Secure Software Lifecycle Professional – CSSLP – Question187

Which of the following security models dictates that subjects can only access objects through applications?

A.
Biba model
B. Bell-LaPadula
C. Clark-Wilson
D. Biba-Clark model

Correct Answer: C

Explanation:

Explanation: The Clark-Wilson security model dictates that subjects can only access objects through applications. Answer: A is incorrect. The Biba model does not let subjects write to objects at a higher integrity level. Answer: B is incorrect. The Bell-LaPadula model has a simple security rule, which means a subject cannot read data from a higher level. Answer: D is incorrect. There is no such model as Biba-Clark model.