Presentation is loading. Please wait.

Presentation is loading. Please wait.

Advanced System Security

Published byAngela McDonald Modified over 5 years ago

Similar presentations

Presentation on theme: "Advanced System Security"— Presentation transcript:

1 Advanced System Security
Dr. Wayne Summers Department of Computer Science Columbus State University

2 Chapter 4: Security Policies
A security policy is a statement that partitions the states of a system into a set of authorized, or secure, states and a set of unauthorized or nonsecure, states. A secure system is a system that starts in an authorized state and cannot enter an unauthorized state. A breach of security occurs when a system enters an unauthorized state. Information is confidential with respect to a set of entities if none of the entities can obtain any of the information. Information has the property of integrity with respect to a set of entities if all of the entities trust the information.

3 Security Policies Information has the property of availability with respect to a set of entities if all of the entities can access the information. A security mechanism is an entity or procedures that enforces some part of the security policy. A security model is a model that represents a particular policy or set of policies.

4 4.2 Types of Security Policies
A military security policy (governmental security policy) is a security policy developed primarily to provide confidentiality. A commercial security policy is a security policy developed primarily to provide integrity. [transaction- oriented integrity security policy] A confidentiality policy deals only with confidentiality. An integrity policy deals only with integrity.

5 4.3 The Role of Trust “When someone understands the assumptions her security policies, mechanisms, and procedures rest on, she will have a good understanding of how effective those policies, mechanisms, and procedures are.” Example: what really happens when you install a “security” patch?

6 4.4 Types of Access Control
Discretionary access control (DAC) [identity-based access control (IBAC)] – user can set an access control mechanism to allow or deny access to an object Mandatory access control (MAC) [rule-based access control] – system mechanism controls access to an object and an individual cannot alter that access. An originator controlled access control (ORCON, ORGCON) bases access on the creator of an object (or the information it contains).

7 4.5 Example: Academic Computer Security Policy
General University Policy (Acceptable Use Policy (AUP) Electronic Mail Policy Summary Full Policy Implementation See Chapter 35

Download ppt "Advanced System Security"

Similar presentations

1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.

1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.

Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.

Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.

Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
April 13, 2004ECS 235Slide #1 Expressive Power How do the sets of systems that models can describe compare? –If HRU equivalent to SPM, SPM provides more.

April 13, 2004ECS 235Slide #1 Expressive Power How do the sets of systems that models can describe compare? –If HRU equivalent to SPM, SPM provides more.
6/18/2015 6:46 AM Lecture 3: History and Policy James Hook CS 591: Introduction to Computer Security.

6/18/2015 6:46 AM Lecture 3: History and Policy James Hook CS 591: Introduction to Computer Security.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #4-1 Chapter 4: Security Policies Overview The nature of policies –What they.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #4-1 Chapter 4: Security Policies Overview The nature of policies –What they.
Chapter 6: Integrity Policies Overview Requirements Biba’s models Clark-Wilson model Introduction to Computer Security ©2004 Matt Bishop.

Chapter 6: Integrity Policies Overview Requirements Biba’s models Clark-Wilson model Introduction to Computer Security ©2004 Matt Bishop.
1 Security Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 15, 2004.

1 Security Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 15, 2004.
CMSC 414 Computer (and Network) Security Lecture 10 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 10 Jonathan Katz.
6/30/2015 5:58 PM Lecture 3: Policy James Hook CS 591: Introduction to Computer Security.

6/30/2015 5:58 PM Lecture 3: Policy James Hook CS 591: Introduction to Computer Security.
User Domain Policies.

User Domain Policies.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #6-1 Chapter 6: Integrity Policies Overview Requirements Biba’s models Clark-Wilson.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #6-1 Chapter 6: Integrity Policies Overview Requirements Biba’s models Clark-Wilson.
7/15/2015 7:56 AM Lecture 3: Policy James Hook CS 591: Introduction to Computer Security.

7/15/2015 7:56 AM Lecture 3: Policy James Hook CS 591: Introduction to Computer Security.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
1 September 14, 2006 Lecture 3 IS 2150 / TEL 2810 Introduction to Security.

1 September 14, 2006 Lecture 3 IS 2150 / TEL 2810 Introduction to Security.
Security Policy What is a security policy? –Defines what it means for a system to be secure Formally: Partition system into –Secure (authorized) states.

Security Policy What is a security policy? –Defines what it means for a system to be secure Formally: Partition system into –Secure (authorized) states.
1 IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 6 Oct 2-9, 2013 Security Policies Confidentiality Policies.

1 IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 6 Oct 2-9, 2013 Security Policies Confidentiality Policies.
Cryptography, Authentication and Digital Signatures

Cryptography, Authentication and Digital Signatures

Similar presentations

Ads by Google