System Security: Access control Flashcards
What is the difference between authentication and authorization?
Authentication means verifying credentials
Authorization means granting permission to resources
What are the different access control policies?
- Discretionary access control (DAC)
- Mandatory access control (MAC)
- Role-based access control (RBAC)
- Attribute-based access control (ABAC)
What is Discretionary access control (DAC)?
Controls access based on the identity of the requestor and on access rules stating what requestors are allowed to do.
What is Mandatory access control (MAC)?
Controls access based on comparing security labels with security clearances.
What is Role-based access control (RBAC)?
Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.
What is Attribute-based access control (ABAC)?
Controls access based on attributes of the user, the resource to be accessed, and current environmental conditions.
Attributes contain information that can indicate the class of information, a name, and a value:
- Subjects’ attributes can be a name, job title, etc.
- Objects’ attributes can be title, subject, date, author, etc.
- Environments’ attributes can be current date/time, network security level, etc.
Policies are a set of rules that govern allowable behavior.
What is the general approach to implementing Discretionary Access Control?
Access matrix.
One side of matrix with subjects and one with objects.
The intersection of a subject and object in the matrix contains access rights the subject has on the object (read, write, etc.). The access matrix can be decomposed into Access Control Lists (ACL) or capability tickets.
UNIX file access control TO DO
TO DO
he didnt explain this in the lecture, but explicitly said that it could be on the exam
How is Role-based access control often implemented?
Access matrix.
Exactly the same as Discretionary Access Control, but with roles instead of subjects. Users are grouped into roles. A user can have one or more roles.
Roles can be organized in a hierarchy. Subordinate jobs may have a subset of the access rights of a superior job function.
Constrains can be added to force relationships between roles. For example: a user can not have role 1 and role 2 at the same time.
What is the Bell-LaPadula model?
A computer security model.
Subjects and objects are assigned security classes. The security classes form a strict hierarchy and are referred to as security levels.
Example: top secret > confidential > unclassified
A subject has a security clearance.
An object has a security classification.
What are the four access modes in the Bell-LaPadula model?
Read
Append
Write
Execute
What properties must a Multilevel Security (MLS) system enforce?
- No read-up / ss-property. Subjects must be unable to read objects with higher security levels.
- No write down / *-property. Should not be able to write into objects of lower security clearance. This is to prevent classified information from being accessible by anyone. The user should log out and in with another access right before doing such things.
- ds-property. An individual may grant another individual access to a document as long as the above 2 rules are satisfied.
What is the Biba Integrity Model?
Similar to Bel-LaPadula, but integrity and not confidentiality.
Access modes: modify, observe, execute, invoke.
What is the Chinese Wall Model?
Once a subject accesses information from a dataset, access to other Conflict of Interest (CI) classes are blocked.
A subject s can access an object o only if at least one of the following is true:
- o is in the same dataset as an object already accessed by s
- o belongs to a Conflict of Interest which s has not yet accessed any information.
TO DO, not covered in lectures:
- Application of MLS
- Trusted computing and the trusted platform module
- Common criteria for security evaluation
- Assurance and evalutation
to do