Presentation is loading. Please wait.

Presentation is loading. Please wait.

G53SEC 1 Access Control principals, objects and their operations.

Published byAshley Maxwell Modified over 8 years ago

Similar presentations

Presentation on theme: "G53SEC 1 Access Control principals, objects and their operations."— Presentation transcript:

1 G53SEC 1 Access Control principals, objects and their operations

2 G53SEC Overview of Today’s Lecture: Authentication and Authorisation Access Operations Ownership Access Control Structures Access Control Matrix Capabilities Access Control List Intermediate Controls 2

3 G53SEC Background: Logged on Protect your files Some are private and some public Language needed to express this Mechanisms needed to enforce it 3

4 G53SEC Authentication and Authorisation: Subject/Principal - an active entity Object - being accessed Access operation Reference monitor – grants or denies access 4 principal operation reference monitor object

5 G53SEC continued… Access Control - 2 steps Authentication – who requested access? Authorisation – who is allowed to access x? Subject – operates on behalf of principals (human users) Principal – a name associated with a subject 5

6 G53SEC Principal vs. Subject: Principal - “An entity that can be granted access to objects or can make statements affecting access control decisions” e.g. user identity in an OS - when discussing security policies Subject – “An active entity within an IT system” e.g. process running under a user identity - when discussing operational systems enforcing policies 6

7 G53SEC Subject vs. Object: Object – files or resources (memory, printers, etc…) Not a clear distinction between the two Subjects and Objects merely distinguish between the active and passive party in an access request Two options of focusing control: what a subject is allowed to do what may be done with an object 7

8 G53SEC Access Operations: from reading and writing to method calls various systems use different access operations sometimes similar operations have different meanings Access Modes Observe – look at contents of an object Alter – change contents of an object 8

9 G53SEC Access Operations: Access Rights – Bell-LaPadula model execute, read, append, write operates on files only Access Attributes – Multics OS distinguishes between data and directory access attributes write = append (Bell-LaPadula) 9

10 G53SEC Continued… Unix read – reading from a file / list contents of dir write – writing to a file / create, rename file in dir execute – executing a (program) file/ search dir Windows - (standard permissions) read control delete write DACL (modify access control list) write owner (modify owner of a resource) synchronise 10

11 G53SEC Ownership: Who is in charge of setting security policies? Owner can be defined for each resource Owner decides who gets access (discretionary policy) or A system wide policy (mandatory policy) Most OSs support the concept of ownership 11

12 G53SEC Access Control Structures: Help express access control policy A way to check that policy is captured correctly Access Control Matrix Capabilities Access Control Lists 12

13 G53SEC Access Control Matrix: Access rights defined individually for each combination of subject and object An abstract concept Not very suitable direct implementation Not very scalable 13 Marks.docEdit.exeGame.exe Alice-{execute}{execute, read} Bill{read, write}{execute}{execute, read, write}

14 G53SEC Capabilities: Access rights kept with subject or object Every subject is given a capability Capability – an un-forgeable token specifying the subject’s access rights Corresponds to a row in a an access control matrix e.g. Alice’s capability: edit.exe: execute, game.exe: execute, read; 14

15 G53SEC Capabilities: Typically associated with discretionary access control Subject can pass on its capabilities Not a widely used security mechanism Difficult to get an overview of permissions of an object Difficult to revoke capability 15

16 G53SEC Access Control List (ACL): Access rights to an object stored with the object itself Corresponds to the column of access control matrix e.g. ACL for edit.exe: Alice: execute; Bill: execute; Management of individual subjects cumbersome Groups – derive access rights from user’s group In Unix – user, group and others 16

17 G53SEC continued… Good for managing access to objects Overview of permissions given to users difficult Summary Managing access control - complex in large systems Tedious and error prone Subject - or Object-only based access control limited 17

18 G53SEC Intermediate Controls: Problems of complexity solved by indirection Groups Negative Permissions Privileges Role-Based Access Control Protection Rings 18

19 G53SEC Groups: Users with similar access rights collected in groups Groups are given permissions to access objects 19 u1u1 u2u2 u3u3 o1o1 o2o2 o3o3 g1 users groups objects

20 G53SEC Negative Permission: An access operation a user is not allowed to perform Policy conflict – negative permission contradicts the positive one – resolved by reference monitor 20 u1u1 u2u2 u3u3 o1o1 o2o2 o3o3 g1 users groups objects

21 G53SEC Privileges: Collection of rights to execute certain operations An intermediate layer between subjects and operations Associated with operating system functions Activities such as administration, backup, network access 21

22 G53SEC Role-Based Access Control (RBAC): Privileges come predefined with OS A Role - Collection of application specific operations Subjects derive access rights from the role they perform RBAC focuses on users and jobs they perform 22

23 G53SEC continued… Layers (between subject and objects): Roles – collection of procedures, assigned to users Procedures – high level access control methods Datatypes – each object of certain data type 23

24 G53SEC Protection Rings: Hardware based access control Each subject and object assigned a number depending on importance Decision made by comparing subject’s and object’s numbers 24 0 1 2 0 3 0 – operating system kernel 1 – operating system 2 – utilities 3 – user processes

25 G53SEC 25 Summary: Access Control Its structures Next Lecture Enforcing Access Control

26 G53SEC End 26

Download ppt "G53SEC 1 Access Control principals, objects and their operations."

Similar presentations

1 Access Control. 2 Objects and Subjects A multi-user distributed computer system offers access to objects such as resources (memory, printers), data.

1 Access Control. 2 Objects and Subjects A multi-user distributed computer system offers access to objects such as resources (memory, printers), data.
CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.
Access Control Methodologies

Access Control Methodologies
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.
Bilkent University Department of Computer Engineering

Bilkent University Department of Computer Engineering
CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 14: Protection.
CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.
1 CSE 380 Computer Operating Systems Instructor: Insup Lee and Dianna Xu University of Pennsylvania Fall 2003 Lecture Note: Protection Mechanisms.

1 CSE 380 Computer Operating Systems Instructor: Insup Lee and Dianna Xu University of Pennsylvania Fall 2003 Lecture Note: Protection Mechanisms.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 4: Access Control.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 4: Access Control.
Chapter 14: Protection.

Chapter 14: Protection.
Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.

Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.
Lecture 7 Access Control

Lecture 7 Access Control
Distributed Computer Security 8.2 Discretionary Access Control Models - Sai Phalgun Tatavarthy.

Distributed Computer Security 8.2 Discretionary Access Control Models - Sai Phalgun Tatavarthy.
Present by Napasakorn Sukjay Poom Samaharn

Present by Napasakorn Sukjay Poom Samaharn
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.
Authentication and authorization Access control consists of two steps, authentication and authorization. Subject Do operation Reference monitor Object.

Authentication and authorization Access control consists of two steps, authentication and authorization. Subject Do operation Reference monitor Object.

Similar presentations

Ads by Google