What is the Bell-LaPadula model and what does it enforce?

The Bell-LaPadula model is a formal security model that enforces confidentiality through mandatory access controls. It has two primary rules: the simple security rule, or "no read up," which prevents a subject from reading data at a higher classification level; and the star property, or "no write down," which prevents a subject from writing data to a lower classification level. This prevents information from flowing from higher sensitivity levels to lower ones. Bell-LaPadula was designed for military environments where preventing unauthorized disclosure is the primary concern.