Posted by: Dan O'Connor
A quick explanation of biba should be done before we continue just so you can know what is going on. What is biba? biba is a data integrity model.
A quick way to explain this is with a data confidentiality model and a simple military example. If you have 3 people, one is a general, one is a commander and the last is a civilian. Along with the 3 people we have 3 documents, one is Top Secret, one is Secret and the last is unclassified.
The General being at the top of the pile can do what he likes with all three documents, his level of authority is Top Secret so he can do what ever he likes.
The Commander is in the middle, he has access to the Secret document and the Unclassified one, but he cannot even see the Top Secret one. ( I will get a little more into this at some point ).
The Civilian can only see the Unclassified document and does not know that the other two even exist.
Part 2 is this example in a integrity model.