overview
play

Overview Access control lists Capability lists Locks and keys - PowerPoint PPT Presentation

Jun 28, 2023 •417 likes •1.24k views

Overview Access control lists Capability lists Locks and keys Rings-based access control Propagated access control lists May 31, 2005 ECS 235, Computer and Information Slide #1 Security Access Control Lists Columns

  1. Overview • Access control lists • Capability lists • Locks and keys • Rings-based access control • Propagated access control lists May 31, 2005 ECS 235, Computer and Information Slide #1 Security

  2. Access Control Lists • Columns of access control matrix file1 file2 file3 Andy rx r rwo Betty rwxo r Charlie rx rwo w ACLs: • file1: { (Andy, rx) (Betty, rwxo) (Charlie, rx) } • file2: { (Andy, r) (Betty, r) (Charlie, rwo) } • file3: { (Andy, rwo) (Charlie, w) } May 31, 2005 ECS 235, Computer and Information Slide #2 Security

  3. Default Permissions • Normal: if not named, no rights over file – Principle of Fail-Safe Defaults • If many subjects, may use groups or wildcards in ACL – UNICOS: entries are ( user , group , rights ) • If user is in group , has rights over file • ‘*’ is wildcard for user , group – (holly, *, r): holly can read file regardless of her group – (*, gleep, w): anyone in group gleep can write file May 31, 2005 ECS 235, Computer and Information Slide #3 Security

  4. Abbreviations • ACLs can be long … so combine users – UNIX: 3 classes of users: owner, group, rest – rwx rwx rwx rest group owner – Ownership assigned based on creating process • Some systems: if directory has setgid permission, file group owned by group of directory (SunOS, Solaris) May 31, 2005 ECS 235, Computer and Information Slide #4 Security

  5. ACLs + Abbreviations • Augment abbreviated lists with ACLs – Intent is to shorten ACL • ACLs override abbreviations – Exact method varies • Example: IBM AIX – Base permissions are abbreviations, extended permissions are ACLs with user, group – ACL entries can add rights, but on deny, access is denied May 31, 2005 ECS 235, Computer and Information Slide #5 Security

  6. Permissions in IBM AIX attributes: base permissions owner(bishop): rw- group(sys): r— others: —- extended permissions enabled specify rw- u:holly permit -w- u:heidi, g=sys permit rw- u:matt deny -w- u:holly, g=faculty May 31, 2005 ECS 235, Computer and Information Slide #6 Security

  7. ACL Modification • Who can do this? – Creator is given own right that allows this – System R provides a grant modifier (like a copy flag) allowing a right to be transferred, so ownership not needed • Transferring right to another modifies ACL May 31, 2005 ECS 235, Computer and Information Slide #7 Security

  8. Privileged Users • Do ACLs apply to privileged users ( root )? – Solaris: abbreviated lists do not, but full-blown ACL entries do – Other vendors: varies May 31, 2005 ECS 235, Computer and Information Slide #8 Security

  9. Groups and Wildcards • Classic form: no; in practice, usually – AIX: base perms gave group sys read only permit -w- u:heidi, g=sys line adds write permission for heidi when in that group – UNICOS: • holly : gleep : r – user holly in group gleep can read file • holly : * : r – user holly in any group can read file • * : gleep : r – any user in group gleep can read file May 31, 2005 ECS 235, Computer and Information Slide #9 Security

  10. Conflicts • Deny access if any entry would deny access – AIX: if any entry denies access, regardless or rights given so far , access is denied • Apply first entry matching subject – Cisco routers: run packet through access control rules (ACL entries) in order; on a match, stop, and forward the packet; if no matches, deny • Note default is deny so honors principle of fail-safe defaults May 31, 2005 ECS 235, Computer and Information Slide #10 Security

  11. Handling Default Permissions • Apply ACL entry, and if none use defaults – Cisco router: apply matching access control rule, if any; otherwise, use default rule (deny) • Augment defaults with those in the appropriate ACL entry – AIX: extended permissions augment base permissions May 31, 2005 ECS 235, Computer and Information Slide #11 Security

  12. Revocation Question • How do you remove subject’s rights to a file? – Owner deletes subject’s entries from ACL, or rights from subject’s entry in ACL • What if ownership not involved? – Depends on system – System R: restore protection state to what it was before right was given • May mean deleting descendent rights too … May 31, 2005 ECS 235, Computer and Information Slide #12 Security

  13. Windows NT ACLs • Different sets of rights – Basic: read, write, execute, delete, change permission, take ownership – Generic: no access, read (read/execute), change (read/write/execute/delete), full control (all), special access (assign any of the basics) – Directory: no access, read (read/execute files in directory), list, add, add and read, change (create, add, read, execute, write files; delete subdirectories), full control, special access May 31, 2005 ECS 235, Computer and Information Slide #13 Security

  14. Accessing Files • User not in file’s ACL nor in any group named in file’s ACL: deny access • ACL entry denies user access: deny access • Take union of rights of all ACL entries giving user access: user has this set of rights over file May 31, 2005 ECS 235, Computer and Information Slide #14 Security

  15. Capability Lists • Rows of access control matrix file1 file2 file3 Andy rx r rwo Betty rwxo r Charlie rx rwo w C-Lists: • Andy: { (file1, rx) (file2, r) (file3, rwo) } • Betty: { (file1, rwxo) (file2, r) } • Charlie: { (file1, rx) (file2, rwo) (file3, w) } May 31, 2005 ECS 235, Computer and Information Slide #15 Security

  16. Semantics • Like a bus ticket – Mere possession indicates rights that subject has over object – Object identified by capability (as part of the token) • Name may be a reference, location, or something else – Architectural construct in capability-based addressing; this just focuses on protection aspects • Must prevent process from altering capabilities – Otherwise subject could change rights encoded in capability or object to which they refer May 31, 2005 ECS 235, Computer and Information Slide #16 Security

  17. Implementation • Tagged architecture – Bits protect individual words • B5700: tag was 3 bits and indicated how word was to be treated (pointer, type, descriptor, etc .) • Paging/segmentation protections – Like tags, but put capabilities in a read-only segment or page • CAP system did this – Programs must refer to them by pointers • Otherwise, program could use a copy of the capability—which it could modify May 31, 2005 ECS 235, Computer and Information Slide #17 Security

  18. Implementation ( con’t ) • Cryptography – Associate with each capability a cryptographic checksum enciphered using a key known to OS – When process presents capability, OS validates checksum – Example: Amoeba, a distributed capability-based system • Capability is ( name , creating_server , rights , check_field ) and is given to owner of object • check_field is 48-bit random number; also stored in table corresponding to creating_server • To validate, system compares check_field of capability with that stored in creating_server table • Vulnerable if capability disclosed to another process May 31, 2005 ECS 235, Computer and Information Slide #18 Security

  19. Amplifying • Allows temporary increase of privileges • Needed for modular programming – Module pushes, pops data onto stack module stack … endmodule. – Variable x declared of type stack var x: module; – Only stack module can alter, read x • So process doesn’t get capability, but needs it when x is referenced—a problem! – Solution: give process the required capabilities while it is in module May 31, 2005 ECS 235, Computer and Information Slide #19 Security

  20. Examples • HYDRA: templates – Associated with each procedure, function in module – Adds rights to process capability while the procedure or function is being executed – Rights deleted on exit • Intel iAPX 432: access descriptors for objects – These are really capabilities – 1 bit in this controls amplification – When ADT constructed, permission bits of type control object set to what procedure needs – On call, if amplification bit in this permission is set, the above bits or’ed with rights in access descriptor of object being passed May 31, 2005 ECS 235, Computer and Information Slide #20 Security

  21. Revocation • Scan all C-lists, remove relevant capabilities – Far too expensive! • Use indirection – Each object has entry in a global object table – Names in capabilities name the entry, not the object • To revoke, zap the entry in the table • Can have multiple entries for a single object to allow control of different sets of rights and/or groups of users for each object – Example: Amoeba: owner requests server change random number in server table • All capabilities for that object now invalid May 31, 2005 ECS 235, Computer and Information Slide #21 Security

  22. Limits • Problems if you don’t control copying of capabilities Heidi (High) Heidi (High) C-List C-List r*lough r*lough Lough (Low) Lough (Low) rw*lough rw*lough rw*lough Lou (Low) Lou (Low) C-List C-List rw*lough rw*lough The capability to write file lough is Low, and Heidi is High so she reads (copies) the capability; now she can write to a Low file, violating the *-property! May 31, 2005 ECS 235, Computer and Information Slide #22 Security

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

OVERVIEW PRESENTATION / 1 OVERVIEW PRESENTATION / 1 SF park overview OVERVIEW PRESENTATION / 2

OVERVIEW PRESENTATION / 1 OVERVIEW PRESENTATION / 1 SF park overview OVERVIEW PRESENTATION / 2

OVERVIEW PRESENTATION / 1 OVERVIEW PRESENTATION / 1 SF park overview OVERVIEW PRESENTATION / 2 Coin and card meters OVERVIEW PRESENTATION / 3 Making garages work better OVERVIEW PRESENTATION / 4 User interface and customer experience OVERVIEW

1.3k views • 24 slides
OVERVIEW PRESENTATION / 1 OVERVIEW PRESENTATION / 1 Acknowledgements OVERVIEW PRESENTATION / 2 SF

OVERVIEW PRESENTATION / 1 OVERVIEW PRESENTATION / 1 Acknowledgements OVERVIEW PRESENTATION / 2 SF

OVERVIEW PRESENTATION / 1 OVERVIEW PRESENTATION / 1 Acknowledgements OVERVIEW PRESENTATION / 2 SF park overview OVERVIEW PRESENTATION / 3 Coin and card meters OVERVIEW PRESENTATION / 4 Improving the customer experience at garages OVERVIEW

567 views • 25 slides
GSM System Overview GSM System Overview GSM System Overview GSM System Overview Phone Lin

GSM System Overview GSM System Overview GSM System Overview GSM System Overview Phone Lin

National Taiwan University Department of Computer Science and Information Engineering GSM System Overview GSM System Overview GSM System Overview GSM System Overview Phone Lin Phone Lin Ph.D. Ph.D. Email: plin@csie.ntu.edu.tw Email:

686 views • 41 slides
i c r o g u a r d s OVERVIEW The m i c r o g u a r d BIOFUELS s OVERVIEW

i c r o g u a r d s OVERVIEW The m i c r o g u a r d BIOFUELS s OVERVIEW

LGE UNICAMP The m i c r o g u a r d s OVERVIEW The m i c r o g u a r d BIOFUELS s OVERVIEW The m i c r o g u a r d ETHANOL s OVERVIEW The m i c Ideal conditions r o g Costs-benefits u a r d

1.39k views • 59 slides
Football First Aid: Football First Aid: An Overview An Overview Steven Richmond 95#

Football First Aid: Football First Aid: An Overview An Overview Steven Richmond 95#

Football First Aid: Football First Aid: An Overview An Overview Steven Richmond 95# Commissioner --BRYC Firefighter II, EMT-B, HTR & HZMT Tech City of Alexandria Fire and EMS Overview Overview Hyperthermia (Heat Related Injuries)

2.61k views • 31 slides
1 Corporate Overview Transaction 1 Corporate Overview Overview of Libre Group Structure

1 Corporate Overview Transaction 1 Corporate Overview Overview of Libre Group Structure

1 Corporate Overview Transaction 1 Corporate Overview Overview of Libre Group Structure Industry Business Model Hotels Overview Disclaimer This presentation does not constitute, or form any part of any offer for sale or subscription

808 views • 32 slides
HabaPalooza T EA M HYPERION COM M 362 A PRIL 29 T H 201 2 Overview Team Overview

HabaPalooza T EA M HYPERION COM M 362 A PRIL 29 T H 201 2 Overview Team Overview

HabaPalooza T EA M HYPERION COM M 362 A PRIL 29 T H 201 2 Overview Team Overview Project Overview Analysis Active Experimentation Question & Answer Team Overview Our Logo Our Tagline Our Mission Statement

1.09k views • 15 slides
Outbound Logistics Overview 1 Outbound Logistics Overview Outbound Overview Four

Outbound Logistics Overview 1 Outbound Logistics Overview Outbound Overview Four

Outbound Logistics Overview 1 Outbound Logistics Overview Outbound Overview Four Dedicated Outbound Carriers MPF Meijer Private Fleet 111 stores serviced in Michigan, northern Ohio, and Indiana. NTB Nationwide Truck

865 views • 15 slides
HabaPalooza T E A M H Y P E R I O N C O M M 3 6 2 A P R I L 2 9 TH 2 0 1 2 Overview Team

HabaPalooza T E A M H Y P E R I O N C O M M 3 6 2 A P R I L 2 9 TH 2 0 1 2 Overview Team

HabaPalooza T E A M H Y P E R I O N C O M M 3 6 2 A P R I L 2 9 TH 2 0 1 2 Overview Team Overview Project Overview Analysis Active Experimentation Question & Answer Team Overview Our Logo Our Tagline Our

934 views • 15 slides
An overview to Maltese An overview to Maltese An overview to Maltese An overview to Maltese

An overview to Maltese An overview to Maltese An overview to Maltese An overview to Maltese

An overview to Maltese An overview to Maltese An overview to Maltese An overview to Maltese Agriculture Agriculture Agriculture characteristics S mall holdings L imited resources and L and Fragmentation. 2 Maltese agriculture in figures

1.04k views • 15 slides
Library Conversations: Talking with Users University of Rochester Overview Overview Used

Library Conversations: Talking with Users University of Rochester Overview Overview Used

Rebecca Bichel December 7, 2007 Library Conversations: Talking with Users University of Rochester Overview Overview Used anthropological & ethnographic Overview Overview methods Guiding research question: What do students

941 views • 44 slides
.NET Overview Objectives Introduce .NET overview languages libraries

.NET Overview Objectives Introduce .NET overview languages libraries

.NET Overview Objectives Introduce .NET overview languages libraries development and execution model Examine simple C# program 2 .NET Overview .NET is a sweeping marketing term for a family of products

388 views • 23 slides
1 Overview Overview Regional demographic overview Regional demographic overview Workforce

1 Overview Overview Regional demographic overview Regional demographic overview Workforce

1 Overview Overview Regional demographic overview Regional demographic overview Workforce supply analysis Regional demand for workers i l d d f k Balancing supply and demand Reviewing key cluster trends Key challenges

533 views • 39 slides
EZ Overview EZ Overview The Rapid Development Platform p p Muse EZ is a

EZ Overview EZ Overview The Rapid Development Platform p p Muse EZ is a

EZ Overview EZ Overview The Rapid Development Platform p p Muse EZ is a registered trademark of Future Designs, Inc . 1 Overview What is EZ? EZ RTOS Engine EZ Four Tier Hierarchy Reusable HAL and Device

600 views • 32 slides
Overview of the Reconstruction Overview of the Reconstruction Overview of Some Legal Issues

Overview of the Reconstruction Overview of the Reconstruction Overview of Some Legal Issues

Overview of the Reconstruction Overview of the Reconstruction Overview of Some Legal Issues Related to Puerto Ricos Debt Restructuring by Sergio M. Marxuach Center for a New Economy February 25, 2020 CNE Puerto Ricos Think Tank

347 views • 13 slides
Overview & Development Table of Contents 1 Simon Owen, CEO Business Overview

Overview & Development Table of Contents 1 Simon Owen, CEO Business Overview

2018 Investor Tour INGENIA COMMUNITIES GROUP Overview & Development Table of Contents 1 Simon Owen, CEO Business Overview Guidance Update Development Overview Latitude One Overview 2 Craig Shepherd, Project

247 views • 22 slides
Th The e Bo Boom omeran erang g EF EFFEC FECT Using Session Puzzling to Attack Apps from

Th The e Bo Boom omeran erang g EF EFFEC FECT Using Session Puzzling to Attack Apps from

Th The e Bo Boom omeran erang g EF EFFEC FECT Using Session Puzzling to Attack Apps from the Backend Shay Chen, CTO @sectooladdict Hacktics ASC, Ernst & Young November 22 nd , 2013 About Formerly a boutique company that

714 views • 67 slides
thin clients: thin clients: back to the future back to the future <Jason Nieh>

thin clients: thin clients: back to the future back to the future <Jason Nieh>

thin clients: thin clients: back to the future back to the future <Jason Nieh> nieh@cs.columbia.edu <Jason Nieh> nieh@cs.columbia.edu Computers in the future may weigh no more than 1.5 tons. a Popular Mechanics editorial

837 views • 82 slides
Statistical Zaps and New Oblivious Transfer Protocols Vipul Goyal Abhishek Jain Zhengzhong Jin

Statistical Zaps and New Oblivious Transfer Protocols Vipul Goyal Abhishek Jain Zhengzhong Jin

1 Statistical Zaps and New Oblivious Transfer Protocols Vipul Goyal Abhishek Jain Zhengzhong Jin Giulio Malavolta Carnegie Mellon University Carnegie Mellon Johns Hopkins Johns Hopkins University of California, University University

1.66k views • 128 slides
Web Application Pentesting mit OpenSource-Werkzeugen Christian Schneider | @cschneider4711

Web Application Pentesting mit OpenSource-Werkzeugen Christian Schneider | @cschneider4711

Frankfurter Entwicklertag 2017 Web Application Pentesting mit OpenSource-Werkzeugen Christian Schneider | @cschneider4711 CHRISTIAN SCHNEIDER Christian Schneider @cschneider4711 Developer, Whitehat Hacker & Trainer Focus on Java

1.17k views • 94 slides
The Rapid Charging Fund and the future of MSAs: A discussion on how industry can support the

The Rapid Charging Fund and the future of MSAs: A discussion on how industry can support the

The Rapid Charging Fund and the future of MSAs: A discussion on how industry can support the Governments vision for 6,000 rapid charge points at MSAs by 2035, and debate on how the 500m Rapid Charging Fund should be utilised 16 th June

506 views • 31 slides
What is Rugged all about? Matt Konda He would want me to tell you Software is eating

What is Rugged all about? Matt Konda He would want me to tell you Software is eating

What is Rugged all about? Matt Konda He would want me to tell you Software is eating the world. DevOps and Security is a rare opportunity. Makes security positive, cultural+ Show the Rugged Manifesto Honey Badger =

1.74k views • 124 slides
BurpSentinel Burp Extension Dobin Rutishauser Compass Security Schweiz AG bsidesvienna 2014

BurpSentinel Burp Extension Dobin Rutishauser Compass Security Schweiz AG bsidesvienna 2014

BurpSentinel Burp Extension Dobin Rutishauser Compass Security Schweiz AG bsidesvienna 2014 Version 0.4, 2014 Intro Uhm, welcome to bsides i guess? Glad you could make it this early! I hope everyone had his/her coffee Or wine

1.47k views • 128 slides
Introduction to R Load the R package by double-clicking the R icon. After some preliminary

Introduction to R Load the R package by double-clicking the R icon. After some preliminary

Introduction to R Load the R package by double-clicking the R icon. After some preliminary messages, youll see the prompt. > To see some demos, type > demo() A demo window will open up Click back on the console window, and type

650 views • 41 slides

More recommend