cse 543 computer security
play

CSE 543 - Computer Security Lecture 14 - Access Control October 11, - PowerPoint PPT Presentation

Aug 09, 2023 •392 likes •663 views

CSE 543 - Computer Security Lecture 14 - Access Control October 11, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page Access Control System Protection Domain

  1. CSE 543 - Computer Security Lecture 14 - Access Control October 11, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  2. Access Control System • Protection Domain – What can be accessed by a process • Default access: memory • Mediated access: E.g., files • Access Control Enforcement – Mediates Access • Reference Monitor – Processes a Query • Can Subject S perform Operation OP on Object OBJ? • What should the answer to the query be? CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  3. Access Control Policy • Reference Monitor – Queries the policy • Policy Describes Security Goals – Goal: Only let me have access – Goal: Only let people in the job have access – Goal: Only let me and others I trust have access – Q: Other goals? • Choose your goal(s) and express in policy CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  4. In class exercise … • Find a partner: pick an interviewer and a responder, do 5 minute interview asking them what, with whom, and what they do with personal information they share with third parities. – Example: what do you share with phone telemarketers, departmental secretaries, the university, your advisor, your significant other, … • Don ’ t be exhaustive about all the information, but definitely identify the broad classes of information you share (sensitive, highly sensitive, etc) .. do the same for the entities you share with. • What are you allowing them to do with this information: e.g., share, alter, record, unknown? – Discuss and formulate a subject, object matrix for each right defined by this process. The interviewer should lead the process, I.e., the responder answers questions only. CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  5. Access Policy Goals • Rights assignment is the process of describing a security goal • “ Principle of least privilege ” – You should provide the minimal set or rights necessary to perform the needed function – Implication 1 : you want to reduce the protection domain to the smallest possible set of objects – Implication 2 : you want to assign the minimal set of rights to each subject – Caveat : of course, you need to provide enough rights and a large enough protection domain to get the job done. – What other kinds of policy goals are there? CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  6. Policy Goals • Secrecy – Don ’ t allow reading by unauthorized subjects – Control where data can be written by authorized subjects • Why is this important? • Integrity – Don ’ t permit dependence on lower integrity data/code • Why is this important? – What is “dependence”? • Availability – The necessary function must run – Doesn ’ t this conflict with above? CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  7. Access Control Model • What language should I use to express policy? – Access Control Model • Oodles of these – Some specialize in secrecy • Bell-LaPadula – Some specialize in integrity • Clark-Wilson – Some focus on jobs • RBAC – Some specialize in least privilege • SELinux Type Enforcement • Q: Why are there so many different models? CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  8. Groups • Groups are collections of identities who are assigned rights as a collective • Important in that it allows permissions to be assigned in aggregates of users … Group Alice Permissions Users Bob Ivan Trent • This is really about membership • Standard DAC • Permissions are transient CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  9. Job Functions • In an enterprise, we don ’ t really do anything as ourselves, we do things as some job function – E.g., student, professor, doctor • One could manage this as groups, right? – We are assigned to groups all the time, and given similar rights as them, i.e., mailing lists CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  10. Role • A role is a collection of privileges/permissions associated with some function or affiliation • NIST studied the way permissions are assigned and used in the real world, and this is it … Role Read Permissions Users Delete Write Modify • Important: the permissions are static, the user-role membership is transient • This is not standard DAC CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  11. RBAC • Role based access control is a class of access control not direct MAC and DAC, but may one or either of these. – A lot of literature deals with RBAC models – Most formulations are of the type • U : users -- these are the subjects in the system • R : roles -- these are the different roles users may assume • P : permissions --- these are the rights which can be assumed – There is a many-to-many relation between: • Users and roles • Roles and permissions – Relations define the role-based access control policy CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  12. RBAC Sessions • During a session , a user assumes a subset of the roles it may take on – Known as activating a set of roles – The set of rights given to a user is the union of the rights of the activated roles • Q: why not just activate all the roles? • Note: the session terminates at the user ’ s discretion CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  13. Multilevel Security • A multi-level security system tags all object and subject with security tags classifying them in terms of sensitivity/access level. – We formulate an access control policy based on these levels – We can also add other dimensions, called categories which horizontally partition the rights space (in a way similar to that as was done by roles) security levels categories CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  14. Lattice Model • Used by the US military (and many others), the Lattice model uses MLS to define policy • Levels: unclassified < confidential < secret < top secret • Categories (actually unbounded set) NUC(lear), INTEL(igence), CRYPTO(graphy) • Note that these levels are used for physical documents in the US government as well. CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  15. Assigning Security Levels • All subjects are assigned clearance levels and compartments – Alice: (SECRET, {CRYTPO, NUC}) – Bob: (CONFIDENTIAL, {INTEL}) – Charlie: (TOP SECRET, {CRYPTO, NUC, INTEL}) • All objects are assigned an access class – DocA: (CONFIDENTIAL, {INTEL}) – DocB: (SECRET, {CRYPTO}) – DocC: (UNCLASSIFIED, {NUC}) CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  16. Evaluating Policy Access is allowed if subject clearance level >= object sensitivity level and subject categories ⊇ object categories ( read down ) Q: What would write-up be? Hence, Charlie: TS, {CRYPTO, NUC, INTEL}) Bob: CONF., {INTEL}) Alice: (SEC., {CRYTPO, NUC}) DocB: (SECRET, {CRYPTO}) DocA: (CONFIDENTIAL, {INTEL}) DocC: (UNCLASSIFIED , {NUC}) CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  17. How about integrity? • Biba defined a dual of secrecy for integrity – Lattice policy with • No read down • No write up – Q: Why would this work? • The lattice model for secrecy matched the paper world, does this integrity model? – Consider an Oracle • What is a realistic view of integrity? CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  18. LOMAC • Low-Water Mark integrity – Change integrity level based on actual dependencies • Subject is initial the highest integrity – But integrity level can change based on objects accessed • Ultimately, subject has integrity of lowest object read CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  19. Clark-Wilson Integrity • Map Integrity in Business (e.g., accounting) to Computing • High Integrity Data – “Constrained Data Items” (CDIs) • High Integrity Processes – “Transformation Procedures” (TPs) • Check Integrity of Data Initially – “Integrity Verification Procedures” (IVPs) • Premise – If the IVPs verify initial integrity – and high integrity data is only modified by TPs – Then, the integrity of computation is preserved CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

  20. Clark-Wilson Integrity Model • Associate Code with Objects – For each TP a list of CDIs that it can access • Associate Users with TPs and Objects – For each user, she can access some CDIs using some TPs • What are the subjects and objects? What happened to operations? • Result – The rights of a user are “constrained” by the rights of the TP – Further, we are restricted by “separation of duty” • more later CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger Page

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
Quick Intro to Computer Security What is computer security? Securing communication

Quick Intro to Computer Security What is computer security? Securing communication

Carnegie Mellon Quick Intro to Computer Security What is computer security? Securing communication Cryptographic tools Access control User authentication Computer security and usability Thanks to Mike Reiter for the

412 views • 38 slides
Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them? Lecture 1 Page 1 CS 236 Online Why Is Security Necessary? Because people arent always nice Because a lot of

415 views • 25 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer Security? Generally concerned with protection of computer related assets Risk analysis and management! Manage could mean prevention of

537 views • 26 slides
Computer Security Foundations What is Security? Attacker Assets Threat Counter- measure

Computer Security Foundations What is Security? Attacker Assets Threat Counter- measure

IN3210 Network Security Computer Security Foundations What is Security? Attacker Assets Threat Counter- measure Computer Security Security of computers and networks Protection of digital assets Axioms of Computer Security:

240 views • 23 slides
Basic Ciphers Computer Security: Ensure security of data kept on the computer Ahmet Burak

Basic Ciphers Computer Security: Ensure security of data kept on the computer Ahmet Burak

8.10.2019 Information Security Basic Ciphers Computer Security: Ensure security of data kept on the computer Ahmet Burak Can Network Security: Hacettepe University Ensure security of communication over insecure medium

267 views • 10 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #2 Aug 25 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Economist Survey Please read it Main points Security is a MUCH

600 views • 27 slides
CS 480/ 557 Computer Security I ntroduction to I nf ormation 1. Physical Security 2.Human

CS 480/ 557 Computer Security I ntroduction to I nf ormation 1. Physical Security 2.Human

Overview CS 480/ 557 Computer Security I ntroduction to I nf ormation 1. Physical Security 2.Human Security 3.Program Security Security Computer security threats Unintentional: - Coding faults - Operational faults -

238 views • 8 slides
CSE 543 - Computer Security Lecture 11 - OS Security October 2, 2007 URL:

CSE 543 - Computer Security Lecture 11 - OS Security October 2, 2007 URL:

CSE 543 - Computer Security Lecture 11 - OS Security October 2, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 OS Security An secure OS should provide the

873 views • 28 slides
Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 3:

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 3:

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 3: Foundations of Computer Security Chapter 3: 2 Agenda Security strategies Prevention detection reaction Security objectives

839 views • 38 slides
Computer Security 3e Security.di.unimi.it/sicurezza1314 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1314 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1314 Chapter 3: 1 Chapter 3: Foundations of Computer Security Chapter 3: 2 Agenda Security strategies Prevention detection reaction Security objectives Confidentiality

1.08k views • 42 slides
Computer Security 3e Security.di.unimi.it/sicurezza1516 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1516 Chapter 3: 1 Chapter 3: Foundations of

Computer Security 3e Security.di.unimi.it/sicurezza1516 Chapter 3: 1 Chapter 3: Foundations of Computer Security Chapter 3: 2 Agenda Security strategies Prevention detection reaction Security objectives Confidentiality

553 views • 39 slides
CSE 543 - Computer Security Lecture 12 - MAC Security October 4, 2007 URL:

CSE 543 - Computer Security Lecture 12 - MAC Security October 4, 2007 URL:

CSE 543 - Computer Security Lecture 12 - MAC Security October 4, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 Mandatory Access Control Is about administration

462 views • 19 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #13 Oct 11 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Announcements Quiz #2 later today Allocate last 30 mins No Class

488 views • 30 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #25 Dec 1 st 2005 CSCI 6268/TLEN 5831, Fall 2005 Announcements Remainder of the semester: Quiz #3 is Today 40 mins

414 views • 20 slides
Session Kathy Cooke Overview of Myself IT Security &amp; Infrastructure Specialist with

Session Kathy Cooke Overview of Myself IT Security &amp; Infrastructure Specialist with

Student Session Kathy Cooke Overview of Myself IT Security &amp; Infrastructure Specialist with Huxley Global Investment Banks, Proprietary Trading Firms, Hedge Funds, Insurance companies, IT Vendors &amp; more Client and Candidate

563 views • 22 slides
Computer Audio Recorded Interviewing (CARI): Experience Implementing the New Blaise Capability

Computer Audio Recorded Interviewing (CARI): Experience Implementing the New Blaise Capability

Computer Audio Recorded Interviewing (CARI): Experience Implementing the New Blaise Capability Rick Dulaney and Wendy Hicks, Westat y y CARI: What and Why CARI: What and Why CARI Elements CARI Elements Collection Management

334 views • 14 slides
Survey Use &amp; Design SE 350 Software Processes &amp; Product Quality Customer Satisfaction

Survey Use &amp; Design SE 350 Software Processes &amp; Product Quality Customer Satisfaction

Survey Use &amp; Design SE 350 Software Processes &amp; Product Quality Customer Satisfaction Surveys Random sampling for large customer base. May stratify: group according to criteria. Formulae for sample size to get statistical

528 views • 11 slides
Interim results for six months ended 30 September 2004 18 November 2004 Introduction Sir Victor

Interim results for six months ended 30 September 2004 18 November 2004 Introduction Sir Victor

Interim results for six months ended 30 September 2004 18 November 2004 Introduction Sir Victor Blank Chairman Agenda Financial review David Tyler Operational review John Peace Argos Retail Group Terry Duddy Q&amp;A Financial review

967 views • 68 slides
CSE 140: Components and Design Techniques for Digital Systems Lecture 10: Sequential Networks:

CSE 140: Components and Design Techniques for Digital Systems Lecture 10: Sequential Networks:

CSE 140: Components and Design Techniques for Digital Systems Lecture 10: Sequential Networks: Timing and Retiming CK Cheng Dept. of Computer Science and Engineering University of California, San Diego 1 Timing Motivation Gate

576 views • 46 slides
Pioneering Digital Physical Therapy Remote Monitoring Health Solutions for Physical Therapy PT

Pioneering Digital Physical Therapy Remote Monitoring Health Solutions for Physical Therapy PT

Pioneering Digital Physical Therapy Remote Monitoring Health Solutions for Physical Therapy PT Genie LLC Company Confidential. Do not share, forward or copy without permission. What is Digital Health? Remote Patient Telehealth Monitoring PT

248 views • 21 slides
Advanced NLU &amp; Dialog Models Ling575 Spoken Dialog Systems April 21, 2016 Roadmap

Advanced NLU &amp; Dialog Models Ling575 Spoken Dialog Systems April 21, 2016 Roadmap

Advanced NLU &amp; Dialog Models Ling575 Spoken Dialog Systems April 21, 2016 Roadmap Advanced NLU Advanced Dialog Models Information State Models Statistical Dialog Models Learning Probabilistic Slot Filling

627 views • 60 slides
Mechanisms of Meaning Autumn 2010 Raquel Fernndez Institute for Logic, Language &amp;

Mechanisms of Meaning Autumn 2010 Raquel Fernndez Institute for Logic, Language &amp;

Mechanisms of Meaning Autumn 2010 Raquel Fernndez Institute for Logic, Language &amp; Computation University of Amsterdam Raquel Fernndez MOM2010 1 Plan for Today Dialogue and language acquisition. Presentation by Irma

317 views • 17 slides

More recommend