Brewer and Nash model

The Brewer and Nash model was constructed to provide information security access controls that can change dynamically.

In the Brewer and Nash model, no information can flow between the subjects and objects in a way that would create a conflict of interest.

For example, once a consultant accesses data belonging to Acme Ltd, a consulting client, they may no longer access data to any of Acme's competitors.

This model uses the principle of data isolation within each conflict class of data to keep users out of potential conflict of interest situations.

Because company relationships change all the time, dynamic and up-to-date updates to members and definitions for conflict classes are important.