Security models are essential concepts in the field of computer and information security. They provide a framework for understanding and implementing security measures to protect data and systems. 

Organisations typically select and adapt these models based on their specific security requirements and compliance needs to safeguard their data and systems effectively.

Bell-LaPadula Model:

The Bell-LaPadula model, developed in the early 1970s, is a classic example of a confidentiality-focused security model. It enforces mandatory access controls and operates on the principle of "no read up, no write down." This means that a user with a certain security clearance can't access data at a higher classification level and can't write to lower-level data, thus ensuring data confidentiality.

Biba Model:

The Biba model is also focused on data integrity. It enforces a "no write up, no read down" policy, preventing users from modifying data they are not authorised to change and from reading data that is of lower integrity.

Clark-Wilson Model:

The Clark-Wilson model is designed to maintain data integrity in commercial systems. It enforces well-formed transactions and separation of duties. This means that only authorised users can make changes to data, and all changes must adhere to predefined rules and constraints.

Lattice-Based Model:

Lattice-based models are often used in multi-level security environments. They involve a lattice structure of security levels, allowing for more fine-grained access control. The lattice model allows users to have multiple security clearances and access rights to various levels of data.

Noninterference Model:

The Noninterference Model is focused on maintaining data confidentiality. It aims to ensure that high-security users cannot influence or interfere with the actions or outputs of low-security users. This model prevents information leakage between security domains and is commonly used in military and intelligence contexts.

Brewer and Nash Model (The Chinese Wall Model):

The Brewer and Nash Model, also known as the Chinese Wall Model, addresses conflicts of interest in corporate environments. It restricts access to information based on user history and information already accessed to prevent conflicts of interest. This model is often used in scenarios where sensitive information could be used for insider trading or other unethical purposes.

Graham-Denning Model:

The Graham-Denning Model is a protection model that defines a set of access control rules to ensure the integrity of subjects (users or processes) and objects (resources). It specifies the operations that subjects can perform on objects and enforces these rules to prevent unauthorised access and modification.

Harrison-Ruzzo-Ullman Model (HRU Model):

The HRU Model is a formal model that focuses on the problem of information flow control. It is used to analyse and enforce information flow policies in systems. The HRU Model helps ensure that information is not leaked from high-security areas to low-security areas, maintaining confidentiality and integrity.

Security models expand the range of approaches available for addressing specific security concerns, whether it's controlling access based on user history (Brewer and Nash), preventing conflicts of interest, or enforcing precise access control rules (Graham-Denning). Each model serves a distinct purpose and can be applied in various contexts to enhance security measures.

Sources and further reading.

Harris, Shon & Maymí, Fernando. CISSP EXAM GUIDE Seventh Edition. New York McGraw Hill Education, 2016.