Presentation is loading. Please wait.

Presentation is loading. Please wait.

OM-AM and RBAC Ravi Sandhu * www.list.gmu.edu Laboratory for Information Security Technology (LIST) George Mason University.

Similar presentations


Presentation on theme: "OM-AM and RBAC Ravi Sandhu * www.list.gmu.edu Laboratory for Information Security Technology (LIST) George Mason University."— Presentation transcript:

1 OM-AM and RBAC Ravi Sandhu * Laboratory for Information Security Technology (LIST) George Mason University

2 2 THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance

3 3 OM-AM AND MANDATORY ACCESS CONTROL (MAC) What? How? No information leakage Lattices (Bell-LaPadula) Security kernel Security labels AssuranceAssurance

4 4 OM-AM AND DISCRETIONARY ACCESS CONTROL (DAC) What? How? Owner-based discretion numerous ACLs, Capabilities, etc AssuranceAssurance

5 5 OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC) What? How? Objective neutral RBAC96, ARBAC97, etc. user-pull, server-pull, etc. certificates, tickets, PACs, etc. AssuranceAssurance

6 6 Server-Pull Architecture ClientServer User-role Authorization Server

7 7 User-Pull Architecture ClientServer User-role Authorization Server

8 8 Proxy-Based Architecture ClientServer Proxy Server User-role Authorization Server


Download ppt "OM-AM and RBAC Ravi Sandhu * www.list.gmu.edu Laboratory for Information Security Technology (LIST) George Mason University."

Similar presentations


Ads by Google