Here’s the CISSP security model map I wish someone had given me earlier:

Bell-LaPadula: prevents unauthorized disclosure

Biba: prevents integrity contamination

Clark-Wilson: enforces well-formed business transactions Brewer-Nash: prevents conflict of interest

Graham-Denning: defines how access rights are created/deleted

Take-Grant: models how access rights are transferred

The names are intimidating, but the underlying ideas are practical.

In the article, I show how to use a 2-question filter to answer security model questions without relying only on memory.