Which access control model provides upper and lower bounds of access capabilities for a subject? 

Answer options:

A. Role-based access control
B. Lattice-based access control
C. Biba access control
D. Content-dependent access control

B

In the lattice model, users are assigned security clearences and the data is classified.Access decisions are made based on the clearence of the user and the classification of the object.Lattice-based access control is an essential ingredient of formal security models such as Bell-LaPadula, Biba, Chinese Wall, etc. The bounds concept comes from the formal definition of a lattice as a "partially ordered set for which every pair of elements has a greatest lower bound and a least upper bound."To see the application, consider a file classified as "SECRET" and a user Joe with a security clearence of "TOP SECRET."Under Bell- LaPadula, Joe`s "least upper bound" access to the file is "READ" and his least lower bound is "NO WRITE" (star property). Role-based access control is incorrect.Under RBAC, the access is controlled by the permissions assigned to a role and the specific role assigned to the user. Biba access control is incorrect.The Biba integrity model is based on a lattice structure but the context of the question disqualiifes it as the best answer. Content-dependent access control is incorrect.In content dependent access control, the actual content of the information determines access as enforced by the arbiter. References: CBK, pp. 324-325. AIO3, pp. 291-293.See aprticularly Figure 5-19 on p. 293 for an illustration of bounds in action.