Download
1 / 3
30 likes | 194 Vues
Lipner's Integrity Policy enforces strict guidelines to maintain data integrity within systems. It establishes a separation of duties, ensuring users utilize existing programs rather than developing their own, while programmers avoid testing programs using production data. Updates to production systems require a controlled and audited process. Different security levels categorize users and data: ordinary users, developers, system programmers, and managers, each with distinct access rights. By adhering to these principles, organizations can uphold data integrity and security across software development and production environments.
E N D
Lipner’s Integrity Policy • Practice • Separation of duty: • Users will not write their own programs, but will use existing production programs and databases • If a program needs to be added, follow controlled/audited process • Separation of function • Programmers will not develop and test programs on production data • If production data is needed, follow controlled/audited process • Auditing • Controlled/audited process for updating code on production system
Lipner’s Integrity Policy • Security Levels • Audit: AM • Audit/management functions • System Low: SL • Everything else • Categories • Development • Production Code • Production Data • System Development • Software Tools • Follow BLP+Lattice access rules, but on integrity levels
Lipner’s Integrity Policy • Users: • Ordinary (SL,{PC, PD}) • Developers (SL,{D,T}) • System Programmers (SL,{SD, T}) • Managers (AM,{D,PC,PD,SD,T}) • Controllers (SL,{D,PC,PD,SD,T} • Objects • Development code/data (SL,{D,T}) • Production code (SL,{PC}) • Production data (SL,{PC,PD}) • Tools (SL,{T}) • System Programs (SL,) • System Program update (SL,{SD,T}) • Logs (AM, {…})
