INFO5301 Information Security Management
•time_sheet.xls is classified as (C, [FIN]),
•front_door_lock.txt is classified as (SC, [OPR, RES]),
•server_room.txt is classified as (SC, [OPR]).
IfBell-La Padula security model is implemented, explain the following statements are right
or wrong, and why ?
3.2.1 Bob can update the overtime schedule of his team members in time_sheet.xls .
Answer: Wrong.
time_sheet.xls ’s security classification C is less than Bob’s security level. time_sheet.xls ’s
category is a subset of Bob’s, i.e. [FIN] ⊆[FIN,OPR]. Therefore, Bob dominates time_sheet.xls .
There will be a path from time_sheet.xls to Bob in the lattice.
However, according to “No write Down" rule in Bell-La Padula model, Bob cannot write to
time_sheet.xls , but Bob can read time_sheet.xls .
3.2.2 Bob can change front door lock codes in front_door_lock.txt because Bob has SC
security clearance.
Answer: Wrong.
Despite security levels are equal, front_door_lock.txt ’s classification is not a subset of
Bob’s, i.e. [OPR,RES] ̸⊆[FIN,OPR]. Therefore, there will not be a path between these two
nodes in the lattice, which means information cannot flow between these two nodes.
3.2.3 Bob can can change front door lock codes in server_room.txt because Bob has SC
security clearance.
Answer: Wrong.
Information Security Management Page 4of 5