



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
It contain all Cybersecurity notes and notes related to network security.
Typology: Lecture notes
1 / 7
This page cannot be seen from the preview
Don't miss anything!




Lecture 25: The Chinese Wall Policy
Dr. Bill Young
Department of Computer Sciences
University of Texas at Austin
Lecture 25: 1
The Chinese Wall Policy
The policies so far have been general. Let’s consider a policy for avery specific commercial concern:
the potential for conflicts of
interest and inadvertant disclosure of information by a consultantor contractor. Example:
A lawyer specializes in product liability and consults for
American Airlines. It could be a breach of confidentiality for her toconsult also for United Airlines.
Why?
A simultaneous contract
with McDonalds would not be a conflict.
Lecture 25: 2
The Chinese Wall Policy
The security policy builds on three levels of abstraction.
Objects
such as files. Objects contain information about onlyone company.
Company groups
collect all objects concerning a particular company.
Conflict classes
cluster the groups of objects for competing companies.
For example, consider the following conflict classes:
Ford, Chrysler, GM
Bank of America, Wells Fargo, Citicorp
Microsoft
Lecture 25: 4
The Chinese Wall Policy
We have a simple access control policy: A subject may accessinformation from any company as long as that subject has neveraccessed information from a different company in the same conflictclass. For example, if you access a file from GM, you subsequently will beblocked from accessing any files from Ford or Chrysler. You arefree to access files from companies in any other conflict class.Notice that permissions change dynamically. The access rightsthat any subject enjoys
depends on the history of past accesses
Lecture 25: 5
The Chinese Wall Policy
Unlike previous policies, Brewer and Nash’s Chinese WallPolicy is designed to address a very specific concern: conflictsof interest by a consultant or contractor. This illustrates that security policies can be crafted to solvevery specialized problems. The Chinese Wall is an access control policy in which accessesare sensitive to the history of past accesses.
Next lecture:
Role-Based Access Control
Lecture 25: 7
The Chinese Wall Policy