# Biba Integrity Model One-sentence definition: Formal **integrity** model with **no write up** and **no read down** to prevent contamination from lower integrity levels. ## Key Facts - Simple integrity: subject cannot read lower integrity (**no read down**). - *-integrity: subject cannot write to higher integrity (**no write up**). - Focus on maintaining trustworthy data; opposite direction to BLP. - Used in industrial/medical where data correctness is paramount. - Does not address confidentiality. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Recognize correct rule to prevent low-to-high contamination. **Mnemonic:** “Biba = **B**uild **I**ntegrity by **B**locking **A**scents (no write up).” ## Mini Scenario Q: Public feed should not alter financial ledger—rule? A: No write up (prevent low integrity source from writing to high). ## Revision Checklist - Contrast Biba vs BLP. - Define simple vs *-integrity properties. - Choose use-cases where integrity trumps confidentiality. ## Related [[Bell-LaPadula (BLP) Model]] · [[Clark-Wilson Integrity Model]] · [[Noninterference and Information Flow]] · [[State Machine and Secure State]] · [[Reference Monitor and TCB]] · [[Domain 3 - Index]]