1 / 8

Access Control Policies

Access Control Policies. Dan Fleck CS 469: Security Engineering. 1. 1. These slides are modified with permission from Bill Young ( Univ of Texas). Access Control Policies.

hang
Download Presentation

Access Control Policies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Access Control Policies Coming up: Access Control Policies Dan Fleck CS 469: Security Engineering 1 1 These slides are modified with permission from Bill Young (Univ of Texas)

  2. Access Control Policies • The Bell and LaPadula Model is an example of an Access Control Policy. This is a popular way of conceptualizing and implementing security. • The basic idea is to introduce rules that control what accesses(i.e., actions) subjects may take with respect to objects. Coming up: Aside: MAC vs. DAC 2 2

  3. Aside: MAC vs. DAC Specifically, BLP is a mandatory access control system, as distinguished from a discretionary system. Mandatory Access Controls (MAC): rules are enforced on everyattempted access, not at the discretion of any system user; Discretionary Access Controls (DAC): rule enforcement may be waived or modified by some users. What that means for BLP is that no access is ever allowed unless it satisfies the Simple Security Property and *-Property. Contrast that with Unix file protection system; Unix implements DAC since file protections can be modified by a file’s owner. Coming up: Access Control Matrix 3 3

  4. Access Control Matrix In general, any access control policy can be represented by an access control matrix (ACM). Given all subjects and objects in the system, the matrix shows explicitly what accesses are allowed for each subject/object pair. Coming up: BLP Access Control Matrix 4 4

  5. BLP Access Control Matrix Suppose we had a BLP system with exactly three subjects and objects with the given labels. Suppose also that H > L. The following is the associated access control matrix. Coming up: Access Control Matrix 5 5 Using the dominates relationship, which are R, W, both, neither?

  6. Access Control Matrix As with any access control policy, you coulddefine an ACM for a large Bell and LaPadula system. However, the matrix would be huge for most realistic systems. The matrix is implicitin the rules (Simple Security and the *-Property), so access permissions can be computed on the fly. Coming up: Real MAC Implementations 6 6

  7. Real MAC Implementations • SELinux has MAC options built into the kernel. These are used by default on Red Had (in a limited way) • SUSE and Ubuntu apply MAC using AppArmor which focuses on programs (not users) • Windows from Vista forward implements Mandatory Integrity Control (MIC) and Integrity Levels which a user/process acts: • Low, medium, high, system, trusted installer • Apple’s OS X implements MAC using a TrustedBSD implementation Coming up: Lessons Versions of MAC are quite common, although none are used exclusively! 7 Source: http://en.wikipedia.org/wiki/Mandatory_Access_Control

  8. Lessons • BLP is an example of a class of policies called “access control policies.” • BLP is also an example of a mandatory policy in that the rules are enforced on every attempted access. • Any access control policy can be modeled as an explicit matrix. • Most current operating systems use MAC in some limited way. End of presentation 7 8

More Related