isys20261 lecture 12
Post on 19-May-2015
76 Views
Preview:
TRANSCRIPT
Computer Security Management(ISYS20261)Lecture 12 – Access Control
Module Leader: Dr Xiaoqi Ma
School of Science and Technology
Computer Security ManagementPage 2
Last time …
• Protection (defence) against harm:– Prevent it by blocking attack or closing vulnerabilities
– Deter it by making the attack harder (but not impossible!)
– Deflect it by making another target more attractive
– Detect it either as it happens or some time after
– Recover from effects
– Using any combination of the above
• Using countermeasures (controls)
• Methods of defence – Software controls
– Encryption
– Physical and hardware controls
Computer Security ManagementPage 3
Today
• Access control
• Authentication
• authorisation
Computer Security ManagementPage 4
Access control
• Permit or deny the use of a particular resource by a particular entity
• Two dimensions: authentication and authorisation
• Authentication– User to system
– System to user
• Authorisation– Discretionary access control
– Mandatory access control
– Role-based access control
Computer Security ManagementPage 5
User to system authentication
• Something you know– Password, PIN, challenge-response
• Something you have– Key, smart card, code book, etc.
• Something you are– Biometrics: fingerprints, retina scan, etc.
• Somewhere you are– Secure terminals, subnets, etc.
• Any combination of the above (Two-factor authentication)
Computer Security ManagementPage 6
System to user authentication
• Secure paths– Mechanism that ensures that user communicates with the system he intents to
communicate with
– Cannot be intercepted by attacker
– Example: Windows ctrl+alt+del
• Browser clues
• Etc.
Computer Security ManagementPage 7
Authorisation
• Discretionary access control– Based on identity of user
– Sometimes organised in groups
• Mandatory access control– Based on security clearance of user
• Role-based access control– Based on user’s function, authority and responsibilities
Computer Security ManagementPage 8
Discretionary access control (DAC)
• Restricting access to objects based on the identity of users and/or groups to which they belong
• Access: read, write, execute, etc.
• Often every object has an owner that controls the permissions to access the object
• Discretionary: a subject with a certain access permission is capable of passing that permission on to other subjects
• Permissions are stored in Access Control Lists (ACLs)
• System first checks the list for an applicable entry in order to decide whether to proceed with the operation
Computer Security ManagementPage 9
Access control lists (ACLs)
• Specifies who is allowed to access the object and what operations are allowed to be performed on the object
• List of users and associated permissions attached to an object
• Usually implemented as a table
• Every user needs to have an entry: – ACL can grow easily
– Maintaining ACLs can be cumbersome
Computer Security ManagementPage 10
Mandatory access control (MAC)
• Assigns security labels (classifications) to system resources– Examples: RESTRICTED, CLASSIFIED, SECRET, TOP SECRET, …
• Ordered (not necessarily in linear order!)
• Allows access only to entities (people, processes, devices) with appropriate levels of authorisation (clearance)
• Only administrators, not owners, make changes to a resource's security label
• Assigned security level reflects the relative sensitivity, confidentiality, and protection value, of data
Computer Security ManagementPage 11
Bell and La Padula
• Model that focuses on data confidentiality and access to classified information
• Information must not flow from high to low classification:– No read up: lowly classified entities may not read more highly classified data
– No write down: highly classified entities may not write to more lowly classified files
• Limitations– Restricted to confidentiality
– intended for systems with static security levels - no policies for changing access rights
– Sometimes, it is not sufficient to hide only the contents of objects. Their existence may have to be hidden as well, BUT a low subject can detect the existence of high objects when it is denied access
Computer Security ManagementPage 12
Role-based access control (RBAC)
• Approach to restricting system access to authorised users that reduces the costs
• User has access to an object based on his or her assigned role– Users change frequently, roles don’t
• Operations on an object are invoked based on permissions
• An object is concerned with the user’s role and not the user
• Roles are– a collection of users and a collection of permissions
– Arranged in hierarchies
Roles Permissions
user-role assignment role-permissionassignment
users
Computer Security ManagementPage 13
Summary
Today we learned:
• Access control permits or denies the use of a particular resource by a particular entity
• To dimensions: authentication and authorisation
• Authentication– User to system
– System to user
• Authorisation– Discretional access control
– Mandatory access control
– Role-based access control
top related