Security Techniques/ Access Control and Firewall

Security Techniques/ Access Control

Access
Access Control:
Control: Generalized
Generalized View
View

Access
Access control:
control: Verifying
Verifying access
access rights
rights to
to prevent
prevent
misuse
misuse of
of resources
resources
Authorization:
Authorization: Granting
Granting access
access rights
rights
 Security Techniques/ Access Control
Access
Access Control
Control

Through
Through the the user
user access
access control
control procedure
procedure
(login),
(login), aa user
user can
can be
be identified
identified to
to the
the system
system
Associated
Associated withwith each
each user,
user, there
there cancan be
be aa
profile
profile that
that specifies
specifies permissible
permissible operations
operations
and
and accesses
accesses
The
The operating
operating system
system cancan enforce
enforce rules
rules
based
based on
on the
the user
user profile
profile
 Security Techniques/ Access Control
Access
Access Control
Control Model
Model

General
General access
access control
control model
model
 Access
 Accesscontrol
controlmatrix
matrix(ACM)
(ACM)
 Access
 Accesscontrol
controllist
list(ACL)
(ACL)
 Capability
 Capabilitylist
list(CL)
(CL)

Basic
Basic elements
elements of
ofACM
ACM
 Subject:
 Subject:An
Anentity
entitycapable
capableof
ofaccessing
accessingobjects,
objects,the
the
concept
conceptofofsubject
subjectequates
equateswith
withthat
thatofofprocess
process
 Object:
 Object:Anything
Anythingto towhich
whichaccess
accessisiscontrolled
controlled(files,
(files,
programs,
programs,memory
memorysegments,
segments,…)
…)
 Access
 Accessright:
right:The
Theway
wayininwhich
whichananobject
objectisisaccessed
accessedby byaa
subject
subject(read,
(read,write,
write,execute,
execute,…)
…)
 Security Techniques/ Access Control
Access
Access Control
Control Matrix
Matrix
In
In the
the ACM,
ACM, each each subject
subject isis represented
represented byby aa row
row
and
and each
each object
object asas aa column
column
ACM
ACM [s, [s, o]
o] lists
lists precisely
precisely which
which operations
operations subject
subject
ss can
can request
request to to be
be carried
carried out
out onon object
object oo
The
The drawback
drawback of of this
this system
system isis that
that the
the Matrix
Matrix
will
will have
have many
many empty
empty entries
entries
 Another
 Another widely
widely used
used approach
approach isis to
to use
use Access
Access Control
Control
Lists
Lists in
in which
which each
each object
object maintains
maintains aa list
list of
of access
access
rights
rightsofofsubjects
subjects
 Another
 Another approach
approach isis to
to give
give each
each subject
subject aa Capability
Capability
List
List(access
(accessrights
rightsto
toobjects)
objects)that
thatare
aredigitally
digitallysigned
signed
 Security Techniques/ Access Control

Access
Access Control
Control Matrix
Matrix
Object
Subject
 Security Techniques/ Access Control
Access
Access Control
Control List
List
Decomposition
Decomposition of
of the
the matrix
matrix by
by columns
columns

An
An access
access control
control list
list lists
lists users
users and
and their
their
permitted
permitted access
access right
right
The
The list
list may
may contain
contain aa default
default or
orpublic
public entry
entry
 Security Techniques/ Access Control
Capability
Capability List
List
Decomposition
Decomposition of
of the
the matrix
matrix by
by rows
rows

A
Acapability
capability ticket
ticket specifies
specifies authorized
authorized objects
objects and
and
operations
operations for
for aa user
user
Each
Each user
userhas
has aa number
number ofof such
such tickets
tickets
 Security Techniques/ Access Control
Access
AccessControl
ControlList
List(a)
(a)Verses
VersesCapability
CapabilityList
List(b)
(b)
 Security Techniques/ Access Control
Protection
Protection Domain
Domain
An
An Access
Access Control
Control ListList or
or aa Capability
Capability List
List can
can
still
still become
become too
too large
large
One
One way way of
of reducing
reducing ACLsACLs isis to to make
make use
use of
of
protection
protection domains
domains
AA protection
protection domain
domain isis aa set set of
of (object,
(object, access
access
rights)
rights)
Requests
Requests forfor carrying
carrying outout anan operation
operation are
are always
always
issued
issued within
within aa domain
domain
AA user
user should
should bebe aa member
member of of aa domain
domain that
that has
has
the
the required
required access
access rights
rights to
to invoke
invoke anan object
object
 Security Techniques/ Access Control
Multilevel
Multilevel Security
Security
Remember
Remember that
that computer
computer security
security is
is mainly
mainly
concerned
concerned with
with three
three aspects
aspects of
of security:
security:
•• Confidentiality:
Confidentiality: preventing/detecting/deterring
preventing/detecting/deterring
the
the improper
improper discloser
discloser of
of information.
information.
•• Integrity:
Integrity: preventing/detecting/deterring
preventing/detecting/deterring thethe
improper
improper modification
modification of
of data.
data.
•• Availability:
Availability: preventing/detecting/deterring
preventing/detecting/deterring the
the
improper
improper denial
denial of
of service
service provided
provided by
by the
the
system.
system.
 Security Techniques/ Access Control
Multilevel
MultilevelSecurity
Security

Multilevel
Multilevel security
security
 It
 It corresponds
corresponds to
to military-style
military-style classifications
classifications
 In
 In such
such applications,
applications, subjects
subjects and
and objects
objects are
are
often
often partitioned
partitioned into
into different
different security
security levels
levels
 Protection
 Protection of of data
data and
and resources
resources isis on
on the
the basis
basis of
of
levels
levels of
of security
security
A
 A subject
subject can
can only
only access
access objects
objects atat certain
certain levels
levels
determined
determined by by his
his security
security level
level
 Security Techniques/ Access Control
Multilevel
Multilevel Security
Security
Security
Security policy
policy governs
governs aa set
set of
of rules
rules and
and
objectives
objectives needed
needed by
by an
an organization.
organization.
•• AA security
security model
model cancan be be used
used by by an
an
organization
organization toto help
help express
express the
the policy
policy or
or
business
business rules
rules toto be
be used
used in
in aa computer
computer
system.
system.
•• There
There are
are two
two types
types of
of models
models that
that can
can be
be
used:
used: Mandatory
Mandatory access
access control
control andand
Discretionary
Discretionary access
access control
control
 Security Techniques/ Access Control
Multilevel
Multilevel Security
Security
Mandatory
Mandatory access
access control
control isis aa means
means of of restricting
restricting
access
access to to objects
objects based
based on on thethe sensitivity
sensitivity (as(as
represented
represented byby aa level)
level) of
of the
the information
information contained
contained in in
the
the objects
objects and
and the
the formal
formal authorization
authorization of of subjects
subjects toto
access
access information
information of of such
such sensitivity
sensitivity
Discretionary
Discretionary access
access control
control isis aa means
means of of restricting
restricting
access
access toto objects
objects based
based on on the
the identity
identity of
of subject
subject
and/or
and/or groups
groups toto which
which they
they belong.
belong. The
The controls
controls are
are
discretionary
discretionary in
in the
the sense
sense that
that aa subject
subject with
with aa certain
certain
access
access permission
permission isis capable
capable of of passing
passing that that
permission
permission (perhaps
(perhaps indirectly)
indirectly) toto any
any other
other subject
subject
 Security Techniques/ Access Control
Bel LaPadula monel
Bibaintegrity model
Clark-Wilson Model
Chinese Wall Model
Lipner Model