Scribd Logo
Upload

Welcome to Scribd!

  • Lecture11 PDF

    Uploaded by

    Ayush Sharma
    11 views7 pages
    This document summarizes key points from Lecture 11 on access control policies. It discusses how the Bell-LaPadula model is an example of an access control policy that controls what subjects can access objects. It defines the differences between mandatory and discretionary access controls. It also explains how access control policies can be represented using an access control matrix, and provides an example matrix for the Bell-LaPadula model based on subject and object security levels.

    Original Description:

    Original Title

    lecture11.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document summarizes key points from Lecture 11 on access control policies. It discusses how the Bell-LaPadula model is an example of an access control policy that controls what subjects can access objects. It defines the differences between mandatory and discretionary access controls. It also explains how access control policies can be represented using an access control matrix, and provides an example matrix for the Bell-LaPadula model based on subject and object security levels.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    11 views7 pages

    Lecture11 PDF

    Uploaded by

    Ayush Sharma
    This document summarizes key points from Lecture 11 on access control policies. It discusses how the Bell-LaPadula model is an example of an access control policy that controls what subjects can access objects. It defines the differences between mandatory and discretionary access controls. It also explains how access control policies can be represented using an access control matrix, and provides an example matrix for the Bell-LaPadula model based on subject and object security levels.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    Foundations of Computer Security

    Lecture 11: Access Control Policies

    Dr. Bill Young


    Department of Computer Sciences
    University of Texas at Austin

    Lecture 11: 1 Access Control Policies


    Access Control Policies

    The Bell and LaPadula Model is an example of an Access Control


    Policy. This is a popular way of conceptualizing and implementing
    security.

    The basic idea is to introduce rules that control what accesses


    (i.e., actions) subjects may take with respect to objects.

    Lecture 11: 2 Access Control Policies


    Aside: MAC vs. DAC

    Specifically, BLP is a mandatory access control system, as


    distinguished from a discretionary system.
    Mandatory Access Controls (MAC): rules are enforced on every
    attempted access, not at the discretion of any system
    user;
    Discretionary Access Controls (DAC): rule enforcement may be
    waived or modified by some users.

    What that means for BLP is that no access is ever allowed unless
    it satisfies the Simple Security Property and *-Property.

    Contrast that with Unix file protection system; Unix implements


    DAC since file protections can be modified by a file’s owner.

    Lecture 11: 3 Access Control Policies


    Access Control Matrix

    In general, any access control policy can be represented by an


    access control matrix (ACM). Given all subjects and objects in the
    system, the matrix shows explicitly what accesses are allowed for
    each subject/object pair.

    object1 ... objectk


    subject1 Ai , Aj ∅

    ...

    subjectn Al Ai , Am

    Lecture 11: 4 Access Control Policies


    BLP Access Control Matrix

    Suppose we had a BLP system with exactly three subjects and


    objects with the given labels. Suppose also that H > L.

    Subjects Level Objects Level


    Subj1 (H, {A, B, C }) Obj1 (L, {A, B, C })
    Subj2 (L, {}) Obj2 (L, {})
    Subj3 (L, {A, B}) Obj3 (L, {B, C })

    The following is the associated access control matrix.

    Obj1 Obj2 Obj3


    Subj1 R R R
    Subj2 W R, W W
    Subj3 W R -

    Lecture 11: 5 Access Control Policies


    Access Control Matrix

    As with any access control policy, you could define an ACM for a
    large Bell and LaPadula system. However, the matrix would be
    huge for most realistic systems.

    The matrix is implicit in the rules (Simple Security and the


    *-Property), so access permissions can be computed on the fly.

    Lecture 11: 6 Access Control Policies


    Lessons

    BLP is an example of a class of policies called “access control


    policies.”
    BLP is also an example of a mandatory policy in that the
    rules are enforced on every attempted access.
    Any access control policy can be modeled as an explicit
    matrix.

    Next lecture: Lattice-based Security and the BLP Metapolicy

    Lecture 11: 7 Access Control Policies

    You might also like