The Chinese Wall Security Policy
نویسندگان
چکیده
Everyone who has seen the movie Wall Street wi~l have seen a commercial security policy in action. The recent work of Clark and Wilson and the WIPCIS initiative (the Workshop on Integrity Policy for Computer Information Systems) has drawn attention to the existence of a wide range of commercial security policies which are both significantly different from each other and quite alien to current “military” thin king as implemented in products for the security mari<et place. This paper presents a basic mathematical theory which implements one such policy, the Chinese Wall, and shows that it cannot be correctly represented by a 13e11-LaPadula model. The Chinese Wall policy combines commercial discretion with legally enforceable mandatory con trols. It is required in the operation of many financial services organizations and is, therefore, perhaps as significant t to the financial world as Bel!-LaPadula ’s policies are to the military. MIRQK?LK7T,K2N Until recently, military security policy thinking has dominated the direction of computer security research both in the US and the UK. Clark and Wilson’s seminal paper [1] has, however, drawn attention to the fact that commercial security needs are just as important as those of the de fence community and, through the WIPCIS initiative [2], that the problems of the commercial community are at least as diverse and relevant to the computer scientist. There are many well defined commercial security policies covering all aspects of Clark and Wilson’s model [3]. One of these, the Chinese Wall security policy is perhaps as significant to some parts of the commercial world as Bell and LaPadula’s policies [4, 5] are to the military. It can be most easily visualized as the code of practice that must be followed by a market analyst working for a financial institution providing corporate business services. Such an analyst must uphold the confidentiality of information provided to him by his firm’s clients; this means he cannot advise corporations where he has insider knowledge of the plans, status or standing of a competitor. However, the analyst is free to advise corporations which are not in competition with each other, and also to draw on general market information. Many other instances of Chinese Walls are found in the financial world. Unlike Bell and LaPadula, access to data is not constrained by attributes of the data in question but by what data the subject already holds access rights to. Essentially, datasets are grouped into “conf I ict of interest classes” and by mandatory ruling all subject= are allowed access to at most one dataset belonging to each such conflict of inte rest class; the actual choice of dataset is totally unrestrained provided that this mandatory rule is satisfied. We assert that such policies cannot be correctly model led by Bell -LaPadula. It should be noted that in the United Kingdom the Chinese Wall requirements of the UK Stock Exchange [6] have the authority of law [7] and thus represent a mandatory security policy whether implemented by manual or automated means. Furthermore, correct implementation of this policy is important to English Financial Institutions since it provides a legitimate defence against certain penal classes of offence under their Iak[.
منابع مشابه
A Trace - Based Model of theChinese Wall Security
The Chinese Wall security policy is a well known information control policy used in the commercial world to specify control over information when connicts of interest arise. A trace-based information ow control model for the Chinese Wall security policy is presented. This model is enhanced to permit connict time frames for obtained information and revocation of access rights to a particular dat...
متن کاملA Trace-Based Model of the Chinese Wall Security Policy
The Chinese Wall security policy is a well known information control policy used in the commercial world to specify control over information when con icts of interest arise. A tracebased information ow control model for the Chinese Wall security policy is presented. This model is enhanced to permit con ict time frames for obtained information and revocation of access rights to a particular data...
متن کاملLattice-based enforcement of Chinese Walls
The Chinese Wall policy was identi ed and so named by Brewer and Nash [2]. This policy arises in the nancial segment of the commercial sector, which provides consulting services to other companies. Consultants naturally have to deal with con dential company information for their clients. The objective of the Chinese Wall policy is to prevent information ows which cause con ict of interest for i...
متن کاملChinese Wall Security Model and Conflict Analysis
Brewer and Nash, and immediately updated by this author, introduced Chinese Wall security policy models for commercial security. Applying Pawlak's idea of conflict analysis, this paper introduced a practical way of computing an extended model.
متن کاملA Lattice Interpretation of the Chinese Wall Policy
The Chinese Wall policy was identi ed and so named by Brewer and Nash [2]. This policy arises in the segment of the commercial sector which provides consulting services to other companies. Consultants naturally have to deal with con dential company information for their clients. The objective of the Chinese Wall policy is to prevent information ows which cause con ict of interest for individual...
متن کاملLattice - Based Enforcement of Chinese
The Chinese Wall policy was identiied and so named by Brewer and Nash 2]. This policy arises in the nancial segment of the commercial sector, which provides consulting services to other companies. Consultants naturally have to deal with conndential company information for their clients. The objective of the Chinese Wall policy is to prevent information ows which cause connict of interest for in...
متن کامل