Presentation is loading. Please wait.

Presentation is loading. Please wait.

Access Controls Henry Parks SSAC 2012 Presentation Outline Purpose of Access Controls Access Control Models –Mandatory –Nondiscretionary/Discretionary.

Published byBeatrice Sanders Modified over 8 years ago

Similar presentations

Presentation on theme: "Access Controls Henry Parks SSAC 2012 Presentation Outline Purpose of Access Controls Access Control Models –Mandatory –Nondiscretionary/Discretionary."— Presentation transcript:

1

2 Access Controls Henry Parks SSAC 2012

3 Presentation Outline Purpose of Access Controls Access Control Models –Mandatory –Nondiscretionary/Discretionary –Role Based Access Control Operation Factors –Access Control Lists –Access Control Matrix –Identification and Authentication Real Time Access Controls –Routers –Firewalls –OS

4 Purpose of Access Controls Access Controls –Determines if user is admitted to trusted area Access Control Common Terms –Subject- entity that requires access to a system resource –Object- system resource to which access must be controlled –Permissions- list specifying a list of access rights Access Control Components –System Access –Network Access & Architecture –Encryption and protocols –Auditing

5 Access Control Models Mandatory Access Control Characteristics –Extremely secure system –Sensitivity labels are assigned to both objects and subjects –All data is assigned security level that reflects its relative sensitivity, confidentiality, and protection value. –Only administrators, not data owners, make changes to a resource's security label. Levels of Authorization –Subjects can read from a lower classification than the one they are granted –Subjects can write to a higher classification –Subjects are given read/write access to objects only of the same classification –Only administrator is allowed to access rights –Enforced by a centralized organizational policy

6 Access Control Models Discretionary Access Control Characteristics –Widely acceptable in commercial environments –Identifies the subjects that are allowed or denied access to a securable object –An object's owner has discretion over who access that object Levels of Authorization File and data ownership –Every object in the system has an owner. Access Rights and Permissions –Controls that an owner can assign to other subject for specific resources

7 Access Control Models Nondiscretionary Access Control Characteristics –Managed by a central authority –Can be role-based or task-based –An object's owner has discretion over who access that object Levels of Authorization Role-Based Controls –Linked to the role subject performs Task-Based Controls –Linked to particular assignment or responsibility

8 Access Control Operation Factors Access Control Lists Defined List of access control entries(ACE) Consist of user access list, matrices, and capability tables Capability table: Specifies which subjects and objects users or groups can access resource Access control matrix: Includes combination of tables and lists

9 Access Control Operation Factors Identification and Authentication Multifactor Authentication –Implementing multiple forms of authentication to validate an identity –Used for systems requiring strong authentication Forms of Authentication –What a subject knows: –What a subject has: –What a subject is: –What a subject produces:

10 Real Time Access Controls Routers Cisco Router

11 Real Time Access Controls Operating System Microsoft Active Directory

12 Real Time Access Controls Firewall Cisco PIX Firewall

13 Conclusion Purpose of Access Controls Access Control Models Access Control Operation Factors Real Time Access Controls

14 The End QUESTIONS?

15 Resources Whitman, Michael E., and Herbert J. Mattord. Principles of Information Security. Boston, MA: Thomson Course Technology, 2005. Print. http://www.cisco.com/en/US/docs/ios/11_3/security/configurati on/guide/scacls.html

Download ppt "Access Controls Henry Parks SSAC 2012 Presentation Outline Purpose of Access Controls Access Control Models –Mandatory –Nondiscretionary/Discretionary."

Similar presentations

Access Control CS461/ECE422 Fall 2011. Reading Material Chapter 4 through section 4.5 Chapters 23 and 24 – For the access control aspects of Unix and.

Access Control CS461/ECE422 Fall Reading Material Chapter 4 through section 4.5 Chapters 23 and 24 – For the access control aspects of Unix and.
1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.

1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
Lakshmi Narayana Gupta Kollepara 10/26/2009 CSC-8320.

Lakshmi Narayana Gupta Kollepara 10/26/2009 CSC-8320.
Access Control Methodologies

Access Control Methodologies
Access Control Patterns Fatemeh Imani Mehr Amirkabir university of technology, Department of Computer Engineering & Information Technology.

Access Control Patterns Fatemeh Imani Mehr Amirkabir university of technology, Department of Computer Engineering & Information Technology.
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.

Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.

Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.
Role Based Access Control Venkata Marella. Access Control System Access control is the ability to permit or deny the use of a particular resource by a.

Role Based Access Control Venkata Marella. Access Control System Access control is the ability to permit or deny the use of a particular resource by a.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
Chapter 5 Database Application Security Models

Chapter 5 Database Application Security Models
User Domain Policies.

User Domain Policies.
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.
Lecture 7 Access Control

Lecture 7 Access Control
Distributed Computer Security 8.2 Discretionary Access Control Models - Sai Phalgun Tatavarthy.

Distributed Computer Security 8.2 Discretionary Access Control Models - Sai Phalgun Tatavarthy.
Protection and Security An overview of basic principles CS5204 – Operating Systems1.

Protection and Security An overview of basic principles CS5204 – Operating Systems1.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Similar presentations

Ads by Google