Different systems for data protection

Question 1

What is Access control?

Answer 1

Security system which constraints the actions preformed in a system based on access control rules

Question 2

What is the basic premise of DAC?

Answer 2

Permissions assigned at discretion of resource owner

Question 3

What are the benefits of DAC?

Answer 3

Highly flexible
control access to files
control sharing of personal info

Question 4

What is a Harison-Ruzzo-Ullman (HRU) model?

Answer 4

DAC model that has explicity state changes by commands (create, confer, revoke, transfer)

Question 5

What are the weaknesses of DAC?

Answer 5

Only a constraint on DIRECT access
info can be read from file and copied to another
- trojan horse: also if you trust a subject a trojan horse can copy info to a file readable by attacker

Question 6

What is the basic premise of MAC?

Answer 6

Access rights entirely by system

Question 7

What are the benefits of MAC?

Answer 7

Useful for organizations with strong need for central control

Question 8

What is BLP?

Answer 8

A MAC MLS model focused on confidentiallity

No read up
No write down

Question 9

What are BLP limitations?

Answer 9

only limit access and sharing (no integrity)

fixed rights -> Classes of S & O do not change

no model for access management or policy making

Question 10

What is strong and weak tranquility property?

Answer 10

Strong: S & O do not change class during system lifetime

Weak: S&O only change labels if it does not violate spirit of security policy

Question 11

What is MLS?

Answer 11

access based on security classes for objects and subjects

Question 12

What is the goal of MLS?

Answer 12

ensure that info does not flow to unauthorized subjects?

Question 13

What is BIBA?

Answer 13

A MAC MLS model that defines mandatory policies for integrity

No read down
No write up

Question 14

What is the goal of BIBA?

Answer 14

prevent information flow to higher or incomparable security classes

Question 15

What is Multilateral security?

Answer 15

Protect data from leakage between compartments on the same level (compartmentalization)

Question 16

What is the chinese wall?

Answer 16

Dynamic separation of duty model that splits company info into objects, company datasets, and conflict of interest classes

Question 17

What are the rules in chinese wall?

Answer 17

Read only for one company in conflict class

Write if read & no info from companies of same conflict class (or just no unsanitized data from same conflict class)

Question 18

What is a reputation based trust management system?

Answer 18

Decides trust level on experiences

Needs good implementation for market to flourish

Question 19

What is rule based trust management?

Answer 19

Trust given if subject has the correct credentials

Problems -> a lot of credentials to check, mention, and store

Question 20

What is RBAC?

Answer 20

Access control model based on roles that have certain permissions

Question 21

What are the benefits of RBAC?

Answer 21

Increases scalability and flexibility
reduced administration error & cost
easy to meet new requirements

Question 22

What are the security principles of RBAC?

Answer 22

Least privilage -> No more privileges than necessary for job

Separation of duties -> prevent users from abusing positions (more than 1 user needed for critical task)

Question 23

State differences of RBAC 0, 1, 2, 3

Answer 23

0: core
1: core + role hierarchies
2: core + constraints
3: core + 1 + 2

Question 24

What is static separation of duty?

Answer 24

RBAC 2 restriction of permissions assigned to user

Question 25

What is dynamic separation of duty?

Answer 25

RBAC 2 restriction of permissions exercized by user in a session

Question 26

What are limitations of RBAC?

Answer 26

designed for simple systems

not context aware

only permissions based on roles (can lead to role explosion)

always needs attention from administration

role design difficult and expensive

Question 27

What is ABAC?

Answer 27

Access control where many attributes for users, objects, operations, and context are evaluated against policy to see permission

Question 28

What is UCON?

Answer 28

Usage control system to combine access control, trust management, and DRM

attribute & context-based authorizations

Control before & during usage life time

Question 29

What are the data actors?

Answer 29

Data subject -> his data
Data controller -> decide data purpose and methods
Data processor -> processes data
Person in charge of processing
Data recipient -> entity whom data is disclosed to
Third party -> gets data outside subject, controller, or processor
Data protection authority

Question 30

What are the privacy principles?

Answer 30

Fair & lawfull processing -> do not intrude privacy or interfere with autonomy
Purpose specification -> collect and use data for specific purpose
consent -> only if explicit consent
minimality -> minimum collected, processed, and time for purpose
minimal disclosure -> restrict third parties
info quality -> accurate, relevant and complete
data subject control -> subject can check and influence data
sensitivity -> sensitive data stricter
info security -> security equal to risk of data

Question 31

What are the elements of privacy policies?

Answer 31

Subject
object
action
purpose
condition
obligation

Question 32

What are hippocratic databases?

Answer 32

Data bases that incorporate privacy protection by linking purpose and consent to data

Focus on limited actions performed

Question 33

What do hippocratic databases consist of?

Answer 33

Privacy policy table -> purpose, table, attribute, {external-recipients}, retention

privacy authorization table -> purpose, table, attribute, {authorized-users}

Question 34

What is purpose-based access control?

Answer 34

Access control based on if the intended purpose of collected data matches the access purpose of request

With the addition of conditions matching (certain time or location)

Question 35

What is EPAL?

Answer 35

Privacy control model for organizations to:
enforce privacy promises made to user
Detect privacy violations
safe transfers of policy protected data

Question 36

What are the elements of EPAL?

Answer 36

Vocabulary containing:
Hierarchy of users, purposes, data, actions
model for obligations

Set of rules made up from the vocabulary:
a [user] should be [allow or deny] the ability to perform [action] on [data] For [purpose] under [condition] yielding an [obligation]

Question 37

When is a policy a refinement?

Answer 37

It adds details to existing policy but does not change any rulings except if it was a scope_error or don’t care

Obligations can be made additions to but should be stated explicitly

Question 38

What is XACML?

Answer 38

A language to express access control policies, access requests, and responses

Uses ABAC
Can use RBAC for permissions

Question 39

What are the main elements of XACML?

Answer 39

Policy administration point _> makes policy
Context handler -> constructs XACML request for decision point
policy decision point -> evaluates applicable policy and makes authorization decision
policy enforcement point -> perform access control by making decision requests and enforcing authorization decisions
policy information point -> acts as source of attribute values

Question 40

What is the decision of deny overrides algorithm in order?

Answer 40

1. deny
2. I {DP}
   ◦ if one has I {DP}
   ◦ if one I {D} and one P or I { P }
3. I { D }
4. P
5. I {P}

Question 41

What is the decision of permit overrides algorithm in order?

Answer 41

1. p
2. I {P D}
   ◦ If one has I {P D}
   ◦ if one I {P} and one D or I {D}
3. I {P}
4. D
5. I {D}

Question 42

What combining algorithms work in D6?

Answer 42

DOV
POV

Question 43

When is a reduction safe for a certain operator?

Answer 43

If in the operator table you see that the combined sets have the same outcomes as columns