Ch11 - 11.02 - Access Control Models Flashcards
Discretionary Access Control (DAC)
Discretionary access control, also known as DAC, is a model that decides who gets access to a resource based on a discretionary access control list (DACL). A DACL is a listing of users or groups (known as security principals) who are granted access to a resource, and the DACL typically determines what type of access the user has. That is, the DACL is the permissions assigned to a file. Each entry in the DACL is known as an access control entry (ACE)
Remember that discretionary access control (DAC) involves configuring permissions on a resource
Mandatory Access Control (MAC)
With the mandatory access control (MAC) model, each individual (known as a subject) is assigned a clearance level such as restricted, secret, or top secret.
The data and other assets in the organization are assigned classification labels that represent the sensitivity of the information. Examples of classification
labels are public, confidential, secret, top secret, and unclassified, to name a few.
Remember that mandatory access control involves employees gaining access to resources based on their clearance level and the data classification label assigned to the resource.
Common sensitivity levels for government organizations
Top secret
The highest sensitivity label. Information classified as top secret could cause grave damage to national security if leaked to the public.
Secret
The second-highest sensitivity label. Information classified as secret could cause serious damage to national security if leaked to the public.
Confidential
The third-highest sensitivity label. Information classified as confidential could cause damage to national security
if leaked to the public.
Restricted
Information assigned this classification label could
cause an undesirable outcome if exposed to the public.
Unclassified
Any information not assigned a classification label is considered unclassified and is suitable for public release.
This is a hierarchical structure where someone with high-level clearance can access not only its same level of data, but also any data with lower classifications
Common sensitivity labels for business sectors
Confidential
The highest sensitivity label. Information classified as confidential could cause grave damage to the organization if leaked to the public.
Private
The second-highest sensitivity label. Information classified as private could cause serious damage to the
organization if leaked to the public.
Sensitive
Information assigned this classification label could cause an undesirable outcome if exposed to the public.
Public
Information assigned this classification label is suitable
for public release.
This is a hierarchical structure where someone with confidential clearance can access not only confidential data, but also any data with lower classifications such as private, sensitive, and public.
Trusted operating system
Trusted operating system, which refers to an OS that has been evaluated and determined to follow strict security practices such as mandatory access control. The most widely accepted international standard for security evaluation is the Common Criteria for Information Technology Security Evaluation, usually referred to as
Common Criteria.
Role-Based Access Control (RBAC)
Role-based access control (RBAC) takes a different approach than MAC to controlling access to resources and privileges: the system grants special privileges to different roles. A role is a container object that has predefined privileges in the system. When you place users into the role, the user receives the privileges or access control permissions assigned to the role.
Rule-Based Access Control
Rule-based access control, also known as RBAC, involves configuring rules on a system or device that allow or disallow different actions to occur. For
example, a router uses RBAC to determine what traffic can enter or leave the network by checking rules in an ACL configured on the router.
Group-Based Access Control (GBAC)
Group-based access control (GBAC) is when the security of the environment is based on the groups the user is a member of. For example, you could have application code that checks to see if a user is in the Finance group before allowing that user to call the Deposit method:
@GroupAllowed("Finance") public void Deposit() { // Only Finance group can call this method // Code Placed Here }
Attribute-Based Access Control (ABAC)
Attribute-based access control (ABAC) is an access control model that involves assigning attributes, or properties, to users and resources and then using those attributes in rules to define which users get access to which resources.
For example, you could configure a rule that specifies if the user has a Department attribute of Accounting and a City attribute of Boston, then they can access the file. This is different than RBAC or GBAC in the sense that those models only check whether the user is in the role or group.