1 / 15

COEN 350: Network Security

Learn about access matrices, access control lists, protection rings, security classes, and access control policies in network security authorization.

gilbertoc
Download Presentation

COEN 350: Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COEN 350: Network Security Authorization

  2. Fundamental Mechanisms:Access Matrix • Subjects • Objects (Subjects can be objects, too.) • Access Rights • Example: • OS • Subjects = Processes • Objects = System Resources • Access Rights: read, write, execute

  3. Fundamental Mechanisms:Access Matrix • Example: • DBMS • Subjects = Users • Objects = Relations • Access Rights: retrieve, update, insert, delete

  4. Fundamental Mechanisms:Access Matrix • Access Matrix: • Row for each object • Column for each subject • Entry is a set of access rights. • Later Security Models: • Allow for administrative operations that change the access matrix. • Example: Owner of file can give permissions to others.

  5. Fundamental Mechanisms:Access Matrix • Access Control Lists • ACL for each object. • Lists all the subjects and their rights. • Capabilities • Capability list for each subject. • Contains all the objects and the rights of the subject.

  6. Fundamental Mechanisms:Access Matrix • Authorization Relation • Database table with fields owner, access mode, object. Subject Access Mode Object Bob Owner File 1 Bob Read File 1 Bob Write File 1 Alice Read File 1 Alice Owner File 2 Alice Read File 2 Alice Write File 2 Bob Read File 2 Bob Write File 2

  7. Fundamental Mechanisms:Intermediate Controls • Access matrix too storage intensive • Access matrices make it hard to change policies. • Mechanism 1: Groups • Ideally, all access privileges mediated through group membership. • Negative permissions implement exceptions

  8. Fundamental Mechanisms:Intermediate Control • Protection Rings • Example: • Group processes and system resources into four categories • Operating System Kernel • Operating System • Utilities • User Processes • Access to an object is only granted to a subject of lower level. • Unix only has two levels. • Sometimes protection rings have hardware support.

  9. Fundamental Mechanisms:Security Classes • Each object has a Security class (Security Label) • Denning: • Information Control Policy consists of • Security Classes • “Can flow” relationship • Join operation • Join A  B combines rights and restrictions of both. • US DoD Security Levels • Top Secret • Secret • Confidential • Unclassified

  10. Fundamental MechanismsAccess Control Policies • Discretionary Access Control (DAC) • Specifies authorization solely based on object and subject identity. • Flexible and simple. • Difficult to control information flow. • (Classical) Mandatory Access Control (MAC) • Each user and object has a security level. • Security level reflects trust that user will not pass information to users with lower level clearance. • Access to an object based on security level.

  11. Fundamental MechanismsAccess Control Policies • (Refined) Mandatory Access Control (MAC) • Security Levels and Compartments. • Example: • CRYPTO for cryptographic algorithms. • COMSEC for communication security. • Possible to have top secret clearance in CRYPTO and unclassified clearance in COMSEC • Discretionary policies typical in low security (academic) environments. • Mandatory policies typical in high security (military) environments. • Neither policy adequate for commercial systems.

  12. Fundamental MechanismsAccess Control Policies • Role Based Access Control (RBAC) • Regulate user’s access to information based on the activities the users execute in the system. • “Role” is a set of actions and responsibilities associated with a particular working activity. • Access based on role, not identity of user.

  13. Fundamental MechanismsAccess Control Policies • Role Based Access Control (RBAC) • User authorization is broken into two tasks: • Granting roles to users • Granting rights to roles • Roles can be hierarchical • Engineers inherent employee rights. • User can login with the least privilege for a set of particular tasks. • Roles make it easier to enforce separation of duties: “No single user can subvert the system by herself/himself.”

  14. Covert Channels • A mechanism to circumvent automatic confinement within a security perimeter. • Example: • Person with TOP SECRET clearance runs (inadvertently) Trojan horse. • Trojan horse has free access to files in the compartment. • Trojan horse cannot write down to an unclassified file. • But: Trojan horse can do things that are visible from the outside and thus send contents of TOP SECRET files through a covert channel. • T.H. either runs or waits. System load will vary. Small bandwidth channel. • T.H. can or cannot use shared resources. To send a bit, T.H. fills up the printer line to send 1 bit, or empties it for a 0 bit.

  15. UNIX Woes: SUID programs • Programs can execute the setuid system call. • Executable runs as if executed by user. • Sendmail uses setuid to implement email. • User can cause programs to run as root with input they provide. • Favorite targets of buffer overflow attacks.

More Related