1 / 24

Rule Set Based Access Control

Rule Set Based Access Control. Presented by: Tan Wee Hon Lee Ruiwen. Presentation Outline. Introduction Framework Implemented Models & Demo Application Advantages Resources & References. Introduction. History Why RSBAC? Goals. History of RSBAC. Amon Ott Nov 1996: Master thesis

dale
Download Presentation

Rule Set Based Access Control

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Rule Set Based Access Control Presented by: Tan Wee Hon Lee Ruiwen

  2. Presentation Outline • Introduction • Framework • Implemented Models & Demo • Application • Advantages • Resources & References

  3. Introduction • History • Why RSBAC? • Goals

  4. History of RSBAC • Amon Ott • Nov 1996: Master thesis • Jan 1998: First public release • Current stable version: 1.2.2

  5. Why RSBAC? Insecurity of LINUX/UNIX access control • Crude granularity - drwxrwxrwx • Discretionary control • Super user root

  6. Goals of RSBAC • Secure access control • Flexible choice of models • Combination of models • Portability

  7. Framework • Subjects, Objects and Requests • Architecture • Security Officer

  8. Subjects, Objects & Requests Subjects Processes Objects (Targets) e.g. FILE, DIR, USER, PROCESS Requests What a subject wants to do with an object e.g. CHANGE_OWNER, DELETE, READ_OPEN, MOUNT

  9. Components • ACI: Access Control Information • AEF: Access control Enforcement Facility • ADF: Access control Decision Facility

  10. Components • ACI: Stores status data and configuration items • AEF: Intercepts Linux kernel calls  grant or deny • ADF: Makes decisions

  11. Security Officer (secoff) • Configure modules using utilities provided in the RSBAC distribution • Difference between root and secoff is effort to obtain rights to access anything

  12. Authentication (AUTH) Functional Control (FC) Security Information Modification (SIM) Privacy Model by Simone Fischer-Hübner (PM) Malware Scan (MS) Linux Capabilities (CAP) Mandatory Access Control (MAC) File Flags (FF) Role Compatibility (RC) Access Control Lists (ACL) Implemented Models

  13. Authentication (AUTH) Functional Control (FC) Security Information Modification (SIM) Privacy Model by Simone Fischer-Hübner (PM) Malware Scan (MS) Linux Capabilities (CAP) Mandatory Access Control (MAC) File Flags (FF) Role Compatibility (RC) Access Control Lists (ACL) Implemented Models

  14. Mandatory Access Control (MAC) • Bell-La Padula • 253 security levels • 64 categories (bit vector) • For programs not MAC aware, current security levels and categories are automatically adjusted as necessary, but within read and write level boundaries

  15. File Flags (FF) • Conveniently assign rights to whole directory trees • Inheritable FILE, DIR, FIFO and SYMLINK attributes • e.g. read-only, no-execute, secure-delete

  16. Role Compatibility (RC) • Roles and types • Role can access type only if “compatible” • Forced and Initial Roles based on program files • Separation of Administration Duties • Separate sets of roles e.g. • Admin Roles • Assign Roles • Additional access rights for types: Admin, Assign, Access Control, Supervisor

  17. Access Control Lists (ACL) • What subject may access which object with which requests • Subjects: RC roles, Users, ACL Groups • ACL Groups: • All users can have individual groups • Private and global groups • Inheritance with masks • Special Rights e.g. supervisor

  18. Application • Workstations • Server systems • Examples

  19. Workstations • Protection against unwanted configuration changes • Malicious software (malware) protection • Reduced administration work

  20. Server Systems • Encapsulation of services • Need-to-Know principle • Malware protection • Firewalls: DNS, Proxies • (Virtual) Webservers: Apache • (Virtual) mail servers: POP3, IMAP • File servers: Samba • Application servers

  21. Examples • Compuniverse Firewalls • More than one year with RSBAC • Use of AUTH, FF and RC models • Software selection for better RSBAC control, e.g. POP3 with separate authentication program

  22. Advantages • Provides well-known and new models • Extensible • Flexible • Powerful logging system • Support for current Linux kernels, ports to others systems likely • Increasing downloads and feedback

  23. Resources & References • Homepage: www.rsbac.org • The RSBAC Library • An Introduction • Programmer’s Reference Manual • Programmer’s Cookbook • Reference Manual • Cookbook • Detailed paper: Ott, Amon (2001). The Rule Set Based Access Control (RSBAC) Linux Kernel Security Extension. (International Linux Kongress, 2001)

More Related