Implement <mark>Biba model</mark> using any scenario of your choice. <br><b>Implement all axioms of Biba model.

Biba Model addresses integrity only. The model should be combined with another model, because it does not provide confidentiality.  A model such as the Bell-LaPadula should be used to complement it.
The <b>Lipner model</b> is one such model that has be developed to meet these requirements, it in turn combines both the Bell-LaPadula and Biba models together.<br>
<h3>Access Modes: </h3><li>Modify</li><li>Observe<li>Execute</li><li>Invoke</li>
<b> We will implement strict integrity policy of Biba model</b><br>
The Strict Integrity Policy is the first part of the Biba model.  The policy consists of:
Simple Integrity Condition: s ∈ S can observe o∈ O if and only if  i(s) ≤ i(o)    (“no read-down”).
Integrity Star Property: s ∈ S can modify o∈ O if and only if   i(o) ≤ i(s)               (“no write-up”).
Invocation Property: s₁ ∈ S can invoke  s₂ ∈ S if and only if i(s₂) ≤ i(s₁).
<h2>Our Scenario:</h2>
<ul>
<li>Subjects:
<ol>
<li>Admin</li>
<li>Manager</li>
<li>Employee</li>
</ol>
</li>
<li>Objects:
<ol>
<li>Admin Data</li>
<li>Manager Data</li><li>Manager Salary</li>
<li>Employee Data</li><li>Employee Salary</li>
</ol>
</li>
</ul>

---


Here
 <li>
  Admin; Admin Data, Manager Salary => Crucial</li><li>
  Manager; Manager Data, Employee Salary => Very Important</li><li>
  Employee; Employee Data => Important</li>

  ---
  Admin can modify every subject.<br>
  Manager can modify Manager Data, Employee Data, Employee Salary.<br>
  Employee can modify Employee Data.<br>

  ---
  Read-up is allowed in Biba model which means in our case Employee can read manager data, admin data, etc. We are not concerned about this because Biba only handles integrity. In real case scenario, Biba is not used separately, it is used with some other model to ensure confidentiality. In our case, few low level subjects are restricted to read high level objects using access control matrix.



In [None]:
#this function implements observe operation
#'no read-down' is ensured
def readData(classification, category, map, acm, subject, obj):
  if classification[subject] <= classification[obj]:
    if category[subject] <= category[obj]:
      if acm[map[subject]][map[obj]].find('r') != -1:
        print(subject, " read over ", obj, " is successfull.")
      else:
        print(subject, " read over ", obj, " is Unsuccessfull. No access.")
    else:
      print("High category subject[",subject,"] can't read low category object[",obj,"]. Operation Aborted.")
  else:
    print("High classification subject[",subject,"] can't read low classification object[",obj,"]. Operation Aborted.")

#This function implements modify operation
#'no write-up' is ensured.
def editData(classification, category, map, acm, subject, obj):
  if classification[subject] >= classification[obj]:
    if category[subject] >= category[obj]:
      if acm[map[subject]][map[obj]].find('w') != -1:
        print(subject, " edit over ", obj, " is successfull.")
      else:
        print(subject, " edit over ", obj, " is Unsuccessfull. No access.")
    else:
      print("Low category subject[",subject,"] can't edit high category object[",obj,"]. Operation Aborted.")
  else:
    print("Low classification subject[",subject,"] can't edit high classification object[",obj,"]. Operation Aborted.")

#This function implements invoke operation
#High level subject can invoke low level subject, but reverse is not true.
def invoke(classification, sub1, sub2):
  if classification[sub1] >= classification[sub2]:
    print(sub1," invoked ", sub2, " Successfully.")
  else:
    print(sub1," invoke on ", sub2, " failed.[Operation aborted.]")

#This function implements 'execute' access
#Subject can execute object, if execute permission is allowed in access control matrix,
#and I(subject) <= I(object)
def execute(classification, map, acm, subject, obj):
  if classification[subject] <= classification[obj]:
    if acm[map[subject]][map[obj]].find('x') != -1:
      print(subject, " execute over ", obj, " is successfull.")
    else:
      print(subject, " execute over ", obj, " not allowed. Contact Admin[Aborted].")
  else:
    print(subject, " execute over ", obj, " is unsuccessfull.[Subject integrity level is greater than object integrity level - Aborted]")

#acm: access matrix
acm = [['r,w,x', 'r,w', 'r,w', 'r,w,x', 'r,w'],
       ['', 'r,w,x', 'r', 'r,w', 'r,w'],
       ['r', 'r', 'r', 'r,w,x', 'r']]

#map is used to access the acm (just defining the index of acm matrix)
map = {"Admin": 0, "Manager": 1, "Employee": 2, "adminData":0, "managerData": 1, "manSal":2, "employeeData": 3, "empSal": 4}
classification = {"Admin":2, "Manager":1, "Employee":0, "adminData":2, "manSal":2, "managerData":1, "employeeData":0, "empSal":1}
category = {"Admin":1, "Manager":1, "Employee":1, "adminData":1, "managerData":1, "employeeData":1, "empSal":1, "manSal":1}

#Test cases for 'Observe'
readData(classification, category, map, acm, "Admin", "adminData")
readData(classification, category, map, acm, "Employee", "employeeData")
readData(classification, category, map, acm, "Admin", "managerData")
readData(classification, category, map, acm, "Admin", "manSal")
readData(classification, category, map, acm, "Admin", "empSal")
readData(classification, category, map, acm, "Manager", "manSal")
readData(classification, category, map, acm, "Manager", "empSal")
readData(classification, category, map, acm, "Employee", "manSal")
readData(classification, category, map, acm, "Employee", "empSal")
#Test cases for 'Modify'
editData(classification, category, map, acm, "Admin", "adminData")
editData(classification, category, map, acm, "Admin", "managerData")
editData(classification, category, map, acm, "Manager", "adminData")
editData(classification, category, map, acm, "Manager", "manSal")
editData(classification, category, map, acm, "Manager", "managerData")
editData(classification, category, map, acm, "Manager", "employeeData")
editData(classification, category, map, acm, "Manager", "empSal")
editData(classification, category, map, acm, "Employee", "adminData")
editData(classification, category, map, acm, "Employee", "employeeData")
editData(classification, category, map, acm, "Employee", "empSal")
#Test cases for 'Invoke'
invoke(classification, "Admin", "Manager")
invoke(classification, "Manager", "Employee")
invoke(classification, "Employee", "Admin")
#Test cases for 'Execute'
execute(classification, map, acm, "Admin", "adminData")
execute(classification, map, acm, "Admin", "managerData")
execute(classification, map, acm, "Manager", "adminData")

Admin  read over  adminData  is successfull.
Employee  read over  employeeData  is successfull.
High classification subject[ Admin ] can't read low classification object[ managerData ]. Operation Aborted.
Admin  read over  manSal  is successfull.
High classification subject[ Admin ] can't read low classification object[ empSal ]. Operation Aborted.
Manager  read over  manSal  is successfull.
Manager  read over  empSal  is successfull.
Employee  read over  manSal  is successfull.
Employee  read over  empSal  is successfull.
Admin  edit over  adminData  is successfull.
Admin  edit over  managerData  is successfull.
Low classification subject[ Manager ] can't edit high classification object[ adminData ]. Operation Aborted.
Low classification subject[ Manager ] can't edit high classification object[ manSal ]. Operation Aborted.
Manager  edit over  managerData  is successfull.
Manager  edit over  employeeData  is successfull.
Manager  edit over  empSal  is successfull.
Low classification su