In information security, models provide a way to formalize security policies. Such models can be abstract or intuitive. All models are intended to provide an explicit set of rules that a computer can follow to implement the fundamental security concepts, processes, and procedures that make up a security policy. The models offer a way to deepen your understanding of how a computer operations system should be designed and developed to support a specific security policy. No system can be totally secure; security professionals have several security models to consider.
Let’s say you work for one of the following types of industry:
Manufacturing
Government
Research
Service
Consulting
Choose a different industry than from last week’s discussion, and then from the list below, select a model and summarize the model as you understand it. State why you might use this model in your job. Include at least one advantage and disadvantage of the model you’ve chosen. Include a real-life example of the model in use.