Scribd Logo
Upload

Welcome to Scribd!

  • Information Security Administration CSI454: Tallman Nkgau University of Botswana Semester II 2021

    Uploaded by

    MAITUMELO RADIPODI
    8 views23 pages
    The document discusses authorization and access control. It defines authorization as determining what authenticated users are allowed to do through access controls, which can be physical or logical. The principle of least privilege and access control models like access control matrices, access control lists, and capabilities are also summarized.

    Original Description:

    Original Title

    Lecture3-2021

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses authorization and access control. It defines authorization as determining what authenticated users are allowed to do through access controls, which can be physical or logical. The principle of least privilege and access control models like access control matrices, access control lists, and capabilities are also summarized.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views23 pages

    Information Security Administration CSI454: Tallman Nkgau University of Botswana Semester II 2021

    Uploaded by

    MAITUMELO RADIPODI
    The document discusses authorization and access control. It defines authorization as determining what authenticated users are allowed to do through access controls, which can be physical or logical. The principle of least privilege and access control models like access control matrices, access control lists, and capabilities are also summarized.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 23

    Information Security Administration

    CSI454

    Authorization & Access Control

    Tallman Nkgau
    University of Botswana
    Semester II 2021

    CSI454
    What is Authorization?

    What authenticated users are allowed to do


    - Implemented through access controls
    - Could be physical or logical

    CSI454
    Principle of least privilege

    You should only allow the least amount of access to a user to


    allow them to perform the functionality needed
    ? Do you want students to have access to UB’s student records
    system?
    • Used when determining level of access to authorized users
    • Violation of this principle is a source of the many security
    problems we face today!
    • Ordinary users given admin access
    • Services/processes executing at a more privileged level

    CSI454
    Access control

    • Subjects request actions to be performed on objects


    • Joe wants to open a file “salary.dat” for reading/writing
    • Alice wants to update the transaction file
    • Process 124 wants to open a network connection
    • We have 4 basic tasks
    • Allow access – grant access to a particular resource
    • Deny access – prevent access to a particular resource
    • Limit access – restrict access; think sandboxing an
    application, eg JVM running Java applications
    • Revoking access – withdraw previously granted access

    Subjects Access requests Objects


    CSI454
    Access control

    • Access control usually means authentication and


    authorization
    Access policy

    Authenticated Access requests Reference


    Objects
    subjects monitor

    Audit trail

    • Reference monitor controls access to objects by subjects


    • Follows policy (rules) set by admins
    CSI454 • Logs events to audit trail (log files / DB)
    Access control – Trusted Computing Base (TCB)

    • TCB usually means ALL system components that need to


    be trusted to implement access control
    • Includes hardware, firmware, OS, software
    • Security kernel – an implementation of the reference
    monitor in an OS
    • Subjects need to be kept apart

    CSI454
    Access control

    • Sandboxing – executing applications/software in a restricted


    environment

    CSI454
    Implementing access controls

    Access Control Matrix, M


    • We have subjects, objects, and actions/permissions
    • 𝑀: 𝑆𝑢𝑏𝑗𝑒𝑐𝑡𝑠 × 𝑂𝑏𝑗𝑒𝑐𝑡𝑠 → 𝑃(𝐴𝑐𝑡𝑖𝑜𝑛𝑠)
    • Subject S is allowed to request action A on an object O if
    and only if 𝐴 ∈ 𝑀(𝑆, 𝑂)
    Salary.dat Transaction.txt Leave.txt
    Alice {read, write} {write} {read, write}
    Bob {read} {read} {}
    Eve {append} {} {open, read,
    write, close}

    𝑀 𝐵𝑜𝑏, 𝑇𝑟𝑎𝑛𝑠𝑎𝑐𝑡𝑖𝑜𝑛. 𝑑𝑎𝑡 = {𝑟𝑒𝑎𝑑}


    CSI454
    Implementing access controls

    Might use Access Control Lists (ACLs) or Capabilities


    • ACLs
    • Typically used to control access in file systems, traffic
    flow in networks
    • Created to control access to a specific resource by a
    subject specified in the ACL

    CSI454
    Implementing access controls

    • File system ACLs


    • Typical permissions on a file: read - r, write - w, execute – x

    Linux

    CSI454
    Implementing access controls

    • File system ACLs

    Windows

    CSI454
    Implementing access controls

    • Network ACLs

    Uses
    • IP addresses
    • MAC addresses
    • Port numbers
    • Protocol numbers
    CSI454 • etc
    Capabilities

    Use of a token to grant access


    • Right to access is based entirely on possession of the token
    • The token must be unforgeable

    CSI454
    Confused deputy problem

    Occurs when one process tricks another process into


    performing an action it does not have permissions to perform.
    (common in systems using ACLs rather than Capabilities)

    Don Knotts
    CSI454
    Example

    • A compiler (deputy) has permission to write in a directory


    • A user compiles a program and specifies a filename for the
    compiler to write its output to
    • The compiler overwrites a file the user had no access to!

    CSI454
    Kerberos

    Implements both authentication & access authorization by


    means of capabilities called tickets.
    • Microsoft uses it for access control on its NT+ servers
    • Implements a single sign-on

    CSI454
    Access control methodologies

    • Discretionary access control (DAC)


    • Based on access being determined by owner of resource
    • Ex. Creating a network share
    • Mandatory access control (MAC)
    • Owner of resource does not decide who gets to access it
    • Access is decided by a group/individual who has
    authority over the resource
    • Ex. Resource which has sensitivity label applied to it by
    say government

    CSI454
    Access control methodologies

    • Role-based access control (RBAC)


    • Access set by authority responsible to do so
    • Based on the role the individual being granted access is
    performing
    • More labor intensive to implement and manage
    • Ex. Junior technician vs senior technician
    • Attribute-based access control (ABAC)
    • Based on attributes of the subject, resource or
    environment
    • Ex. You must be human to fill the form.

    CSI454
    Multilevel Access control

    • The Bell-LaPadula model


    • A combination of DAC & MAC
    • Focuses on the confidentiality of the resource
    • MAC usually takes precedence
    • Two security properties defining how information can flow
    to and from the resource
    1. The simple security property – level of access
    granted must be at least as high as the resource
    classification
    2. The * property - anyone accessing the resource can
    only write its contents to one classified at the same
    level or higher
    CSI454
    Multilevel Access control

    • The Bell-LaPadula model

    CSI454
    Multilevel Access control

    • The Biba model


    • Focuses on protecting the integrity of data
    • It has two security rules
    • The simple integrity axiom – level of access granted to
    an individual must be no lower than the classification
    of the resource
    • The * integrity axiom – anyone accessing a resource
    can only write its contents to one classified at the
    same level or lower

    CSI454
    Multilevel Access control

    • The Brewer and Nash model aka Chinese Wall model


    • Focuses on protecting conflicts of interest
    • Commonly used in industries handling sensitive data
    • It has three main resource classes
    • Objects – resources such as files or information,
    pertaining to a single organization
    • Company groups – all objects pertaining to a
    particular organization
    • Conflict classes – all groups of objects that concern
    competing parties

    CSI454
    Physical Access control

    • Concerned with controlling access of individuals and


    vehicles
    • For individuals
    • We focus more on their movement in and out of
    building or facilities
    • Tail-gaiting is an issue to be addressed
    • A combination of several controls is often necessary
    • For vehicles
    • Simple barriers are usually used but more complex
    access control can be setup

    CSI454

    You might also like