Biba is what type of access control model?

The Biba model is a type of Mandatory Access Control (MAC) model designed primarily to maintain data integrity. In the Biba model, the primary focus is on preventing unauthorized users from writing or modifying data at a higher integrity level. This means it enforces rules that dictate how users interact with data based on their assigned security levels.

In a Mandatory Access Control framework, access decisions are made based on fixed policies, which are set by a central authority rather than by individual users. The Biba model operates on the principle of “no write up” and “no read down,” ensuring that high-integrity subjects can read lower integrity data but are restricted from creating or altering higher integrity data. This design helps to protect the integrity of sensitive information and is essential in environments where data accuracy and consistency are paramount.

This understanding of Biba's role within the context of mandatory access controls helps clarify how it fits into the broader picture of information security measures, emphasizing that security and access roles are not left to the discretion of users but are strictly enforced within a systematic framework.