Access Control Flashcards
CIA
CIA- Confidentiality, Integrity, Availability
DAD
DAD (disclosure, alteration, destruction) opposes CIA
IAAA
IAAA –
- Identity,
- Authentication (proving an id claim),
- Authorization (actions you can perform),
- Accountability (or Auditing)
Non-repudiation
Non-repudiation- user can’t deny performing a transaction
Least Privilege
Least Privilege- minimum amount of access to do job (this is an ideal or target)
Need to Know
Need to Know- more granular than Least Privilege (object level). E.g. have a secret clearance, and cleared for a program.
Subject
Subject- active entity on a system (user, running program)
Object
Object- passive data on system (file)
Defense in Depth
Defense in Depth- (Layered Defense) multiple safeguards in layers (or controls); e.g., you had to get to a workspace, authn to workstation, the network, then the application
Access Control Models (3 main models)
Access Control Models (3 main models)
- DAC
- MAC
- RBAC
DAC
DAC (Discretionary Access Control)- gives data owners full control of objects; access given via ACL based on Id (rather than roles as in RBAC)
MAC
MAC (Mandatory Access Control)- based on subject clearance + object labels
- Data owners cannot grant access!
- OS makes the decision based on a security label system
- Subject’s label must dominate the object’s label (greater than or equal to)
- Users and Data are given a clearance level (confidential, secret, top secret etc)*
- Rules for access are configured by the security officer and enforced by the OS.
- focus on confidentiality; difficult & expensive so it’s used for secure programs
Examples: SELinux, Trusted Solaris, Honeywell’s SCOMP, Purple Penelope, LIDS (Linux Intrusion Detection System)
RBAC
RBAC (Role-Based Access Control) (some consider a form of MAC):
- Also called non-discretionary
- Scales better than DAC and helps deter authZ creep
- Role Assignment- users are assigned an active role
- Role Authorization- users only have roles they are authZ for
- Transaction Authorization- only execute authz transactions
Other Access Control Technologies
Access Control Technologies
- Task-based Access Control
- Content Dependent Access Control
- Context (e.g. time) Dependent Access Control
- Rule-based Access Control
- Access Control Matrix
- Constrained User Interface
- Restrict user access by not allowing them see certain data or have certain functionality (based on the Clark Wilson model of ‘keep users out of your system’)
IBM Access provisioning lifecycle rules
IBM Access provisioning lifecycle rules
- Password compliance checking
- Notifying users to change password before expiration
- Identifying accounts that should be suspended due to inactivity for more than 30 day
- Identifying unused new accounts
- Identifying accounts for deletion due to being suspended more than 30 days
- Revoking accounts when a contract expires or user leaves
Access Aggregation
Access Aggregation- users gain access to more systems over time
Authorization Creep
Authorization Creep- users gain more entitlements without shedding the old ones
RADIUS
RADIUS- Remote AuthN Dial-In User Service; most often used
- Centralized
- UDP (User Datagram Protocol)
- Provides limited accountability
- Problems with flexibility, scalability, reliability, and security
- Encrypts only password
- Uses PAP, CHAP, or EAP
Request and response carried in AVP (attribute-value pairs) (8 bits):
- Access-Request
- Access-Accept
- Access-Reject
- Accounting-Request
- Accounting-Response
- Access-Challenge
- Status-Server
- Status-Client