The University of SydneyPage 20Bell-La PadulaModel–The model for controlling access to objects–Initial formalization was developed in 1973 by David Bell and Len LaPadula–Also called military security because it models the confidentiality problem with military documents –The model has two basic axiomsThe Simple-Security Property: Subject S with clearance (LS, CS ) can have read access to object O with classification (LO, CO) only if (LS, CS) dominates (LO,CO).