports will serve as an Appendix A to your final memo and will document the security models and their attributes in advance of the memo that you will deliver with your recommended approach.
Each summary should include a descriptive and evaluative paragraph on the following attributes: Include the origins of the model (who developed it, when was it developed, and the context under which it was developed), main characteristics of the model (details on the business, sector, industry for whom the model was developed), and key features of the model. Write summaries for the following models:
- Biba’s Strict Integrity Policy
- Chinese Wall
When you have completed these summaries, continue to Step 7, where you’ll write a summary for the next four security models.