Secure Operating Environments - Access Control Datei Flashcards
What is Access control ?
authentication + authorisation
What is the differnce between authentication / authorisation ?
Authentication: Verifying identity of subject
Authorisation: Verifying that subject has right to perform
requested action on object
When do we need access control ?
Subjects request actions on objects
- Alice wants to read a file
- Bob wants to update account balance
Process wants to open a socket
What is Discretionary access control (DAC) ?
- Data owners, usually users, set access rights
- There may be a policy against sharing and access may
be audited, but the policy is not enforced technically
Where do we use DAC ?
Typicaly in commercial and consumer systems
Name an Example of DAC outside computers.
Person with a key can open the door to others; door keys can be shared and copied
What is Access control list (ACL) ?
ACL = list of the access rights associated with an
object.
Example:
file1.txt ACL:
Alice: { read, write }; Bob: { read };
Process 4567: { read, write }; Process 6789: {append}.
Where is ACL used ?
Windows/Unix file system
What is a Capability ?
Capability = access right associated with the
subject
Example:
Alice’s capabilities:
file1.txt: { read, write }; file2.txt: { write }.
What is Mandatory access control (MAC) ?
- Access rights based on rules (i.e. policy) set by
administration - AC policy enforced and cannot be changed by users
- Subjects cannot leak access rights to others
Where did MAC originate ?
MAC originates from military policies
– Officer can read secret paper but cannot take copy out of room
– Officer who has had contact with foreign agents may lose access to classified information
On what are the rules MAC uses often based ?
Mandatory access control rules are often based on security labels on subjects and objects – Subject clearance – Object classification l : (Subjects ∪ Objects) → Labels
Example:
Labels: Top Secret -> Secret -> Confidential -> Unclassified
Subject with clearance Top Secret has access to all labels ->
Simple security property:
S can read O if and only if l(S) ≥ l(O)
What is a Group ?
Group = set of subjects
– E.g. Administrators, CS students
– Object ACL can list groups in addition to users
– Both group membership and ACLs change over time
What is a Role ?
Role = set of permissions
(i.e. permitted actions on objects)
– E.g. Administrator, INITSEC-teacher, IN-professor
– Roles usually quite static; assignment to users changes
What is Role-based access control (RBAC)
?
Modeling high-level roles in an organisation
– E.g. Doctor, Nurse, Student, Lecturer, Course-assistant
– Roles defined once; changed infrequently
Roles may be parameterised
– E.g. Treating-doctor of Mr. Smith,
Lecturer of INITSEC, Student of INITSEC
Roles may form a hierarchy with inheritance
– E.g. Lecturer and Teaching-assistant are Teaching-staff
Roles are assigned to users for longer term but activated on demand for each session
