Computer Security Access Control - PowerPoint PPT Presentation

About This Presentation
Title:

Computer Security Access Control

Description:

Computer Security Access Control * * – PowerPoint PPT presentation

Number of Views:93
Avg rating:3.0/5.0
Slides: 34
Provided by: MikeB250
Learn more at: http://www.cs.fsu.edu
Category:

less

Transcript and Presenter's Notes

Title: Computer Security Access Control


1
Computer SecurityAccess Control
2
The Orange Book
  • First published in 1983, the Department of
    Defense Trusted
  • Computer System Evaluation Criteria, known as
    the Orange
  • Book is the de facto standard for computer
    security today.
  • The Orange Book, and others in the Rainbow
    Series, are still
  • the benchmark for systems produced almost two
    decades
  • later, and Orange Book classifications such as C2
    provide a
  • shorthand for the base level security features of
    modern
  • operating systems.

3
Access Control
  • Terminology
  • subject, object, reference monitor
  • access request

Access request
Reference monitor
Subject
Object
4
Access Control
  • Terminology
  • Authentication of statement s
    . . answers the
    question who said s ?
  • Authorization of object o
    .. answers
    the question who is trusted to access o ?

Access request
Reference monitor
Subject s
Object o
5
Access Control
  • We can specify
  • What a subject is allowed to do
  • Way may be done with an object

6
Access Control
  • Who is a subject?
  • A principal, a user identity
  • We might say that a subject speaks for a
    principal

7
Access Operations
  • Access modes
  • Observe ? look at the contents of an object
  • Alter ? change the contents of an object

8
Access Operations
  • Access rights attributes
  • Bell-LaPadula security model

Access rights execute append read
write
observe
x x

x x
alter
9
Access Operations
  • Unix

file directory
read read from a file list
directory contents write write to a file
create or rename a file in a
directory execute execute a (program) file
search the directory
Access rights specific to a file are changed by
my modifying the files entry in its directory
10
Access Operations
  • Windows NT
  • Permissions of Windows New Technology File
    System (NTFS)
  • read
  • write
  • execute
  • delete
  • change permission
  • change ownership

11
Ownership
  • The owner of a resource decrees who is
  • allowed to access it.
  • A system wide policy decrees who has access.

12
Access Control Structures
  • Now we must state which access operations are
    permitted.
  • We do this by studying their structures.
  • Let
  • S be a set of subjects,
  • O a set of objects,
  • A a set of access operations

13
Access Control Matrix
Access rights are determined by a matrix M
(Mso)seS,oeO with Mso A The
Bell-LaPadula model employs access contol
matrices to model discretionary access policies
of the Orange Book.
14
Access Control Matrix
An example
bill.doc edit.exe
fun.com
Alice --- execute
execute, read Bob read,write
execute execute,read,write
15
Access Control Matrix
  • Access rights can be kept with the
  • subjects or the
  • objects.

16
Access Control Matrix
Capabilities If the access rights are kept with
the subjects then these are the subjects access
rights. Every subject is given a capability.
Alices capability edit.exe execute fun.com
execute, read Bobs capability bill.doc read,
write edit.exe execute
fun.com execute, read, write
17
Access Control Matrix
Access control lists (ACL) An ACL stores the
access rights to an object with the object
itself. ACLs are a typical feature of secure
operating systems of the Orange Book class C2
ACL for bill.doc Bob read write ACL for
edit.exe Alice execute Bill execute ACL for
fun.com Alice execute, read Bill execute,
read, write
18
Access Control Matrix
Access control lists (ACL) Management of access
rights can be cumbersome. Therefore users are
placed in groups, and derive access from a
users group.
19
Intermediate control
Managing a security policy defined by an
Access Control Matrix is a complex task in
large systems. There are several means of
simplifying this task.
20
Group permissions

s1
s2
s3
s4
s5
subjects
g1
g2
groups
o3
o5
o4
o6
o2
o1
objects
21
Group and negative permissions

s1
s2
s3
s4
s5
subjects
x
x
g1
g2
groups
o3
o5
o4
o6
o2
o1
objects
22
Privileges

s1
s2
s3
s4
s5
subjects
pr1
pr2
privileges
op3
op5
op4
op6
op2
op1
operations
23
Role Based Access Control
  • Privileges come predefined with the OS
  • Roles a collection of procedures
  • roles are assigned to users a user can have many
    roles
  • Procedures high-level access control methods.
  • Can only be applied to objects of certain
    data types.
  • Datatypes each object has a certain datatype and
    can only be accessed throuhg procedures defined
    for this datatype.

24
Protection rings
  • 0 operating system kernel
  • operating system
  • utilities
  • user processors

Each application is assigned a number
0,1,2,3 depending on its importance.
25
Protection rings
  • 0 operating system kernel
  • operating system
  • utilities
  • user processors

3 2 1 0
26
Protection rings
  • Protection rings are mainly used for integrity
    protection
  • An example is the QNX Neutrino microkernel OS
  • The Neutrino microkernel runs in ring 0
  • The Neutrino process runs in ring 1
  • All other programs run in ring 3

A microkernel OS is structured as a tiny kernel
that provides the minimal services used by a
team of optional cooperating processes, which in
turn provide the higher level OS functionality.
27
Protection rings
Unix employs a similar protection but uses only
two levels
28
The lattice OS Security levels
  • The Mandatory Access Control (MAC) policies and
    the
  • multi-level security policies of the Orange Book
    refer
  • to security levels.
  • top secret
  • secret
  • confidential
  • unclassified
  • This a linearly ordered set, a special case of a
    lattice.

29
A lattice

  • a,b,c
  • a,b
    a,c
    b,c
  • a
    b
    c


  • ?

30
A lattice
  • A lattice (L, ) is a set with a partial
    ordering
  • such that
  • For each pair of elements a,b of L there is a lub
    u in L and a glb v in L.


31
An example
  • Let H be a set of classifications with
    hierarchical ordering .
  • Take a set of categories C, e.g. project names,
    company divisions, etc
  • A compartment H is a set of categories, i.e. a
    subset of C.
  • A security label (level) is a pair (h,c), where h
    in H is
  • the security level and c in C is a
    compartment.

32
An example
  • The partial ordering is defined by
  • (h1,c1) (h2,c2) if and only if h1
    h2 and c1 c2

33
The VSTa operating system
  • VSTa (Valencia's Simple Tasker) is an operating
    system with microkernel architecture.
  • Abilities are defined as finite strings of
    positive integers separated by a dot, e.g.
    .10.0.0.5
  • Abilities are ordered using a partial ordering
  • .3 ? .3.31 ? .3.1.100 but
    ( .3.1 3.2)
  • Access is granted if the ability of a subject is
    a prefix of the objects ability.
  • The ability . defines a superuser.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Computer Security Access Control" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!