What is the conceptual difference between certification rules and enforcement rules in the Clark Wilson model?
Am I on a wrong path when I assume that certification rules ensure external integrity and enforcement rules ensure internal integrity?
Asked
Active
Viewed 2,153 times
1 Answers
2
I would say that the conceptual difference is one of primary functionality.
Certification Rules lay out how the system certifies that a particular data object is in a valid state (according to another set of rules). Enforcement Rules make sure that already-certified data object stays certified (maintains its integrity) as the system interacts with it.
To be more specific using Clark Wilson IM vernacular:
Certification rules specify how to guarantee that a CDI has been subjected to integrity verification procedures. Enforcement rules specify how the system must maintain the certified CDI as transactions happen.
Josh Brower
- 1,387
- 2
- 13
- 25