The Biba Model aims to achieve integrity by specifying two main rules:
Simple Integrity Property: This property is referred to as “no read down”; a higher integrity subject should not read from a lower integrity object.
Start Integrity Property: This property is referred to as “no write up”; a lower integrity subject should not write to a higher integrity object.
These two properties can be summarized as “read up, write down.” This rule is in contrast with the Bell-LaPadula Model, and this should not be surprising as one is concerned with confidentiality while the other is with integrity.
Biba Model suffers from various limitations. One example is that it does not handle internal threats (insider threat).