1. ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang

2. 2 Chap 4: Security policies A computer system: –A finite state automaton –A set of transition functions that change states A security policy: –A statement that partitions system states into secure (authorized) and non-secure (unauthorized) states A secure system –A system that starts in a secure state and cannot enter a non-secure state

3. 3 A security breach occurs when a system enters an unauthorized state Definition of confidentiality, integrity, and availability. Involve a set of entities X and information (resource) I –I has the property of confidentiality with respect to X if no one in X can obtain I May include leakage of rights or illicit information transmission Has a temporal feature

4. 4 Definition of confidentiality, integrity, and availability. (continued) –I has the property of integrity with respect to X if all members of X trust I I could be the information, storage and transmission of it, source of it (authentication), or resources (assurance) Identify entities authorized to change data and ways to change it –I has the property of availability with respect to X if all members of X can access I It can be restricted by parameters or application environments

5. 5 A security policy can be defined –Formally –Informally –By describing the sets of authorized states Distinguish security policy and mechanism –Security mechanism is an entity or procedure that enforces security policy Distinguish security policy and model –A security model is a model that represents one or a set of policies –It abstracts details and focuses on characteristics of policies (enable analysis of policies sharing the same characteristics)

6. 6 Types of security policies –Policy for confidentiality –Policy for integrity Role of assumptions –You must understand the security assumptions to know how effective the security policies, mechanisms, and procedures are

7. 7 Example: when you install a software patch, you will assume: –It comes from the software company, –It has been tested, –Your system setup is supported, –It has been correctly installed, etc –At the low level, you will also assume The algorithm is correctly designed The compilation and linking is correct The hardware will do what it is supposed to do

8. 8 Types of access control –Identity based access control (discretionary AC, the owner controls it): the access right is based on the identity of the subjects and objects –Mandatory access control (or rule based access control): a system controls access to an object and an individual user cannot override it –Originator controlled access control: the generator of the information controls access (not the owner. e.g. non-disclosure) –These methods can be used jointly

9. 9 Finite state machine examples

10. 10

11. 11