Chapter 8- Security Models, Design and Capabilities Flashcards
Controlling access to a resource in a secure system involves 2 entities name and explain them
- Subject: is a user or process that makes a request to access a resource.
- Object: this is the resource a user or process wants to access.
Systems are built and designed according to 2 philosophies, explain them
- Open system: this are designed using agreed industry standards. They are easier to integrate with systems that adopt the same standards.
- Closed systems are designed to work with a narrow range of systems and are harder to integrate unlike other systems. It is harder to attack closed systems
Open Source vs Closed Source
In open source, the source code and other internal logic is available to the public.
Closed source: the internal logic and source code is hidden from the public. This depends on the programmer to revise the product over time.
Define Confinement
Confinement allows a process to read from and write to certain memory locations and resources. This is also known as sandboxing.
Explain Bounds
Each process that runs on a system is assigned an authority level.
Simple Systems:
In simple systems there are 2 authority levels (i.e. user and kernel.
Bounds of a process sets a limit on the memory addresses and resources it can access. It states the area in which a process is confined or contained.
There are 2 types of bounds:
Physical bounds: require each bounds to run in an area of memory that is physically separated from other bounded processes.
Logical bounds: it is the job of the o/s to enforce logical bounds and disallow access to other processes.
Define Isolation
Isolation occurs when a process is confined through enforcing access bounds, that process runs in isolation.
it is used to protect the operating environment, the kernel of the operating systems and other independent applications.
List the 3 concepts that make it possible to implement secure systems
Confinement, Isolation and bounds
Explain MAC
Mandatory Access Control: static attributes of the subject and object are considered to determine the permissibility of the access.
Explain DAC
Discretionary Access Control: subject have ability to define access to objects. Access Control List serves as dynamic access rulesets that the subject can modify.
what is the primary goal of controls
Controls are used to ensure the confidentiality and integrity of data.
Define Trusted Systems
Trusted Systems is one in which protection mechanisms work together to process sensitive data for many types of users while maintaining a stable secure computing environment.
Define Assurance
Assurance is the degree of confidence and satisfaction of the security needs.
Define Security Model
Security Model provides a way for designers to map abstract statements into a security policy that prescribes the algorithm and data structures necessary to build hardware and software.
Define Capability list
Capability List maintains a row of security attributes for each controlled object
Define Trusted Computing Base
Trusted Computing Base (TCB) is a combination of hardware, software and controls that work together to form a trusted base to enforce your security policy.
TCB is the only portion of that system that can be trusted to enforce your security policy.
Describe Security Perimeter
Security Perimeter is the imaginary boundary that separates the the TCB from the rest of the system.
Explain Reference Monitor
Part of the TCB that validates access to every resource prior to granting access is called the reference monitor. It stands between the every subject and object.
It is the access control monitor for TCB. It enforces access control or authorization based on the security model.
Define State machine model
State machine model is always secure regardless of the state it is in.
Define Finite State Machine
Finite State Machine (FSM) combines an external input with an internal machine state to model all kinds of complex systems including parsers, decoders and interpreters.
Define a state
State is the snapshot of machine at any specific moment in time.
Define secure state machine
Secure state machine always boots to a secure state and maintains a secure state across all transitions. It allows subjects to access resources in a secure manner compliant with security policy.
Explain Information flow models
This focuses on the flow of information. They are based on state machine models. e.g. Bell-LaPadula model and and Biba.
They are used to prevent the unauthorized, insecure and restricted information flow often between different levels of security.