32. Security Models and Concepts - 2 Flashcards
Security Models and Concepts - 2
Clark-Wilson
(Integrity)
Separates end users from back-end data
- Uses well formed transactions
- Separation of duties
Security Models and Concepts - 2
Clark-Wilson:
Subject/Program/Object
Program between subject and object
- example, person buying something on amazon
- user cannot change how many books are available
- A user can add item to the cart and purchase, amazon program subjects 1 from the inventory once an item is purchased
Security Models and Concepts - 2
Clark-Wilson:
Separation of duties
Certifier of transaction and implementer
i.e. person making purchase orders should not be paying invoices
Security Models and Concepts - 2
Clark-Wilson:
Well formed transactions
Series of operations
Transition a system from one consistent state to another consistent state
- Integrity - when you purchase an item from amazon, if they have 1000 in stock and you buy one, it should change to 999 in stock and wait for the next customer
Security Models and Concepts - 2
Brewer-Nash Model
(Chinese Wall or Information Barrier)
Controls that mitigate conflict of interest
- No information can flow between the subjects and objects in a way that would create conflict of interest
- Commercial organisations
*
Security Models and Concepts - 2
Non-Interference Model
Actions at a higher securtiy level do not interefer with actiosn at a lower level
- model not cocerned with data flow
- Concerned with what subject knows about the state of the system
- Changes made at a higher level should nto be noticed by someone with access at a lower level
Security Models and Concepts - 2
Take-Grant Protection Model
Thor can take (T) Hanes rights for the object
Jane can Create (C) and Remove (R) rights for the object
Jame can Grant (G) any of her rights to Bob
Rules govern interactions between subjects and objects
- uses permissions that subjects can grant to (or take from) other subjects
- 4 rules
*
Security Models and Concepts - 2
Take-Grant Protection Model:
Take
Thor can take (T) Hanes rights for the object
Jane can Create (C) and Remove (R) rights for the object
Jame can Grant (G) any of her rights to Bob
Rule allows subject to take rights over an object
Security Models and Concepts - 2
Take-Grant Protection Model:
Grant
Thor can take (T) Hanes rights for the object
Jane can Create (C) and Remove (R) rights for the object
Jame can Grant (G) any of her rights to Bob
Rule allows a subject to grant the rights they have to an object
Security Models and Concepts - 2
Take-Grant Protection Model:
Create
Thor can take (T) Hanes rights for the object
Jane can Create (C) and Remove (R) rights for the object
Jame can Grant (G) any of her rights to Bob
Rule allows a subject to create rights
Security Models and Concepts - 2
Take-Grant Protection Model:
Remove
Thor can take (T) Hanes rights for the object
Jane can Create (C) and Remove (R) rights for the object
Jame can Grant (G) any of her rights to Bob
Rule allows a subject to remove the rights they have over an object
Describes rights of every subject for every object in the system
- Like an excel spreadsheet
- One row per subject
- One column per object
6 Frameworks;
- What
- How
- Where
- Who
- When
- Why
- Maps frameworsk to rules
1. Planner
2. Owner
3. Designer
4. Builder
5. Programmer
6. user - Need to understand the different roles, their needs so you can give them what they need when they need it
Security Models and Concepts - 2
Security Modes
Can be MAC and DAC
- Mandatory or Discretionary Access Control
- Systems have different levels of classification. The mode we chose to impelement will be determined by the users who directly or indirectly try to access them
Security Models and Concepts - 2
Mode Determination
Determined by;
1. Type of user accessing the system
2. Type of data
