Presentation is loading. Please wait.

Presentation is loading. Please wait.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

Similar presentations

Presentation on theme: "2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification."— Presentation transcript:


2 2

3  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification (asking you who you are) and authentication (asking you to prove it)  It can limit what user can do after they have accessed the system.This requires the system to implement access control mechanisms. 3

4 4

5  The primary purpose of security mechanisms in a system is to control access to resources.  Resources: Files, memory areas, processor time, devices, database records. Some history...  Early systems had no internal access control.  Any user could access any file simply by knowing its name.  Access control became a more serious issue with the emergence of disk storage, on which les of many users could be stored (before the days of network and interactive computing). 5

6  An access control policy dictates… -what types of access are permitted, - under what circumstances, and - by whom.  Vital for security in operating systems 6

7 Identification. {eg: username, account number…} Authorization. {eg: pwds, pin nos, tokens…} Authentication. {digital signature, fingerprint…} 7

8  Discretionary access control (DAC)  Mandatory access control (MAC)  Role-based access control (RBAC) 8

9  Controls access based on… - the identity of the requestor and - on access rules (authorizations) stating what requestors are (or are not) allowed to do.  This policy is termed “ discretionary ” because: an entity might have access rights that permit the entity, by its own volition, to enable another entity …to access some resource. 9

10  What is DAC ?  Why is DAC needed ?  Where it is used ?  How is DAC implemented..?  Advantages of DAC ?  Disadvantages of DAC ? 10

11  Discretionary access control (DAC) is a policy determined by the owner of an object.  The owner decides who is allowed to access the object, and what privileges they have. 11

12 -- File and data ownership : Every object in the system has an owner. In most DAC systems, each object's initial owner is the subject that caused it to be created. The access policy for an object is determined by its owner. -- Access rights and permissions: These are the controls that an owner can assign to other subjects for specific resources. 12

13  In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria(TCSEC) as : “ a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)”. 13

14  Usually implemented through Access control lists (ACLs)  Each resource object on a DAC based system has an Access Control List (ACL) associated with it.  An ACL contains a list of users and groups to which the user has permitted access together with the level of access for each user or group. 14

15  DAC is typically the default access control mechanism for most desktop operating systems.  widely used in commercial and government sectors.  Operating systems must be built differently depending upon whether they are going to provide DAC or any other access functionality.  For example, Windows-based platforms provide a DAC access structure. 15

16  Flexibility  Simplicity  Ease of implementation 16

17  increases the risk that data will be made accessible to users that should not necessarily be given access.  DAC mechanisms fail to recognize a fundamental difference between human users and computer programs.  However, DAC is known to be inherently weak for two reasons. 17

18 First, granting read access is transitive. First, granting read access is transitive. Information can be copied from one object to another; therefore, there is no real assurance on the flow of information in a system. No restrictions apply to the usage of information when the user has received it. Second, DAC policy is vulnerable to Trojan horse attacks; because programs inherit the identity of the invoking user. Second, DAC policy is vulnerable to Trojan horse attacks; because programs inherit the identity of the invoking user. 18

19  Controls access based on… -comparing security labels (which indicate.. how sensitive or critical system resources are) with security clearances (which indicate..system entities are eligible to access certain resources).  This policy is termed “mandatory ” because an entity that has clearance to access a resource may not, just by its own volition, enable another entity to access that resource. 19

20 WHAT IS MAC ?  In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system constrains the ability of a subject to access or generally perform some sort of operation on an object or securityaccess controloperating system  MAC takes a hierarchical approach to controlling access to resources.  The term mandatory in MAC has acquired a special meaning derived from its use with military systems. MAC means access controls that are mandated by order of a government and so enforcement is supposed to be more imperative than for commercial applications. 20

21 IDEA OF MAC:  A system mechanism (e.g., the operating system) controls access to an object and an individual user cannot alter that access.Neither the subject nor the owner of the object can determine whether access is granted.  The system mechanism will check information associated with both the subject and the object to determine whether the subject should access the object.  Rules describe the conditions under which access is allowed.Mandatory policies are also called rule-based policies.  Under a MAC enforced environment access to all resource objects (such as data files) is controlled by settings defined by the system administrator. As such, all access to resource objects is strictly controlled by the operating system based on system administrator configured settings. 21

22 GOALS OF MAC :  Preserve confidentiality and integrity of information  Prevent some types of Trojan horse attacks  Prevent that a user can change security attributes. WHERE IT IS USED ?  Systems that implement MAC models are used in highly secured environments, such as military or government organizations and in Defence departments. 22

23  Controls access based on… users have - the roles that users have within the system and what accesses are allowed to users -on rules stating what accesses are allowed to users in given roles. 23

24  Role-based access control (RBAC) models make access decisions based on the rights and permissions assigned to a role or group, not an individual user.  In role based systems, users get assigned roles based on their functions in that system. These systems are centrally administered, they are nondiscretionary. An example is a hospital.  It is an access policy determined by the system, not the owner. 24

25 USE AND AVAILABILITY…  RBAC is a flexible access control technology whose flexibility allows it to implement DAC or MAC.  used to manage user privileges (computer permissions) within a single system or application. Access under RBAC is based on a user's job function within the organization to which the computer system belongs.  used in commercial applications and also in military systems, where multi- level security requirements may also exist.  This kind of model is effective in large companies that have high turnover rates because it allows the administrator to simply place new employees into roles instead of creating new permissions for each and every person who joins the company. 25

26  SECURITY INTRUSION… A security event, or a combination of multiple security events,that constitutes a security incident in which an intruder gains, or attempts to gain, access to a system (or system resource) without having authorization to do so.  INTRUSION DETECTION… A security service that monitors and analyzes system events for the purpose of finding, and providing real-time or near real- time warning of, attempts to access system resources in an unauthorized manner. 26

27  Host-based IDS: Monitors the characteristics of a single host and the events occurring within that host for suspicious activity  Network-based IDS: Monitors network traffic for particular network segments or devices and analyzes network, transport, and application protocols to identify suspicious activity. 27

28  SENSORS :  responsible for collecting data.  The input may be any part of a system that could contain evidence of an intrusion.Types of input include network packets, log files, and system call traces.Sensors collect and forward this information to the analyzer.  ANALYZERS :  receive ip from 1 or more sensors or from other analyzers.  responsible for determining if an intrusion has occurred.The o/p of this component indicates that an intrusion has occurred.The output may include evidence supporting the conclusion. 28

29  USER INTERFACE: The user interface to an IDS enables a user to view output from the system or control the behavior of the system. In some systems, the user interface may equate to a manager, director, or console component. 29


31 31

Download ppt "2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification."

Similar presentations

Ads by Google