.

gaggelinos@ssl-unipi.gr

;



()

.

:
:

.
:

.
Hilbert:


.

(1/3)

(.. , )

(.. )
.
,

.
:

.
4

(2/3)


:


: observe alter
Bell LaPadula: read, write, append,
execute

(3/3)
:

.

,
.
b a a b.

.
a b u a u b u
( )
:
.
6

,
.
:
.
.
.

Access Control Decision Facility
(ISO)
Access Control Enforcement Facility

.

&

(MAC)

.
need-to-know

MAC :



,
, ,

.

H MAC
.

(DAC)

.

(
) .


/
.



,

10
.

(RBAC)
,
, (..
) .
.
-


.

,
.

RBAC
,
(: , , ,
).
11

(CWAC)

.


.

:
,







.
12

Bell-Lapadula (1/3)


.
S,
, e, r,
a, w L.
: V=(BxCxM).
B
.
b.
b (Si,Oj,x).
C LSxLSxLO. C
(cmax(s),c(s),c(o)).
M .

13

Bell-Lapadula (1/3 )
C LSxLSxLO.
C
(cmax(s),c(s),c(o)).
cmax(s) S
c(s) S
c(o)

M .

14

Bell-Lapadula (2/3)
: s

o c(o) c(s).
*: s
o,

p c(o) c(p).

ds:
.

15

Bell-Lapadula (3/3)

.
v1 v2
v1 v2 .

,
, .
:
.

MAC
.

DAC.
16

(1/2)

, (Sandhu)

.
n
COI1, COI2, , COIn.
mi .
n-

.
: ni1 , i2 ,..., in

ik COI k

ik , k 1...n

17

(2/2)

: l1>=l2 l1i=l2i l2i=,

I=1,2,,n.
:


:

: l1 l2
l1i=l2i l1i= l2i=, i=1,2,,n.
18

RBAC (1/6)

RBAC

:
FLAT RBAC ()
Hierarchical RBAC
Constrained RBAC
Symmetric RBAC

19

RBAC (2/6)
Flat RBAC

RBAC :
.

- -.

-.

.

.
20

RBAC (3/6)
Hierarchical RBAC
( 2)
Flat RBAC :
(
).
2a
.
2b
(, ).

21

RBAC (4/6)
Constrained RBAC ( 3)
Hierarchical
RBAC

3a
.
3b
(, ).

22

RBAC (5/6)
Symmetric RBAC ( 4)

Constrained
RBAC :

.
4a
.
4b
(, ).
23

RBAC (6/6)
RBAC
:

24

RBAC

(1/5)

:

,

.
:



.
25

RBAC

(2/5)

:
, ,
.
:

.
:

.
26

RBAC

(3/5)

:




.
:



.
27

RBAC

(4/5)

:
, ,
,


.

28

RBAC

(5/5)

:


,


.

29

Harrison-Ruzzo-Ullman (1/2)

.

R
C
-

(S, O, A) , (S= , =
, = ).

C.
command name (o1, o2, , ok)
if r1 in A[s1, o1] and r2 in A[s2, o2] and

rm in A[sm, om]

then op1, op2, , opn

end

30

Harrison-Ruzzo-Ullman (2/2)
:
create object o.
.
create subject s.
.
destroy subject s.
.
destroy object o.
.
enter r into A[s,o].

s .
delete r from A[s,o].

s o.

31

Graham-Denning

32

- (Take-Grant)


:

33

(Information Flow Models)

(1/5)

.

.
,

.
X

n pi
i, i=1,2,,n. H
X ) p k log 2 p k
X H (
1
k

H ( X ) p k log 2

p
, ,
k

34

(Information Flow Models)

(2/5)

.
yj Y,
1

H (Xy
y jj )
p ( x k y j )
log 2 p ( x k y j ) p ( x k y j ) log 2
k

p( xk y j )

p ( xk y j )

.
X xk
Y yj

H ( X Y ) H ( X y ) p( y )

j
-

.

35

(Information Flow Models)

(3/5)

:



.
(
)
(
=
)

(bits/sec)

36

(Information Flow Models)

(4/5)

. .
: (
) .
: x
( ) .
x<=y
x y
x
y, H(x/y).


.

37

(Information Flow Models)

(5/5)

.

,
.
.

(Non Interference):
.

,
,
.
38

39

Biba (1/2)
:
: s

I(s)I(o).
*: s


p () (p).

: s
q I(s)
I(q).
40

Biba (2/2)
: s
,
.
I(s)
I(o) q
I(q) I(s).
Biba
MAC
BellLaPadula.

41

Clark-Wilson (1/6)

.
:
:
,


.
:

.
42

Clark-Wilson (2/6)

()



3 : ,
, .

43

Clark-Wilson (3/6)

(

) :
1:



.
2:
,


.
44

Clark-Wilson (4/6)
:
3:

.
4:

( )

.
5:




.
45

Clark-Wilson (5/6)

(
):
1:
2



.
2:
(_, i, (a,
b,)), ,

.

.

46

Clark-Wilson (6/6)

:
3:


4:


,
.

47

(1/7)
: (workflows)

,
(tasks).
:
.
(Workflow
Authorisation Model WAM).

(Task-Based Authorisation Controls TBAC).
48

(2/7)
:


.
: S =
=
=
PR =
w =
w1 , w2 ,..wn
=
r R 3 r 0
49

(3/7)
wi={Opi, INi,OUTi,[tli,tui]}
Opi
wi
INi & OUTi
,
.
[tli,tui] .

wi

winsti ={OPERi, INi, OUTi, [tsi,tf]}
50

(4/7)
:Ai

=
AT ( wi ) =

:
AT ( wi ) ( si , i , , pri )

w i OPi , IN , OUT , tl , tu

Ai si , oi , pri , tb , te

i

.
51

(5/7)
:
oi
wi tai..
tsi.
tai tui sis(AT),
tui
tai tli

pripr(AT), tei

tbitli

tbittai.
52

(6/7)
:
wi tf.
tftui

teitf.

53

(7/7)
:
:
,

.

,
w1=({read request, prepare check}, {request, check}, {check},
[10,50])
w2=({approve check}, {check}, {check}, [20,60])
w3=({issue check}, {check}, {check}, [40,80]).
: , .

:
A1(w1)=(, (request,-), read),
AT2(w2)=(, (check,-), prepare),
AT(w2)=(, (check,-), approve),
AT(w3)=(, (check,-), issue).

54

TBAC
:

.
:





55

DoS
:


.
.

.

.
.
.

.

CPU.

56

57