1 © ravi sandhu om-am and pei prof. ravi sandhu. 2 © ravi sandhu the om-am way objectives model...
TRANSCRIPT
![Page 1: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/1.jpg)
1© Ravi Sandhu
OM-AM and PEI
Prof. Ravi Sandhu
![Page 2: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/2.jpg)
2© Ravi Sandhu
THE OM-AM WAY
Objectives
Model
Architecture
Mechanism
What?
How?
Assurance
![Page 3: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/3.jpg)
3© Ravi Sandhu
LAYERS AND LAYERS
Multics rings Layered abstractions Waterfall model Network protocol stacks Napolean layers RoFi layers OM-AM etcetera
![Page 4: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/4.jpg)
4© Ravi Sandhu
OM-AM AND MANDATORY ACCESS CONTROL (MAC)
What?
How?
No information leakage
Lattices (Bell-LaPadula)
Security kernel
Security labels
Assurance
![Page 5: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/5.jpg)
5© Ravi Sandhu
OM-AM AND DISCRETIONARY ACCESS CONTROL (DAC)
What?
How?
Owner-based discretion
numerous
numerous
ACLs, Capabilities, etc
Assurance
![Page 6: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/6.jpg)
6© Ravi Sandhu
OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC)
What?
How?
Objective neutral
RBAC96, ARBAC97, etc.
user-pull, server-pull, etc.
certificates, tickets, PACs, etc.
Assurance
![Page 7: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/7.jpg)
7© Ravi Sandhu
SERVER MIRROR
Client Server
User-roleAuthorization
Server
![Page 8: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/8.jpg)
8© Ravi Sandhu
SERVER-PULL
Client Server
User-roleAuthorization
Server
![Page 9: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/9.jpg)
9© Ravi Sandhu
USER-PULL
Client Server
User-roleAuthorization
Server
![Page 10: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/10.jpg)
10© Ravi Sandhu
PROXY-BASED
Client ServerProxyServer
User-roleAuthorization
Server
![Page 11: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/11.jpg)
11© Ravi Sandhu
THE OM-AM WAY
Objectives
Model
Architecture
Mechanism
What?
How?
Assurance
![Page 12: 1 © Ravi Sandhu OM-AM and PEI Prof. Ravi Sandhu. 2 © Ravi Sandhu THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance](https://reader036.vdocuments.us/reader036/viewer/2022083009/5697bfae1a28abf838c9c7b1/html5/thumbnails/12.jpg)
12© Ravi Sandhu
PEI
Security and system goals(objectives/policy)
Policy models
Enforcement models
Implementation models
• Necessarily informal
• Specified using users, subjects, objects, admins, labels, roles, groups, etc. in an ideal setting.
• Security analysis (objectives, properties, etc.).• Approximated policy realized using system architecture with trusted servers, protocols, etc.
• Enforcement level security analysis (e.g. stale information due to network latency, protocol proofs, etc.).• Technologies such as Cloud Computing, Trusted Computing, etc.
• Implementation level security analysis (e.g. vulnerability analysis, penetration testing, etc.)
• Software and HardwareConcrete System