access control
play

access control 1 last time two phase commit and delayed messages - PowerPoint PPT Presentation

Aug 31, 2022 •373 likes •1k views

access control 1 last time two phase commit and delayed messages simplifjcations in assignment quorum consensus: not requiring unanimity goal: use nodes for redundancy, but keep them consistent keep operating when suffjciently many nodes are

  1. access control 1

  2. last time two phase commit and delayed messages simplifjcations in assignment quorum consensus: not requiring unanimity goal: use nodes for redundancy, but keep them consistent keep operating when suffjciently many nodes are around key idea: always contact overlapping sets of nodes protection (mechanism) and security authentication (who) v authorization (can do what) 2

  3. authorization v authentication authentication — who is who authorization — who can do what probably need authentication fjrst… 3

  4. authorization v authentication authentication — who is who authorization — who can do what probably need authentication fjrst… 3

  5. authentication password hardware token … this class: mostly won’t deal with how just tracking afterwards 4

  6. authentication password hardware token … this class: mostly won’t deal with how just tracking afterwards 4

  7. access control matrix: who does what? read objects (whatever type) with restrictions … “group csfaculty” “user cr4bd” to 1+ protection domains : each process belongs kill write domain 3 fjle 1 wakeup write read domain 2 read/write domain 1 process 1 fjle 2 5

  8. access control matrix: who does what? read objects (whatever type) with restrictions … “group csfaculty” “user cr4bd” to 1+ protection domains : each process belongs kill write domain 3 fjle 1 wakeup write read domain 2 read/write domain 1 process 1 fjle 2 5

  9. access control matrix: who does what? read objects (whatever type) with restrictions … “group csfaculty” “user cr4bd” to 1+ protection domains : each process belongs kill write domain 3 fjle 1 wakeup write read domain 2 read/write domain 1 process 1 fjle 2 5

  10. access control matrix: who does what? read objects (whatever type) with restrictions … “group csfaculty” “user cr4bd” to 1+ protection domains : each process belongs kill write domain 3 fjle 1 wakeup write read domain 2 read/write domain 1 process 1 fjle 2 5

  11. access control matrix: who does what? read objects (whatever type) with restrictions … “group csfaculty” “user cr4bd” to 1+ protection domains : each process belongs kill write domain 3 fjle 1 wakeup write read domain 2 read/write domain 1 process 1 fjle 2 6

  12. user IDs most common way OSes identify what domain process belongs to: (unspecifjed for now) procedure sets user IDs every process has a user ID user ID used to decide what process is authorized to do 7

  13. POSIX user IDs uid_t geteuid(); // get current process's "effective" user ID process’s user identifjed with unique number kernel typically only knows about number efgective user ID is used for all permission checks also some other user IDs — we’ll talk later standard programs/library maintain number to name mapping /etc/passwd on typical single-user systems network database on department machines 8

  14. POSIX user IDs uid_t geteuid(); // get current process's "effective" user ID process’s user identifjed with unique number kernel typically only knows about number efgective user ID is used for all permission checks also some other user IDs — we’ll talk later standard programs/library maintain number to name mapping /etc/passwd on typical single-user systems network database on department machines 8

  15. POSIX groups gid_t getegid( void ); // process's"effective" group ID int getgroups( int size, gid_t list[]); // process's extra group IDs POSIX also has group IDs like user IDs: kernel only knows numbers standard library+databases for mapping to names also process has some other group IDs — we’ll talk later 9

  16. id cr4bd@power4 : /net/zf14/cr4bd ; id uid=858182(cr4bd) gid=21(csfaculty) groups=21(csfaculty),325(instructors),90027(cs4414) id command displays uid, gid, group list names looked up in database kernel doesn’t know about this database code in the C standard library 10

  17. groups that don’t correspond to users example: video group for access to monitor put process in video group when logged in directly don’t do it when SSH’d in …but: user can keep program running with video group in the background after logout? 11

  18. groups that don’t correspond to users example: video group for access to monitor put process in video group when logged in directly don’t do it when SSH’d in …but: user can keep program running with video group in the background after logout? 11

  19. access control matrix: who does what? read objects (whatever type) with restrictions … “group csfaculty” “user cr4bd” to 1+ protection domains : each process belongs kill write domain 3 fjle 1 wakeup write read domain 2 read/write domain 1 process 1 fjle 2 12

  20. representing access control matrix with objects (fjles, etc.): access control list list of protection domains (users, groups, processes, etc.) allowed to use each item list of (domain, object, permissions) stored “on the side” example: AppArmor on Linux confjguration fjle with list of program + what it is allowed to access prevent, e.g., print server from writing fjles it shouldn’t 13

  21. POSIX fjle permissions POSIX fjles have a very restricted access control list one user ID + read/write/execute bits for user “owner” — also can change permissions one group ID + read/write/execute bits for group default setting — read/write/execute (see docs for chmod command) 14

  22. POSIX/NTFS ACLs more fmexible access control lists list of (user or group, read or write or execute or …) supported by NTFS (Windows) a version standardized by POSIX, but usually not supported 15

  23. POSIX ACL syntax # group students have read+execute permissions # group faculty has read/write/execute permissions group:faculty:rwx # user mst3k has read/write/execute permissions user:mst3k:rwx # user tj1a has no permissions # POSIX acl rule: # user take precedence over group entries 16 group:students:r − x user:tj1a: −−−

  24. authorization checking on Unix checked on system call entry no relying on libraries, etc. to do checks fjles (open, rename, …) — fjle/directory permissions processes (kill, …) — process UID = user UID … 17

  25. superuser user ID 0 is special superuser or root some system calls: only work for uid 0 shutdown, mount new fjle systems, etc. automatically passes all (or almost all) permission checks 18

  26. how does login work? somemachine login: jo jo@somemachine$ l s ... this is a program which… checks if the password is correct, and changes user IDs, and runs a shell 19 password: ********

  27. how does login work? somemachine login: jo jo@somemachine$ l s ... this is a program which… checks if the password is correct, and changes user IDs, and runs a shell 20 password: ********

  28. Unix password storage typical single-user system: /etc/shadow only readable by root/superuser department machines: network service Kerberos / Active Directory: server takes (encrypted) passwords server gives tokens: “yes, really this user” can cryptographically verify tokens come from server 21

  29. aside: beyond passwords /bin/login entirely user-space code only thing special about it: when it’s run could use any criteria to decide, not just passwords physical tokens biometrics … 22

  30. how does login work? somemachine login: jo jo@somemachine$ l s ... this is a program which… checks if the password is correct, and changes user IDs, and runs a shell 23 password: ********

  31. changing user IDs int setuid(uid_t uid); if superuser: sets efgective user ID to arbitrary value and a “real user ID” and a “saved set-user-ID” (we’ll talk later) system starts in/login programs run as superuser voluntarily restrict own access before running shell, etc. 24

  32. sudo tj1a@somemachine$ sudo restart sudo: run command with superuser permissions started by non-superuser recall: inherits non-superuser UID can’t just call setuid(0) 25 Password: *********

  33. set-user-ID sudo extra metadata bit on executables : set-user-ID if set: exec() syscall changes efgective user ID to owner’s ID sudo program: owned by root, marked set-user-ID marking setuid: chmod u+s 26

  34. set-user ID gates set-user ID program: gate to higher privilege controlled access to extra functionality make authorization/authentication decisions outside the kernel way to allow normal users to do one thing that needs privileges write program that does that one thing — nothing else! make it owned by user that can do it (e.g. root) mark it set-user-ID want to allow only some user to do the thing make program check which user ran it 27

  35. uses for setuid programs mount USB stick setuid program controls option to kernel mount syscall make sure user can’t replace sensitive directories make sure user can’t mess up fjlesystems on normal hard disks make sure user can’t mount new setuid root fjles control access to device — printer, monitor, etc. setuid program talks to device + decides who can write to secure log fjle setuid program ensures that log is append-only for normal users setuid program creates socket, then becomes not root 28 bind to a particular port number < 1024

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects : system resources for which protection is

576 views • 21 slides
Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views • 47 slides
Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control? How Is Access Determined? Who Determines Access? Forms of Access Control SELinux Booleans iptables File Access Control Lists Apache Access Control

711 views • 36 slides
1 General Access Control General Access Control Control of access to memory relatively easy:

1 General Access Control General Access Control Control of access to memory relatively easy:

Role of Access Control Before closing back doors we need to close front doors Access control: determines access to files &amp; processes in OS Fall 2008 We will return to these themes throughout the course Fall 2008 CS

512 views • 6 slides
SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing residents / staff access to site areas Main entrance Vehicle entrances Pedestrian entrances Gate / Barrier entrance Bin / Bike / Refuge

336 views • 14 slides
Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs Access Control Administration Accountability Chapter 2 Access Control Models Identification and Authentication Methods Lecturer:

708 views • 9 slides
Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control Introduction to Computer Security Access control, contd Announcements intermission Stephen McCamant Capability-based access control University

380 views • 7 slides
D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient access control and authentication checks Insecure access control methods Private, internal functions and data are accessible through a

547 views • 11 slides
Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a

Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a

Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a simple, modular approach to networked access control with scalability in mind. Easy management from a central location PC from anywhere with an

196 views • 9 slides
Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of achieving confiden5ality and integrity) Who can access What Objects : Subjects : Files/ Programs/ Sockets/ User/ process/ applica5on Hardware/

985 views • 46 slides
Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer Security Announcements intermission Day 10: OS security: access control Multilevel and mandatory access control Stephen McCamant University of

324 views • 10 slides
Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of achieving confidentiality and integrity) Who can access What Objects : Subjects : Files/ Programs/ Sockets/ User/ process/ application

1.31k views • 50 slides
Access Control Mechanisms Week 6 1 CEN-5079: 7.March.2019 Why Access Control Following

Access Control Mechanisms Week 6 1 CEN-5079: 7.March.2019 Why Access Control Following

Access Control Mechanisms Week 6 1 CEN-5079: 7.March.2019 Why Access Control Following authentication, we need to decide what the subject can access 1 Read F 1 OK 2 Bob Write to F Alice 2 F NO ! 3 Execute G G 3 OK

596 views • 56 slides
Insecure Direct Object Reference IDOR ( Broken Access Control ) IDOR ( Broken Access Control ) ~#

Insecure Direct Object Reference IDOR ( Broken Access Control ) IDOR ( Broken Access Control ) ~#

Insecure Direct Object Reference IDOR ( Broken Access Control ) IDOR ( Broken Access Control ) ~# whoami Eric Biako Bsc. IT, CEH v9 Information security officer @ E-connecta Moderator @ https://legalhackmen.com IDOR ( Broken Access Control )

517 views • 12 slides
Access Control SecAppDev 2016 Maarten Decat maarten.decat@kuleuven.be @maartendecat What is

Access Control SecAppDev 2016 Maarten Decat maarten.decat@kuleuven.be @maartendecat What is

Access Control SecAppDev 2016 Maarten Decat maarten.decat@kuleuven.be @maartendecat What is access control? Access control is the part of security that constrains the actions that are performed in a system based on access control rules .

1.4k views • 113 slides
1 Types of Power-Saving MACs The Sensor MAC (S-MAC) Three distinct classes of power-saving

1 Types of Power-Saving MACs The Sensor MAC (S-MAC) Three distinct classes of power-saving

What Is Media Access Control? Media Access Control (MAC) determines who gets access to the shared medium, and when Media Access Control In wired settings, usually just tries to avoid Greg Hackmann contention In wireless settings, can

399 views • 7 slides
Access Control CS461/ECE422 Spring 2012 Reading Material

Access Control CS461/ECE422 Spring 2012 Reading Material

Access Control CS461/ECE422 Spring 2012 Reading Material Chapter 4 through sec=on 4.5 Chapters 25 and 26 For the access control aspects of

967 views • 40 slides
Security Concepts (cont) Deian Stefan Slides adopted from Kirill Levchenko and Stefan Savage

Security Concepts (cont) Deian Stefan Slides adopted from Kirill Levchenko and Stefan Savage

CSE 127: Computer Security Security Concepts (cont) Deian Stefan Slides adopted from Kirill Levchenko and Stefan Savage Incentives and Deterrents Attackers equation: (expected gain) &gt; (cost of attack) Defenders equation:

301 views • 28 slides
Security (2) Summer 2016 Cornell University 1 Today Access control DAC MAC 2

Security (2) Summer 2016 Cornell University 1 Today Access control DAC MAC 2

CS 4410 Operating Systems Security (2) Summer 2016 Cornell University 1 Today Access control DAC MAC 2 Access control Confidentiality and integrity are often enforced using access control. Predefined operations are the

649 views • 17 slides
CSE543 - Introduction to Computer and Network Security Module: Access Control Professor Trent

CSE543 - Introduction to Computer and Network Security Module: Access Control Professor Trent

806 views • 33 slides
Network Verification Using Atomic Network Verification Using Atomic Predicates Predicates Ne

Network Verification Using Atomic Network Verification Using Atomic Predicates Predicates Ne

Network Verification Using Atomic Network Verification Using Atomic Predicates Predicates Ne two rk Ve rific atio n U sing Ato mic Pre dic ate s (S. S. L am) 1 3/ 28/ 2017 Difficulty in Managing Large Networks Difficulty in Managing Large

760 views • 44 slides
Access Control Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - COMP4631 - L17 1 Agenda of this

Access Control Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - COMP4631 - L17 1 Agenda of this

Access Control Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - COMP4631 - L17 1 Agenda of this Lecture The basic concepts of access control, ACLs, capabilities, etc. Two approaches to access control Further reading C. Ding -

784 views • 35 slides
SDSI -- A S imple D istributed S ecurity I nfrastructure by Ronald L. Rivest MIT Lab for Computer

SDSI -- A S imple D istributed S ecurity I nfrastructure by Ronald L. Rivest MIT Lab for Computer

SDSI -- A S imple D istributed S ecurity I nfrastructure by Ronald L. Rivest MIT Lab for Computer Science (joint work with Butler Lampson) Outline Context and history Motivation and goals SDSI: syntax public keys (principals)

717 views • 32 slides
0117401: Operating System Chapter 11: File system

0117401: Operating System Chapter 11: File system

0117401: Operating System Chapter 11: File system interface() xlanchen@ustc.edu.cn http://staff.ustc.edu.cn/~xlanchen Computer Application Laboratory, CS, USTC @ Hefei Embedded System

1.21k views • 62 slides

More recommend