The Bell-LaPadula Model (BLP) is a confidentiality-driven model to control and restrict access to data based on security classifications and clearances. Invented in 1973 by David Bell and Leonard LaPadula, it's widely used in military settings. The model has two primary principles: the Simple Security Property and the *-Property (Star Property). The Simple Security Property states that a subject cannot read an object at a higher classification level aka 'no read up'. The Star Property states that a subject cannot write to an object at a lower classification level aka 'no write down'. These principles help prevent unauthorized access and maintain data integrity.

The Biba Model, created by Kenneth Biba in 1977, is an integrity-based security model focused on preventing unauthorized data modification. The goal is to ensure the data's trustworthiness and quality. Similar to the Bell-LaPadula Model, the Biba Model has two main principles: the Simple Integrity Property and the *-Property (Star Property). The Simple Integrity Property prevents a subject from reading data with lower integrity aka 'no read down'. The Star Property prevents a subject from writing to an object with higher integrity aka 'no write up'. These principles help protect data integrity and avoid tampering or unauthorized changes.

Developed by David Clark and David Wilson in 1987, the Clark-Wilson Model is designed for commercial applications and emphasizes data integrity and separation of duties. The model enforces access control through well-formed transaction rules and certification rules. A well-formed transaction must meet specific rules, such as separation of duties and input/output conformance. Certification rules involve verifying data integrity and making sure that only authorized users can execute transactions. The Clark-Wilson Model ensures that data is accessed and modified only through valid and controlled processes.

The Brewer-Nash Model, also known as the 'Cinderella' or 'Cinderella-Time' Model, focuses on data confidentiality while maintaining a balance between data availability and temporal access restrictions. Developed by Roger Brewer and Michael Nash in the early 1980s, it is primarily designed for commercial applications. The model prevents potential conflicts of interest by limiting the length of time a user has access to certain information. Once granted access, the user can only access the data for a limited period, preventing prolonged exposure to sensitive data. It's suitable in situations where timely and temporary access to information is crucial.

The Non-Interference Model, created by Joseph Goguen and Jose Meseguer in 1982, aims to prevent information leakage between security levels. It's based on the concept of 'non-interference', meaning that actions at one security level should not impact anothe security level. Users at a lower security level should not be aware of actions taken by users at a higher security level. This model helps to maintain confidentiality and prevent information leakage, but it has limited real-world applicability due to its strict non-interference policy. It's often used in combination with other models to create a more comprehensive security architecture.

Lattice-Based Access Control (LBAC) Model is a security model that combines both confidentiality and integrity requirements based on a mathematical structure called a lattice. In this model, each subject and object is assigned a pair of integrity and confidentiality levels, known as a label. Access control decisions are based on whether the subject's label is higher or equal to the object's label in both integrity and confidentiality aspects. The LBAC model is unique because it enforces a hierarchical structure on both integrity and confidentiality levels, which makes it a robust choice for military applications that require managing various classification levels and compartmented data.

Rule-Based Access Control Model is a security model that employs a set of pre-established rules to decide whether a subject can access an object. In this model, access decisions are made based on the combination of attributes, such as subjects, objects, actions, and environmental conditions. These rules could be temporal or relational, e.g., restricting access to data during specific times or based on certain conditions. Rule-based access control provides a dynamic and flexible means to protect sensitive data and resources. It is commonly used alongside other access control models, such as Role-Based Access Control (RBAC), to achieve a more comprehensive access control policy.

The Graham-Denning Model is a formal system for specifying access control policies in computer systems. It comprises of a set of rules and object descriptors that define user and object operations, as well as who can perform them. The model is primarily designed to address the security concerns in multiprocessing systems and ensure that only authorized users can access and manipulate data. The model contains two main components: the protection system functions and the protection system primitives. The first one describes the operations that users can perform on objects, such as creating, deleting, and modifying objects. The second one defines the basic operations that users can perform, such as getting an object, setting an object, and executing an object. The Graham-Denning Model supports two types of access to objects: discretionary access control, where users can define who can access their objects, and mandatory access control, where access to objects is determined by system-wide policies.

The Harrison-Ruzzo-Ullman (HRU) Model is an access control model that focuses on the safety and security of information systems. It is a general model that can be used to describe and analyze different types of access control policies. The HRU Model uses a set of six primitive operations to manipulate access rights: create object, destroy object, create subject, destroy subject, enter right, and delete right. The model considers the security of a system by studying the possible sequences of operations that may lead to a violation of the safety property. The safety property ensures that no unauthorized access occurs in the system. The HRU Model can be used to analyze the security of a system by examining the accessibility relationships between subjects and objects to prevent the occurrence of safety property violations.

The Role-Based Access Control (RBAC) Model is an access control approach that is based on roles rather than individual users. In this model, users are assigned to roles, and permissions are assigned to roles. A user can access resources or perform certain actions only if he or she has the appropriate role that grants the required permissions. This model simplifies the management of access control policies, as administrators only need to manage the assignment of users to roles and permissions to roles, rather than individually assigning permissions to each user. The RBAC Model consists of several components, including users, roles, permissions, sessions, and constraints. Users are individuals who operate within the system, roles are collections of permissions, permissions are the approved actions that can be executed by users, sessions are a mapping between users and roles, and constraints are the rules that regulate the relationship between users, roles, and permissions.

The Sandhu-Ferraiolo Model, also known as the Typed Access Matrix Model, is an extension of the Harrison-Ruzzo-Ullman (HRU) Model. It emphasizes on the introduction of types to differentiate between various subjects and objects in a system. By assigning types to subjects and objects, this model can enforce the separation of duties and prevent security violations. The Sandhu-Ferraiolo Model uses a typed access matrix to represent the relationships between the types of subjects, objects, and access rights. Access rights can be assigned or revoked based on the types, and system administrators can define the rules for accessing various objects based on the assigned type. This model provides a more organized approach to access control management and enhances the security by ensuring that each access request is implemented in accordance with the corresponding assigned types.

The Take-Grant Protection Model is a theoretical model for studying the security properties of computer systems. It is a directed graph model that represents the flow of access rights between subjects and objects. Each node in the graph represents either a subject or an object, and an edge between nodes represents an access right. The model uses four primitive operations: 'take,' which allows a subject to obtain an access right from another subject; 'grant,' which allows a subject to give an access right to another subject; 'create,' which allows a subject to create a new object or access right; and 'remove,' which allows a subject to delete an access right edge. By analyzing the possible sequences of operations and their effects on the access rights graph, the Take-Grant Protection Model could allow security administrators to evaluate the security properties of a system and determine whether it is vulnerable to unauthorized access or unprotected information flow.