Computer Security: Principles and Practice
21
Computer Security: Computer Security: Principles and Principles and Practice Practice First Edition First Edition by William Stallings and by William Stallings and Lawrie Brown Lawrie Brown Lecture slides by Lawrie Lecture slides by Lawrie Brown Brown Chapter 4 – Chapter 4 – Access Control Access Control
description
Computer Security: Principles and Practice. Chapter 4 – Access Control. First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown. Access Control. - PowerPoint PPT Presentation
Transcript of Computer Security: Principles and Practice
Computer Security: Computer Security: Principles and PracticePrinciples and Practice
First EditionFirst Edition
by William Stallings and Lawrie Brownby William Stallings and Lawrie Brown
Lecture slides by Lawrie BrownLecture slides by Lawrie Brown
Chapter 4 – Chapter 4 – Access ControlAccess Control
Access ControlAccess Control
““The prevention of unauthorized use of a The prevention of unauthorized use of a resource, including the prevention of use resource, including the prevention of use of a resource in an unauthorized manner“of a resource in an unauthorized manner“
central element of computer securitycentral element of computer security assume have users and groupsassume have users and groups
authenticate to systemauthenticate to system assigned access rights to certain resources assigned access rights to certain resources
on systemon system
Access Control PrinciplesAccess Control Principles
Access Control PoliciesAccess Control Policies
Access Control RequirementsAccess Control Requirements
reliable inputreliable input fine and coarse specificationsfine and coarse specifications least privilegeleast privilege separation of dutyseparation of duty open and closed policiesopen and closed policies policy combinations, conflict resolutionpolicy combinations, conflict resolution administrative policiesadministrative policies
Access Control ElementsAccess Control Elements
subject - entity that can access objectssubject - entity that can access objects a process representing user/applicationa process representing user/application often have 3 classes: owner, group, worldoften have 3 classes: owner, group, world
object - access controlled resourceobject - access controlled resource e.g. files, directories, records, programs etce.g. files, directories, records, programs etc number/type depend on environmentnumber/type depend on environment
access right - way in which subject access right - way in which subject accesses an objectaccesses an object e.g. read, write, execute, delete, create, searche.g. read, write, execute, delete, create, search
Discretionary Discretionary Access Control Access Control
often provided using an access matrixoften provided using an access matrix lists subjects in one dimension (rows)lists subjects in one dimension (rows) lists objects in the other dimension (columns)lists objects in the other dimension (columns) each entry specifies access rights of the each entry specifies access rights of the
specified subject to that objectspecified subject to that object access matrix is often sparseaccess matrix is often sparse can decompose by either row or columncan decompose by either row or column
Access Control StructuresAccess Control Structures
Access Control ModelAccess Control Model
Access Access Control Control
FunctionFunction
Protection DomainsProtection Domains
set of objects with associated access rightsset of objects with associated access rights in access matrix view, each row defines a in access matrix view, each row defines a
protection domainprotection domain but not necessarily just a userbut not necessarily just a user may be a limited subset of user’s rightsmay be a limited subset of user’s rights applied to a more restricted processapplied to a more restricted process
may be static or dynamicmay be static or dynamic
UNIX File UNIX File ConceptsConcepts
UNIX files administered using inodesUNIX files administered using inodes control structure with key info on filecontrol structure with key info on file
• attributes, permissions of a single fileattributes, permissions of a single file may have several names for same inodemay have several names for same inode have inode table / list for all files on a diskhave inode table / list for all files on a disk
• copied to memory when disk mountedcopied to memory when disk mounted
directories form a hierarchical treedirectories form a hierarchical tree may contain files or other directoriesmay contain files or other directories are a file of names and inode numbersare a file of names and inode numbers
UNIX File UNIX File Access ControlAccess Control
UNIX File UNIX File Access ControlAccess Control
““set user ID”(SetUID) or “set group ID”(SetGID)set user ID”(SetUID) or “set group ID”(SetGID) system temporarily uses rights of the file owner / system temporarily uses rights of the file owner /
group in addition to the real user’s rights when making group in addition to the real user’s rights when making access control decisionsaccess control decisions
enables privileged programs to access files / enables privileged programs to access files / resources not generally accessibleresources not generally accessible
sticky bit sticky bit on directory limits rename/move/delete to owner on directory limits rename/move/delete to owner
superuser superuser is exempt from usual access control restrictionsis exempt from usual access control restrictions
UNIX UNIX Access Control ListsAccess Control Lists modern UNIX systems support ACLsmodern UNIX systems support ACLs can specify any number of additional users / can specify any number of additional users /
groups and associated rwx permissionsgroups and associated rwx permissions ACLs are optional extensions to std permsACLs are optional extensions to std perms group perms also set max ACL permsgroup perms also set max ACL perms when access is requiredwhen access is required
select most appropriate ACLselect most appropriate ACL• owner, named users, owning / named groups, othersowner, named users, owning / named groups, others
check if have sufficient permissions for accesscheck if have sufficient permissions for access
Role-Role-Based Based Access Access ControlControl
Role-Role-Based Based Access Access ControlControl
Role-Role-Based Based Access Access ControlControl
NIST RBAC ModelNIST RBAC Model
RBAC For a BankRBAC For a Bank
SummarySummary
introduced access control principlesintroduced access control principles subjects, objects, access rightssubjects, objects, access rights
discretionary access controlsdiscretionary access controls access matrix, access control lists (ACLs), access matrix, access control lists (ACLs),
capability ticketscapability tickets UNIX traditional and ACL mechanismsUNIX traditional and ACL mechanisms
role-based access controlrole-based access control case studycase study
