EditWYSIWYGAttach PDF Raw View►More Actions▼More Actions


Restore topic to revision: You will be able to review the topic before saving it to a new revision

Copy text and form data to a new topic (no attachments will be copied though).
Name of copy:
You will be able to review the copied topic before saving

Rename/move topic... scans links in all public webs (recommended)
Rename/move topic... scans links in CBI_ComputerSecurity web only
Delete topic... scans links in all public webs (recommended)
Delete topic... scans links in CBI_ComputerSecurity web only

Revision Date Username Comment
1317 Nov 2014 - 10:49ThomasMisa 
1217 Nov 2014 - 10:43ThomasMisa 
1122 Oct 2013 - 12:20ThomasMisa 
1003 Oct 2013 - 15:25norqu036? 
919 Jun 2013 - 14:44ThomasMisa 
804 Jun 2013 - 12:54NicLewis 
703 Jun 2013 - 21:56NicLewis 
603 Jun 2013 - 20:47NicLewis 
503 Jun 2013 - 12:49NicLewis 
403 Jun 2013 - 10:57NicLewis 
earlier first

Render style:     Context:


 History: r13 | r9 < r8 < r7 < r6
[X] Hide this message.
Notice: On June 30, 2016, UMWiki service will be decommissioned. If you have information in UMWIki that needs to be preserved, you should make plans to move it before that date. Google Sites is anticipated to be the most popular and appropriate alternative for users because it offers a more modern and user-friendly interface and unlimited capacity. To learn more about the features of Google Sites and other alternatives, and to identify which one best fits your needs, see the University’s Website Solution Selection Guide. If you have concerns or would like help regarding this change and your options, please contact Technology Help at help@umn.edu
You are here: UMWiki>CBI_ComputerSecurity Web>Publications>PubBrewerNash (revision 7)

Brewer-Nash (Chinese Wall) Model

 

The Brewer and Nash model, also called the "Chinese Wall" model, was proposed in 1989 by David Brewer and Michael Nash, drawing upon a concept derived from the legislation introduced after the crash of the stock market in 1929, which created communications barriers among divisions of financial institutions to avoid conflicts of interest. Using the Brewer-Nash model, an information flow model, objects are collected in a company dataset, with their security label determined by the company dataset together with a conflict of interest class. An subject may then access an object "only if that object is in the same company dataset as an object already access by the subject, or if the object belongs to an entirely different conflict of interest class."(1) This model is intended to avoid conflicts of interest, particularly within commercial organizations.(2)

In 1989, David Brewer and Michael Nash first published the "Chinese Wall Security Policy," partly in response to the Clark-Wilson model of computer security. In the financial sector, a "Chinese Wall" referred to a form of regulation that developed after the stock market crash of 1929. This form of regulation stipulated that analysts had to avoid conflicts of interest when offering financial services to clients that might be in competition with one another, or with the firm providing the financial analysis. The consequences of the deregulation of financial markets in the UK, the 'big bang' of 1986, brought a return to Chinese Wall models of financial regulation. However, the increasingly common use of computer systems in the financial sector added greater complexity to the issue of avoiding conflicts of interest to the satisfaction of regulators. Brewer and Nash sought to address this issue through an information flow model, that is, a model to determine which information was appropriate to provide a specific user depending upon what other information the user had previously accessed. The Chinese Wall model employs (3)(4)

(5)

Additional Resources:

  • lock brewer_nash_89.pdf: 1989 IEEE paper, "The Chinese Wall Security Policy," describing the Brewer-Nash (Chinese Wall) Model (Log-in required).

Notes

1 : Karl de Leeuw and Jan Bergstra, eds., The History of Information Security: A Comprehensive Handbook (New York: Elsevier, 2007), 630.

2 : http://en.wikipedia.org/wiki/Brewer_and_Nash_model

3 : lock David F. C. Brewer and Michael J. Nash, "The Chinese Wall Security Policy," _ Proceedings of the IEEE Symposium on Security and Privacy, 1989_, Oakland, CA: IEEE Press, May 1989, 206-214. (Log-in required)

4 : Dieter Gollman, "Security Models," 630-631, in Karl de Leeuw and Jan Bergstra, eds., The History of Information Security: A Comprehensive Handbook, (Oxford, UK: Elsevier, 2007), 595-621.

5 : Jeffrey R. Yost, "An Interview with David Elliott Bell, OH 411," Charles Babbage Institute, 2012, 40-42.


Edit | WYSIWYG | Attach |  PDF |  History: r13 | r9 < r8 < r7 < r6 |  Backlinks |  Raw View | More topic actions...
Topic revision: r7 - 03 Jun 2013 - 21:56:44 - NicLewis
 
Signed in as lewi0740 (NicLewis) | Sign out
UMWiki UMWiki
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding UMWiki? Send feedback