Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Security Policies

Published byLeonard Pierce Modified over 5 years ago

Similar presentations

Presentation on theme: "Computer Security Security Policies"— Presentation transcript:

1 Computer Security Security Policies
7/24/2019

2 Security Policies We view a computer system as a finite-state machine
Definition A security policy is a statement that partitions the states of a system into a set of authorized or secure states and a set of unauthorized or nonsecure states. A secure system is a system that starts in an authorized state and cannot enter an unauthorized state. 7/24/2019

3 Example s1 s2 s3 s4 An insecure system Authorized states are s1 and s2
Unauthorized states are s3 and s4 7/24/2019

4 Security Policies Definition
A breach of security occurs when a system enters an unauthorized state. Let X be a set of entities I be some information. I has the property of confidentiality wrt X if no member of X can obtain information about I. I has the property of integrity wrt X if all members of X trust I. Let I be a resource. I has the property of availability wrt X if all member of X can access I. A security mechanism is an entity or procedure that enforces some part of a security policy. 7/24/2019

5 Types of Policies Definition
Military security policies or governmental security policies. Commercial security policies Confidentiality policies Integrity policies Transaction policies Discuss issues regarding trust. 7/24/2019

6 The role of trust The role of trust is fundamental in understanding the nature of computer security. Examples –see textbook 7/24/2019

7 Types of Access Control
Discretionary Access Control (DAC) or identity based access control. Mandatory Access Control (MAC) or rule-based access control. An originator access control (ORCON or ORGON) bases access on the creator of an object. 7/24/2019

8 Discretionary Access Control (DAC)
Access control is left to the discretion of the owner. Based on the identity of the subject. Example –see textbook 7/24/2019

9 Mandatory Access Control (MAC)
The operating system enforces mandatory access controls. Neither the subject nor even the owner can determine access control. Example –see textbook 7/24/2019

10 ORiginator access CONtrol (ORCON or ORGON)
The originator of the file (or its information) has control the dissemination of its information. Example –see textbook 7/24/2019

11 Policy languages High level policy languages: independent of the mechanisms used. Low level policy languages 7/24/2019

12 High level policy languages
Express policy constraints on entities using abstraction and are independent of the security mechanisms. This requires: An unambiguous expression of policy A mathematical or programming formulation Details: see textbook. 7/24/2019

13 Low level policy languages
A set of inputs or arguments to commands that set or check constraints on a system. For examples, see textbook. 7/24/2019

14 Security and Precision
Earlier security and precision was defined in terms of the states of the system. We said that security policies were enforced by security mechanisms and that such mechanisms were either secure, precise or broad. Let P be the set of all states, Q the set of secure states and suppose that the mechanism restricts the system to the set of states R . A security mechanism was secure if R  Q , precise if R = Q and broad if there are states such that r R and r Q . 7/24/2019

15 Security and Precision
We now consider the possibility of devising a generic procedure for developing a mechanism that is security and precise. For this, we will use programs, which will be viewed as abstract functions that “encode” the information that needs to be controlled. 7/24/2019

16 Security and Precision
Definition A program p is a function p : I1 Χ … Χ In → R. p has n inputs ij e Ij and one output r e R We say that p encodes all available information about i1,…,in (observability postulate). Example Suppose p does not alter information but merely provides a view of its inputs. A confidentiality policy seeks to control what views are available. 7/24/2019

17 Security and Precision
Definitions Let p : I1 Χ … Χ In → R. A protection mechanism m is a function m :I1Χ … ΧIn → R  E (E is an error message) for which, when ( i1,...,in ) e I1Χ … ΧIn, either a. m (i1,...,ik) = p (i1,...,ik) or b. m (i1,...,ik) e E . That is, every “legal” input to m produces either the same value as p or an error message. The set of output values of p that are excluded by m are those outputs that would impart confidential information. 7/24/2019

18 Security and Precision
Definitions A confidentiality policy for the program p :I1 Χ … Χ In → R is a function c :I1 Χ …Χ In → A, where A is a subset of I1 Χ … Χ In . Here the set A corresponds to those inputs that may be revealed. The complement of A to the confidential inputs. 7/24/2019

19 Security and Precision
Definitions Let c be a confidentiality policy for a confidentiality program p. Let m :I1 Χ··· Χ In → R  E be a security mechanism for p. The mechanism m is secure iff there is a function m’ :I1 Χ··· Χ In → R  E such that for all (i1,...,in ) eI1 Χ ··· Χ In: m (i1,...,ik) = m’(c (i1,...,ik)) . That is, given any set of inputs, the protection mechanism m returns values consistent with the stated policy c (here “secure” = “confidential” ) 7/24/2019

20 Security and Precision
Definitions Let m1, m2 protection mechanisms for program p under policy c. m1 is as precise as m2 if for all inputs (i1,...,in) : m2 (i1,...,ik) = p (i1,...,ik) ═> m1 (i1,...,ik) = p (i1,...,ik) m1 is more precise than m2 if there is an input (i1′,...,in′ ) such that : m2 (i1′,...,in′ ) = p (i1′,...,in′ ) & m1 (i1′,...,in′ ) ≠ p (i1′,...,in′ ) 7/24/2019

21 Security and Precision
Theorems For any program p there exists a precise secure mechanism m* such that for all secure mechanisms m associated with p and c we have m* = m. There is no effective way that determines a (maximally) precise secure mechanism for any policy and program. 7/24/2019

Download ppt "Computer Security Security Policies"

Similar presentations

Information Flow and Covert Channels November, 2006.

Information Flow and Covert Channels November, 2006.
Operating System Security

Operating System Security
1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.

1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #7-1 Chapter 7: Hybrid Policies Overview Chinese Wall Model Clinical Information.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #7-1 Chapter 7: Hybrid Policies Overview Chinese Wall Model Clinical Information.
Database Management System

Database Management System
Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.

Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.

Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
April 13, 2004ECS 235Slide #1 Expressive Power How do the sets of systems that models can describe compare? –If HRU equivalent to SPM, SPM provides more.

April 13, 2004ECS 235Slide #1 Expressive Power How do the sets of systems that models can describe compare? –If HRU equivalent to SPM, SPM provides more.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #4-1 Chapter 4: Security Policies Overview The nature of policies –What they.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #4-1 Chapter 4: Security Policies Overview The nature of policies –What they.
1 Security Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 15, 2004.

1 Security Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 15, 2004.
CMSC 414 Computer (and Network) Security Lecture 10 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 10 Jonathan Katz.
User Domain Policies.

User Domain Policies.
7/15/2015 7:56 AM Lecture 3: Policy James Hook CS 591: Introduction to Computer Security.

7/15/2015 7:56 AM Lecture 3: Policy James Hook CS 591: Introduction to Computer Security.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
1 September 14, 2006 Lecture 3 IS 2150 / TEL 2810 Introduction to Security.

1 September 14, 2006 Lecture 3 IS 2150 / TEL 2810 Introduction to Security.
Security Policy What is a security policy? –Defines what it means for a system to be secure Formally: Partition system into –Secure (authorized) states.

Security Policy What is a security policy? –Defines what it means for a system to be secure Formally: Partition system into –Secure (authorized) states.
1 IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 6 Oct 2-9, 2013 Security Policies Confidentiality Policies.

1 IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 6 Oct 2-9, 2013 Security Policies Confidentiality Policies.
1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.

1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.

Similar presentations

Ads by Google