David D. Clark, David R. Wilson, "A Comparison of Commercial and Military
Computer Security Policies," p. 184-194, 1987 IEEE Symposium on Security
and Privacy, 1987.

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.1987.10001 

Abstract 
Most discussions of computer security focus on control of disclosure. In
Particular, the U.S. Department of Defense has developed a set of criteria
for computer mechanisms to provide control of classified information.
However, for that core of data processing concerned with business operation
and control of assets, the primary security concern is data integrity. This
paper presents a policy for data integrity based on commercial data
processing practices, and compares the mechanisms needed for this policy
with the mechanisms needed to enforce the lattice model for information
security. We argue that a lattice model is not sufficient to characterize
integrity policies, and that distinct mechanisms are needed to Control
disclosure and to provide integrity.