Download presentation
Presentation is loading. Please wait.
Published byNikolas Busch Modified over 6 years ago
1
YBS 4004 Konu: Erişim Yetkilendirme / Kimlik Doğrulama, vb. Kontroller ve Mekanizmalar
2
What is access control? Access control (Erişim Kontrolü) is the heart of security Definitions: The ability to allow only authorized users, programs or processes system or resource access The granting or denying, according to a particular security model, of certain permissions to access a resource An entire set of procedures performed by hardware, software and administrators, to monitor access, identify users requesting access, record access attempts, and grant or deny access based on rules.
3
I A A A IDENTIFICATION AUTHENTICATION AUTHORIZATION ACCOUNTABILITY
4
IDENTIFICATION (Kimlik Tanımlama)
Identification is the process by which a subject professes an identity and Accountability (Hesap sorulabilirlik) is initiated.
5
AUTHENTICATION (Kimlik Doğrulama)
Authentication is the process of verifying or testing that the claimed Identity is valid. Authentication requires that the subject provide additional information that must exactly correspond to the identity indicated.
6
AUTHORIZATION (Yetkilendirme)
Authorization ensures that the requested activity or object access is possible given the rights and privileges assigned to the authenticated identity.
7
ACCOUNTABILITY (Hesap Sorulabilirlik / Mesuliyet / İzlenebilirlik)
Accountability is basically loggging, recording, monitoring, reporting evertything in a reliable, legal, secure, trusted, assured manner. It starts from the very beginning (Identification) and goes on throughout the whole access control processes & any type of actions. In other words, security can only be maintained if subjects (user, etc) are held accountable for their actions. Thus, accountability builds on the concepts of identification, authentication, authorization, access control, and auditing.
8
Use & implement “IAAA” of Access Control so as to provide
Note that: Use & implement “IAAA” of Access Control so as to provide “C I A” of security
9
How can AC be implemented?
Hardware Software Application Protocol (Kerberos, IPSec) Physical Logical (policies)
10
What does AC hope to protect?
Data & Information - Unauthorized viewing, modification or copying System - Unauthorized use, modification or denial of service It should be noted that nearly every network operating system (NT, Unix, Vines, NetWare) is based on a secure physical infrastructure
11
OK, recall to real world; WHY and for WHOM these IAAA technologies, standards, methods, etc ???
12
Preventive AC (access control)
Awareness training Background checks Separation of duties Split knowledge Policies Data classification Effective user registration Termination procedures Change control procedures
13
Physical access control (these physical controls below are either preventive or detective)
Guards Locks Mantraps ID badges CCTV, sensors, alarms Fences - the higher the voltage the better Guard dogs
14
Preventative Detective Administrative Policies and procedures, pre-employment background checks, strict hiring practices, employment agreements, friendly and unfriendly employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks. Polices and procedures, job rotation, sharing of responsibilities Technical Logical system controls, smart cards, bio-metrics, menu shell IDS, logging, monitoring, clipping levels Physical Restrict physical access, guards, man trap, gates Motion detectors, cameras, thermal detectors
15
Access Controls vs. privacy & legal issues
Expectation of privacy Policies Monitoring activity, Internet usage, Login banners should detail expectations of privacy and state levels of monitoring
16
Models of Access Control in Computers, Operating systems, IT systems
Discretionary (DAC) (İsteğe Bağlı) Mandatory (MAC) (Zorunlu) Role-based (Rol tabanlı) Rule-based (Kural tabanlı) Diğerleri (Context-based, Graph-based, etc.)
17
Mandatory Access Control
Assigns sensitivity levels (labels) Every object is given a sensitivity label & is accessible only to users who are cleared up to that particular level. Only the administrators, not object owners, make change the object level Generally more secure than DAC Used in systems where security is critical, i.e., military Hard to program for and configure & implement Some Unix, Linux versions, MAC, IOS (kısmen)
18
Mandatory Access Control (Continued)
Downgrade in performance Relies on the system to control access Example: If a file is classified as confidential, MAC will prevent anyone from writing secret or top secret information into that file. All output, i.e., print jobs, floppies, other magnetic media must have be labeled as to the sensitivity level
19
Mandatory Access Control (Continued)
MAC mechanisms assign a security level to all information, assign a security clearance to each user, and ensure that all users only have access to that data for which they have a clearance Individuals Resources Server 1 “Top Secret” Principle: Read Down Access equal or less Clearance Write Up Access equal or higher Clearance Server 2 “Secret” Server 3 “Classified”
20
Discretionary Access Control
Access is restricted based on the authorization granted to the user Most basic, default, well-known Least secure Prime use to separate and protect users from unauthorized data Used by Windows, Unix, Android, Linux, etc. Relies on the object owner to control access
21
Discretionary AC Application Access List Individuals Resources
Server 1 Server 3 Server 2 Name Access Tom Yes John No Cindy Yes
22
Access control lists (ACL)
A file used by the access control system to determine who may access what computer programs and files, in what method and at what time Different operating systems have different ACL terms Types of access: Read/Write/Create/Execute/Modify/Delete/Rename
23
Standard UNIX file permissions
24
Standard Windows file permissions
25
Role-based (Rol tabanlı) Access Control
A user has access to an object based on the assigned role. Roles are defined based on job functions. Permissions are defined based on job authority and responsibilities within a job function. Operations on an object are invocated based on the permissions. The object is concerned with the user’s role and not the user. Most Database Management Systems use this. Some Linux / Unix, Windows have this type also.
26
Role-Based AC Individuals Roles Resources Role 1 Role 2 Role 3
Server 1 Server 2 Server 3 Users change frequently, Roles don’t
27
Rule-based (Kural tabanlı) Access Control
Access is allowed or denied to resource objects based on a set of rules defined by a system administrator. Access properties are stored in Access Control Lists (ACL) associated with each resource object. When a particular account or group attempts to access a resource, the operating system checks the rules contained in the ACL for that object. SE-Linux, bazı diğer Unix türevleri, bazı özel veri tabanı sistemleri, Ağ Güvenlik Duvarları (Network firewalls), İçerik filtreleme sistemleri
28
Rule-based (Kural tabanlı) Access Control
Örnekler: Permitting access for an account or group to a network connection at certain hours of the day or days of the week, etc. A rule might be to allow access to an IP address but block that IP address from use of a specific port, for example port 21 commonly used for FTP, or port 23 commonly used for Telnet. A rule might be to block a specific IP address, or block all IP addresses from accessing certain applications on the network, such as or video steaming.
29
Rule-based (Kural tabanlı) Access Control
30
Rule-based (Kural tabanlı) Access Control
31
Rule-based (Kural tabanlı) Access Control
32
4 Modelin Karşılaştırması
Role
33
Authentication 3 types of authentication:
Something you know - Password, PIN, mother’s maiden name, passcode, Something you have - ATM card, smart card, token, key, ID Badge, driver license, passport Something you are - Fingerprint, voice scan, iris scan, retina scan, body odor, DNA
34
Multi-factor authentication
2-factor authentication. To increase the level of security, many systems will require a user to provide 2 of the 3 types of authentication. ATM card + PIN Credit card + signature PIN + fingerprint Username + Password (NetWare, Unix, NT default) 3-factor authentication -- For highest security Username + Password + Fingerprint Username + Passcode + SecurID token
35
ACCESS CONTROLS’ IMPLEMENTATIONS PROBLEMS & RISKS BEST-PRACTICES
36
Problems with passwords
Insecure - Given the choice, people will choose easily remembered and hence easily guessed passwords such as names of relatives, pets, phone numbers, birthdays, hobbies, etc. Easily broken - Programs such as crack, SmartPass, PWDUMP, NTCrack & l0phtcrack can easily decrypt Unix, NetWare & NT passwords. Dictionary attacks are only feasible because users choose easily guessed passwords! Inconvenient - In an attempt to improve security, organizations often issue users with computer-generated passwords that are difficult, if not impossible to remember Repudiable - Unlike a written signature, when a transaction is signed with only a password, there is no real proof as to the identity of the individual that made the transaction
37
Classic password rules
The best passwords are those that are both easy to remember and hard to crack using a dictionary attack. The best way to create passwords that fulfill both criteria is to use two small unrelated words or phonemes, ideally with a special character or number. !! DON’T EVER USE: common names, DOB, spouse, phone #, etc. word found in dictionaries password as a password systems defaults How can we use & choose strong passwords? (animation)
38
Password Attacks - Methodology
On-line Attacks Off-line Attacks
39
Password Attacks – types & tools
Brute force (online or off-line) L0phtcrack others Dictionary (online or off-line) Crack John the Ripper Trojan horse login program (online)
40
Password management Configure system to use string passwords
Set password time and lengths limits Limit unsuccessful logins Limit concurrent connections Enabled auditing How policies for password resets and changes Use last login dates in banners
41
Password management !! Don’t forget; Passwords are like
...your underwear or your toothbrush !!
46
Biometrics Authenticating a user via human characteristics
Using measurable physical characteristics of a person to prove their identification Fingerprint (ie, my notebook, live demo) signature dynamics Iris Hand geometry retina voice face DNA, blood
47
Advantages of Biometrics
Can’t be lent like a physical key or token and can’t be forgotten like a password Good compromise between ease of use, template size, cost and accuracy Basically lasts forever -- or at least until amputation or dismemberment Makes network login & authentication effortless
48
Biometric Disadvantages
Still relatively expensive per user Companies & products are often new & immature No common API or other standard Some hesitancy for user acceptance
50
Biometric privacy issues
Tracking and surveillance - Ultimately, the ability to track a person's movement from hour to hour Anonymity - Biometric links to databases could dissolve much of our anonymity when we travel and access services Profiling - Compilation of transaction data about a particular person that creates a picture of that person's travels, preferences, affiliations or beliefs
51
Practical biometric applications
Network access control Staff time and attendance tracking Authorizing financial transactions Government benefits distribution (Social Security, welfare, etc.) Verifying identities at point of sale Using in conjunction with ATM , credit or smart cards Controlling physical access to office buildings or homes Protecting personal property Prevent against kidnapping in schools, play areas, etc. Protecting children from fatal gun accidents Voting/passports/visas & immigration
52
Tokens Used to facilitate one-time passwords Physical card S/Key
Smart card Access token
54
Tokens generally implemented with 2-factor authentication
Maybe Hardware or Software SmartCards; (detailed info on next slide) Static Password (with pin) Owner Authenticates to the token Token authenticates to the system Synchronous Dynamic Password (OTP; One-Time Password); Token – generates passcode value Pin – user knows Token and Pin entered into PC Must fit in valid time window (ie, my RSA token,banks’ SMS) Asynchronous (another type of OTP); Similar to synchronous, new password is generated asynchronously, No time window Challenge Response (another type of OTP); System generates challenge string User enters into token Token generates response entered into workstation Mechanism in the workstation determines authentication
55
This diagram shows the micro-module embedded into the plastic substrate or card. Prior to embedding, a cavity is formed or milled into the plastic card. Then either a cold or hot glue process bonds the micro-module to the card.
56
Single sign-on (SSO) User has one password for all enterprise systems and applications That way, one strong password can be remembered and used All of a users accounts can be quickly created on hire, deleted on dismissal Hard to implement and get working Kerberos, CA-Unicenter, Memco Proxima, IntelliSoft SnareWorks, Tivoli Global Sign-On, x.509
57
Monitoring (IAAA - Last “A” – Accountability)
IDS Logs Audit trails Network tools
58
Banners Banners display at login or connection stating that the system is for the exclusive use of authorized users and that their activity may be monitored (ie; “router, switch, server telnet logins”, “Windows logon”, “smtp, http, etc connection response”, etc.) Not foolproof, but a good start, especially from a legal perspective Make sure that the banner does not reveal system information, i.e., OS, version, hardware, etc.
59
Rule of “least privilege”
One of the most fundamental principles of info. sec. States that: Any object (user, administrator, program, system) should have only the least privileges the object needs to perform its assigned task, and no more. An Acess Control system that grants users only those rights necessary for them to perform their work Limits exposure to attacks and the damage an attack can cause Physical security example: car ignition key vs. door key
60
Implementing least privilege
Ensure that only a minimal set of users have root access Don’t make a program run setuid to root if not needed. Rather, make file group-writable to some group and make the program run setgid to that group, rather than setuid to root Don’t run insecure programs on the firewall or other trusted host
61
Attacks to IAAA (Similar to topics we’ve covered in Week 5)
Passive attack - Monitor network traffic and then use data obtained or perform a replay attack. Hard to detect Active attack - Attacker is actively trying to break-in. Exploit system vulnerabilities Spoofing Crypto attacks Denial of service (DoS) - Not so much an attempt to gain access, rather to prevent system operation Smurf, SYN Flood, Ping of death Mail bombs
62
Vulnerabilities of IAAA and Acess Control implementations (in general)
Physical Natural Floods, earthquakes, terrorists, power outage, lightning Hardware/Software Media Corrupt electronic media, stolen disk drives Emanation Communications Human Social engineering, disgruntled staff
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.