What Is Access Control?

• Access control
– The process by which resources or services are
granted or denied on a computer system or network
• Access control policies
 Mandatory Access Control (MAC)
 Discretionary Access Control (DAC)
 Role-Based Access Control (RBAC)
 Rule-Based Access Control (RuBAC)

1
 Access Control

Access control components:

- Access control policy: specifies the authorized
accesses of a system
- Access control mechanism: implements and
enforces the policy

2
 How to specify access control?
 Subject: active entity that requests access to an object
- e.g., user or program
 Object: passive entity accessed by a subject
- e.g., record, relation, file
 Access right (privileges): how a subject is allowed to
access an object
- e.g., subject s can read object o

3
 Access Control Terminology

• Identification
– A user accessing a computer system would present
credentials or identification, such as a username
• Authentication
– Checking the user’s credentials to be sure that they
are authentic and not fabricated
• Authorization
– Granting permission to take the action
• A computer user is granted access
– To only certain services or applications in order to
perform their duties
4
Access Control Terminology
(continued)

5
 Access Control Terminology
(continued)
• Computer access control can be accomplished by
one of three entities: hardware, software, or a policy
• Access control can take different forms depending
on the resources that are being protected
• Other terminology is used to describe how computer
systems impose access control:
– Object
– Subject
– Operation

6
Access Control Terminology
(continued)

7
8
 Access Control Models
• Access control model
– Provides a predefined framework for hardware and
software developers who need to implement access
control in their devices or applications
• Once an access control model is applied
– Custodians can configure security based on the
requirements set by the owner
• So that end users can perform their job functions

9
 Mandatory Access Control (MAC)
– The end user cannot implement, modify, or transfer
any controls
– The owner and custodian are responsible for
managing access controls
• This is the most restrictive model because all
controls are fixed
• In the original MAC model, all objects and subjects
were assigned a numeric access level
– The access level of the subject had to be higher than
that of the object in order for access to be granted

10
MAC

11
MAC

12
 Mandatory Access Control (MAC)
 Security label
- Top-Secret, Secret, Public
 Objects: security classification
- File 1 is Secret, File 2 is Public
 Subjects: security clearances
- Brown is cleared to Secret, Black is cleared to
Public
 Dominance ()
- Top-Secret  Secret  Public

13
 MAC
 Access rights: defined by comparing the security
classification of the requested objects with the
security clearance of the subject
 If access control rules are satisfied, access is
permitted
 Otherwise access is rejected
 Granularity of access rights!

14
 Access Control Models (continued)

• Discretionary Access Control (DAC) model

– The least restrictive
– A subject has total control over any objects that he or
she owns
• Along with the programs that are associated with those
objects
• In the DAC model, a subject can also change the
permissions for other subjects over objects

15
 Discretionary Access Control (DAC)
 For each subject access right to the objects are
defined
 (subject, object, +/- access mode)

 (Black, Employee-relation, read)

 User based
 Grant and Revoke
 Problems:
- Propagation of access rights
- Revocation of propagated access rights
16
 DAC by Grant and Revoke

GRANT SELECT ON Employee GRANT SELECT ON Employee

TO Black TO Red
Black Red
WITH GRANT OPTION
?
Brown revokes grant
given to Black
?
Brown does not want
Brown (owner) Red to access the
Employee relation
GRANT UPDATE(Salary) ON
Employee TO White

White
17
 Implementation
File 1 File 2
Access Control List (column) Joe:Read Joe:Read
(ACL) Joe:Write Sam:Read
Joe:Own Sam:Write
Capability List (row) Sam:Own
Joe: File 1/Read, File 1/Write, File 1/Own, File 2/Read
Sam: File 2/Read, File 2/Write, File 2/Own
Subject Access Object
Access Control Triples Joe Read File 1
Joe Write File 1
Joe Own File 1
Joe Read File 2
Sam Read File 2
Sam Write File 2
Sam Own File 2

18
 DAC Overview
 Advantages:
 Intuitive
 Easy to implement
 Disadvantages:
 Inherent vulnerability (look TH example)
 Maintenance of ACL or Capability lists
 Maintenance of Grant/Revoke
 Limited power of negative authorization

19
Role Based Access Control (RBAC)
– Sometimes called Non-Discretionary Access
Control
– Considered a more “real world” approach than the
other models
– Assigns permissions to particular roles in the
organization, and then assigns users to that role
– Objects are set to be a certain type, to which subjects
with that particular role have access

20
Role Based Access Control (RBAC)

21
 Rule Based Access Control
(RuBAC)
• Rule Based Access Control (RuBAC) Also called
the Rule-Based Role-Based Access Control
(RuB-RBAC) model or automated provisioning
– Can dynamically assign roles to subjects based on a
set of predefined rules defined by a custodian
– Each resource object contains a set of access
properties based on the rules
• Rule Based Access Control is often used for
managing user access to one or more systems
• For instance, permitting access for an account or
group to a network connection at certain hours of
the day or days of the week. 22
Access Control Models (continued)

23
24
Summary

25