Pass your certification exam. Faster. Guaranteed.

Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.


Comprehensive practice exam engine!

  • Unlimited access to thousands of practice questions
  • Exam readiness score
  • Smart reinforcement


All features in the FREE plan, plus:

  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee
  • And much more

Clark-Wilson, Brewer and Nash, Graham-Denning Transcription

Welcome to our security models module. In this module, we will discuss the Clark- Wilson model, Brewer and Nash model, Graham-Denning model, and the Harrison, Ruzzo, Ullman model. The Clark and Wilson model is an integrity model, just like the Biba model. It is an integrity verification procedure for constrained items.

Applications are used to control the user or subject's interactions with objects or programs. The Clark and Wilson integrity model addresses three integrity goals. It uses authentication and authorization with access control lists. It attempts to prevent any authorized or unauthorized users from making improper changes to data. And it maintains consistency for both internal and external transactions.

This model requires well formed transactions and requires that steps be performed exactly as listed in a defined order. We also must authenticate the individuals who are performing the steps in case of any issues we will be able to know who was responsible for making changes. This model calls for a separation of duties between the administrators and the users.

We should not have users with administrative capabilities. It also is a take-grant model. This is how administrators are able to pass on rights. They grand authenticated users rights and privileges and they leave it up to the subject to determine whether to give rights to another, take rights from another, or revoke rights.

The Clark-Wilson model deals with three integrity goals. First, you wanna authenticate users to prevent any unauthorized users from accessing the system. Controls need to be put in place to prevent authorized users from making incorrect modifications. It also requires the use of well formed transactions In order to maintain internal and external consistency.

We can see in the graphic at the bottom that the user is permitted to interact with the object only through the authorized mechanism of going through the application. They are not permitted to interact with the object directly. You will most likely see questions on the CISSP exam about the Clark and Wilson model.

You want to remember that it is an integrity model, and also remember that it calls for the use of well-formed transactions. The Brewer and Nash model is also known as the Chinese wall. This model allows dynamically changing permissions based on rule based assess control or r back. In this model, we have a wall, which segregates data types and we have a set of rules that determine what subjects can access on the other side of the wall.

These dynamic rules can change as the user accesses different information. And this model attempts to protect that there is no conflict with the data the user previously accessed and the data they are about to access. This model is concerned with ensuring that there is no conflict of interest related to your business practices. An example of how this works is that if a user accesses data from a certain company they will no longer be permitted to access a competitors data because that would now be considered off limits. This model also tries to prevent users from making fraudulent modifications to any objects and also supports the separation of duties.

Here is an example of what the Brewer and Nash model would look like. We can see that we have a Brewer and Nash Model Wall between the company's data from bank A and bank B. We can see that once the users have accessed data from bank A, they are no longer permitted to access the data from bank B, because now we have a conflict of interest.

If the users had accessed the data from bank B first, then they would not be able to access the data from bank A. For the CISSP exam, it is important to remember that the Brewer and Nash model is a model that is primarily designed to avoid conflicts of interest.

The Graham-Denning model primarily concerns itself with how users and objects are created, how the privileges are assigned, how ownership of objects is managed, and how we can delete subjects and objects securely. This model defines eight protection rights, creating objects and subjects, deleting objects and subjects, reading access rights, granting access rights, deleting access rights and transferring access rights.

The Harrison Ruzzo Ullman model or the HRU model is similar to the Graham Denning Model. It's based on a set of generic rights and a set of commands, and it generalizes the Graham-Denning model in order to determine if certain situations are obtainable. It maps subjects, objects, and access rights to create an access matrix.

When we're configuring the HRU Model, we will have a table, also known as a matrix, with our current subjects, which are labeled with the letter s, our objects, which are labeled with the letter o. We will have access matrix, which is labeled with the letter p. And this could also be called the Access Control List or ACL.

This is similar to a spread sheet with a row for each subject and a column for each object and each cell would contain the right for that specific user and that object. And this is represented with the letter R. You want to remember for the CISSP exam that the HRU model is based on an access matrix.

This concludes our Security Models module. Thank you for watching.

Included in all plans.

1000's of practice test questions

Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.

Exam Readiness Score

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Smart Reinforcement

Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.

THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!

PRO Membership Benefits.

Personalized Learning Plan

Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.

Exam Pass Guarantee

Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.

Eliminate Wasted Study Time

Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.

Coming Soon - Simulated Exam

More PRO benefits are being built all the time!