Select Page

Composition Theories in Information Flow Models

CISSP

Composition theories explain how inputs and outputs between multiple systems relate to one another, focusing on how information flows between systems rather than within an individual system. These theories are essential for understanding the interaction between interconnected systems in a secure environment.

  1. Cascading
    • Definition: The output of one system serves as the input for another system.
    • Example: A classified document produced by one system is used as input in another system, continuing the flow of classified information.
  2. Feedback
    • Definition: Two systems exchange roles where one system initially provides input to another, and then the roles reverse, with the second system providing input back to the first.
    • Example: A system that processes data sends the results to another system for further analysis, and the analysis results are then fed back to the original system for additional processing.
  3. Hookup
    • Definition: One system sends input to another system while also sending input to external entities.
    • Example: A system processes information and sends the results to both another internal system and an external partner or system, creating multiple flow pathways.

Mandatory Access Control (MAC)

  • Subjects:
    • Users: Individuals who perform work tasks and interact with the system.
    • Data Owners: Responsible for protecting data and determining its classification.
    • Data Custodians: Responsible for classifying and protecting data, typically handling the operational aspects of data management.
  • Objects:
    • Labeling: Objects (e.g., files, databases) are labeled based on their level of classification or sensitivity.
    • Clearance Levels: Subjects are labeled according to their level of clearance, determining their access to classified information.

These theories and access control concepts are crucial for ensuring that information flows securely between systems and that access is appropriately controlled based on the sensitivity and classification of data. Understanding these models is important for designing secure systems that interact with each other while maintaining data integrity and confidentiality.

Latest Post:

Pin It on Pinterest