Authorization Flashcards
What are the layers of access control? (5)
Policy
Model
Mechanism
Awareness
Management
What is the Policy-layer of access control?
High-level rules, what is and is not allowed
What is the Model-layer of access control?
Formal representation of the policy
What is the Mechanism-layer of access control?
Low-level implementation of the model
What is the Awareness-layer of access control?
Education
What is the Management-layer of access control?
Operation
What is priivilege creep?
People end up with more access than necessart
What are the technical layers of access control?
Application
Middleware
OS
Hardware
Name some access control models
DAC: Discretionary Access Controll
What is DAC: Discretionary Access Controll
The owner of a resource decides how it is shared
The owner chooses to give read, write or other access to other users
What is an access control matrix?
X-axis: Resource (file, program, etc.)
Y-axis: User
Entry: Permissions (own, read, write, execute, etc.)
What is an authorization table?
A mechanism to implement access control matrices.
Pick non-empty entries in the access control matrix to create a list. This list is the authorization table.
From Access control matrix:
File 1. File 2. File 3. Program 1 Ann. Own. Read Execute
Read. Write
Write
Authorization table entry:
User - Access Mode - Object
Ann Own. File 1
Ann Read File 1
Ann Write File 1
Ann Read File 2
Ann Write File 2
Ann Execute Program 1
Where are authorization tables used?
Database management systems (DBMS): Software systems used to store, retrieve, and run queries on data
The tables are stored as relational tables
What are access control lists (ACL)
Another mechanism to implement access control matrices
Describe Access control list (ACL)
Stores information according to objects (file 2, Program 1, etc.), stores column.
From access control matrix:
Program 1
Ann. Execute
Bob.
Carl. Execute
Read
ACL’s stores each object in a file 1 with the structure:
File 1-> Ann
Execute
-> Carl
Execute
Read
Where are ACL’s used?
In modern OS
Give an example of how ACLs are used
Linux: ls -l
rexre—
What does rwxrw—- mean in linux?
rwx: Owner can read, write and execute
rw-: User’s in the owner’s group can read and write
—: Users outside the group cannot read, write or execute
What is capabilities?
The third mechanism to implement access control matrices
Describe Capabilities
Stores information according to the subject: matrix row
File 1. File 2. File 3 Program 1 Bob. Read. Read
Write
Bob -> File 1
read
-> File 3
read
write
Where is Capability used?
iOS permission control
Data is segregated into classes (contacts, calendar, photos, etc.)
Only allow basic permission at installation
At runtime, app must ask user to get permissions
What is a vulnerability of DAC?
Does not distinguish between user and process
Vulnerable to a process executing malicious programs (trojan horse), exploiting the authorization of the user.
Give an example scenario of using a Trojan horse
Hacker: Creates file steal.txt and gives CEO permission to write it, without the CEO’s knowledge
Two hidden operations (Trojan horse) is added to the CEO’s app. One operation reads the steal.txt file, the other operation writes to it.
CEO executes the app. The app executes on behalf of the CEO (Access control only checks the user, it does not check the process). Reading and writing to the secret file is allowed, without the CEO’s knowledge.
What is Mandatory Access Control? (MAC)
A system enforces a security policy independent of the user’s action. Enforces access control on the basis of regulations mandated by a central authority.
Access class is assigned to each object and subject.
What are the types of Object classificaion?
TOP SECRET
SECRET
CONFIDENTIAL
UNCLASSIFIED
What are the types of Subject classification?
TOP MANAGER
MIDDLE LEVEL MANAGER
EMPLOYEE
GENERAL PUBLIC
What is the Bell-LaPadula model?
A state machine model used for enforcing access control.
Main focus: enforce confidentiality, only allows operations on the same level
No read up (NRU)
No write down (NWD)
What is the Biba model?
Another state machine used to enforce access control.
Main focus: Enforce integrity
No read down (NRD)
No write up (NWU)
Why is the Biba model useful for integrity?
No improper modification of high integrity objects from low classified subjects. E.g. a downloaded software cannot write to the OS.
High integrity objects are not contaminated because they do not read lower-level data, which can be unreliable.
How can Bell-LaPadula and Biba be combined?
Combined when we want integrity and confidentiality.
Objects and subjects have to be assigned two access classes:
- One for confidentiality control
- One for integrity control
What are the pros and cons of MAC?
Pros:
- Strict control over information flow
- Strong exploit containment
Cons:
- Cumbersome administration
What are the pros and cons of DAC?
Pros:
- Simple and efficient access right management
- Scalability
Cons:
- Weak control over information flow
What is Role-Based Access Control? (RBAC)
Based on the idea of assigning permissions to users based on their roles. Analyses needs of users, and group them intro roles based on the same responsibilities and needs.
More manageable approach to access management that is less prone to error than assigning permissions to users individually.
What are some benefits of RBAC?
Easy authorization management
Maps to real-world role hierarchy
What is attribute-Based Access Control? (ABAC)
Access control model that evaluates attributes (characteristics) rather than roles, to determine access.
Each user has a set of attributes
What access control model is used for coarse-grain access control?
RBAC
What access control model is used for fine-grain access control?
ABAC, but this is more difficult to use correctly
How should RBAC and ABAC be combined?
RBAC before ABAC
Decide who can see what module, BEFORE deciding what they can see inside a module
What is the Browser Same-origin policy?
Only communicate with the IP you originated from
when does two URLs have the same origin?
Protocol, port and host are the same
What is a Sandbox?
Restricted environment, separates running programs so that they are unable to affect other applications.
