chapter 4
DESCRIPTION
Chapter 4. Access Control Manage Principals operations in system. Resources. Access control Which principals have access to what resources on the system and when. Applications. Middleware. Operating system. Hardware. Access control system. - PowerPoint PPT PresentationTRANSCRIPT
Chapter 4
Access Control
Manage Principals operations in system
Resources
Access controlWhich principals have access to what
resources on the system and when
Applications
Middleware
Operating system
Hardware
Access control system
System authenticates principal using some method, then controls access to system resources.
Often a matrix of permissions Triple of User Program File See matrix page 53 Matrices grow very large
Control this through groups or roles Certificated based systems coming about
I have a certificate signed by some authority that I have a specific right.
Groups and roles
Do not assign rights individuallyAssign to groups that represents the
activities or job titles of employeesThey define the rules, you implement
themACL Access Control List
Column of the matrix who has what rights to resource
UNIX
Root can access everything.Not a good thing, even system admin
should not have access to certain files:Audit trailsLogs
Newer versions of UNIX have worked to separate out these dutiesMilitary versions even more so
Granularity
Security and Database Database is 1 file so OS must give access to this
one file Within in the database security is controlled by the
DBMS This creates various issues with passwords,
management and control Many systems, many passwords Companies striving for 1 central directory service This is why Microsoft wants it’s Active Directory
product to become a “standard”
Sandboxing
Java uses thisApplet runs in a virtual restricted
environmentDoes not have access to hard driveJVM has limited local access
Object Request Brokers
Mediates communications between objects
Outgrowth of Object Oriented programming
Common Object Request Broker Architecture (CORBA) Industry standard
Hardware protection
Protect one process from interfering with anotherMemoryMetadata (data about processes)
Hardware access controlRings of protection
Less privileged process (user program) needs to access more privileged process (device driver)
Processors
Intel processors page 63ARM processors page 63Security processors page 64QoS
Quality of Service issues.One process does not hog CPU
What goes wrong
Smashing the stackSyn floodingTrojan horseRoot kits
Single commandsFull root kits
Active web contentAnd many more programming defects
NSA
NSADeep distrust of application securityHeavy emphasis on trusted OS security
Environmental creep
UNIX original use was in trusted environment Todays use is in the most untrusted
environment (internet) Many tools also develop for trusted
environment FTP, SMTP, DNS… Used in most untrusted environment Code used to be buggy, now is malicious Script kiddies anyone can attack system
Discussion topics
Current stack smashing articleEnvironment Creep and OS attacksCurrent state of windows root kitWhere should security lie? OS,
applications, middleware?Certificate based security.
Articles
Root Kit articles: http://www.viruslist.com/en/analysis?
pubid=168740859http://
searchwindowssecurity.techtarget.com/originalContent/0,289142,sid45_gci1086469,00.html
List of resources
Access control http://en.wikipedia.org/wiki/Access_control http://www.owasp.org/documentation/topten/a2.htm
l Groups roles
http://www.microsoft.com/windowsxp/evaluation/features/accesscntrl.mspx
http://www.tech-faq.com/role-based-access-control-rbac.shtml
http://technet2.microsoft.com/WindowsServer/en/Library/72b55950-86cc-4c7f-8fbf-3063276cd0b61033.mspx
List of resources
Sandboxinghttp://www.kernelthread.com/publications/se
curity/sandboxing.htmlhttp://internetweek.cmp.com/trends/
0825.htm
List of resources
Object Request Brokershttp://en.wikipedia.org/wiki/
Object_request_brokerhttp://www.sei.cmu.edu/str/descriptions/
corba_body.htmlRings
http://www.devx.com/Intel/Article/30125
List of Resources
NSAhttp://www.nsa.gov/selinux/http://www.nsa.gov/selinux/info/faq.cfm