Complex Security Policies Dave Andersen Advanced Operating Systems Georgia State University.

Slides:



Advertisements
Similar presentations
Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.
Advertisements

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
Seyedehmehrnaz Mireslami, Mohammad Moshirpour, Behrouz H. Far Department of Electrical and Computer Engineering University of Calgary, Canada {smiresla,
Copyright © 1998 by Addison Wesley Longman, Inc. 1 Chapter One Preliminaries, including –Why study PL concepts? –Programming domains –PL evaluation criteria.
Issues Relevant To Distributed Security xuhong Zhang.
Vinay Kumar Madhadi 10/28/2009 CSC Outline  Part 1 : Mandatory Flow Control Models? MAC vs. DAC Information Flow Control  Part 2 : Different Models-Lattice.
Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.
Lakshmi Narayana Gupta Kollepara 10/26/2009 CSC-8320.
By Mary Anne Poatsy, Keith Mulbery, Eric Cameron, Jason Davidson, Rebecca Lawson, Linda Lau, Jerri Williams Chapter 9 Fine-Tuning the Database 1 Copyright.
8.2 Discretionary Access Control Models Weiling Li.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Mi-Joung choi, Hong-Taek Ju, Hyun-Jun Cha, Sook-Hyang Kim and J
1 SWE Introduction to Software Engineering Lecture 22 – Architectural Design (Chapter 13)
©TheMcGraw-Hill Companies, Inc. Permission required for reproduction or display. COMPSCI 125 Introduction to Computer Science I.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Application architectures
©TheMcGraw-Hill Companies, Inc. Permission required for reproduction or display. COMPSCI 125 Introduction to Computer Science I.
Agent-Based Acceptability-Oriented Computing International Symposium on Software Reliability Engineering Fast Abstract by Shana Hyvat.
Mandatory Flow Control Bismita Srichandan. Outline Mandatory Flow Control Models Information Flow Control Lattice Model Multilevel Models –The Bell-LaPadula.
Distributed Computer Security 8.2 Discretionary Access Control Models - Liang Zhao.
Distributed Computer Security 8.2 Discretionary Access Control Models - Sai Phalgun Tatavarthy.
Configuration Management
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
Application architectures
TIBCO Designer TIBCO BusinessWorks is a scalable, extensible, and easy to use integration platform that allows you to develop, deploy, and run integration.
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Chapter 6: Integrity and Security Thomas Nikl 19 October, 2004 CS157B.
Computers Are Your Future Tenth Edition Chapter 12: Databases & Information Systems Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall1.
© G. Dhillon, IS Department Virginia Commonwealth University Principles of IS Security Formal Models.
Distributed computer security 8.2 Discretionary Access Control Models -Ranjitha Shivarudraiah.
11 MANAGING AND DISTRIBUTING SOFTWARE BY USING GROUP POLICY Chapter 5.
Issues Relevant To Distributed Security CSC 8320 Nidhi Gahlot.
What is a Business Analyst? A Business Analyst is someone who works as a liaison among stakeholders in order to elicit, analyze, communicate and validate.
© 2009 Pearson Education, Inc. Publishing as Prentice Hall 1 Chapter 1: The Database Environment Modern Database Management 9 th Edition Jeffrey A. Hoffer,
WSMX Execution Semantics Executable Software Specification Eyal Oren DERI
Database Design and Management CPTG /23/2015Chapter 12 of 38 Functions of a Database Store data Store data School: student records, class schedules,
Problem Solving Techniques. Compiler n Is a computer program whose purpose is to take a description of a desired program coded in a programming language.
Summary of Distributed Computing Security Yifeng Zou Georgia State University
Section 11: Implementing Software Restriction Policies and AppLocker What Is a Software Restriction Policy? Creating a Software Restriction Policy Using.
ABSTRACT The JDBC (Java Database Connectivity) API is the industry standard for database- independent connectivity between the Java programming language.
14.1/21 Part 5: protection and security Protection mechanisms control access to a system by limiting the types of file access permitted to users. In addition,
Basic Concepts of Component- Based Software Development (CBSD) Model-Based Programming and Verification.
1 These courseware materials are to be used in conjunction with Software Engineering: A Practitioner’s Approach, 5/e and are provided with permission by.
DIGITAL SIGNATURE.
CS 127 Introduction to Computer Science. What is a computer?  “A machine that stores and manipulates information under the control of a changeable program”
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 14 October 5, 2004.
The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.
11 IMPLEMENTING AND MANAGING SOFTWARE UPDATE SERVICES Chapter 7.
1 Chapter 12 Configuration management This chapter is extracted from Sommerville’s slides. Text book chapter 29 1.
Design Principles and Common Security Related Programming Problems
CSC 8320 Advanced Operating System Discretionary Access Control Models Presenter: Ke Gao Instructor: Professor Zhang.
CS223: Software Engineering
CS223: Software Engineering Lecture 14: Architectural Patterns.
Role Activity Sub-role Functional Components Control Data Software.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
Lecture 3 Page 1 CS 236 Online Security Mechanisms CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Configuration Control (Aliases: change control, change management )
Chapter 29: Program Security Dr. Wayne Summers Department of Computer Science Columbus State University
Innola Solutions, Inc., USA March 24, 2017
TCSEC: The Orange Book.
Configuration Management
Software Design and Architecture
Chapter 18 MobileApp Design
Distributed System Concepts and Architectures
IS4550 Security Policies and Implementation
Access Control What’s New?
Presentation transcript:

Complex Security Policies Dave Andersen Advanced Operating Systems Georgia State University

Part 1 Presentation of Material from Text Book Chapter 8.6.1

Stateless vs. State-Dependent Security Policies  The Access Control List (ACL) and Capability List (CL) security models are stateless. Properties remain fixed unless explicitly changed by the server.  Complex Access Control Policies are state dependent. Authorization of access depends on subjects past history and interaction with other objects. [1998 Chow and Johnson]

Information Flow Control  When information flow is built on lattices information can only flow between components of the lattice in the direction the lattice permits.  Flow properties of the lattice model include: Transitivity: A->B and B->C implies A->C Aggregation: A->C and B->C implies A U B ->C Separability: A U B ->C implies A->C and B->C  Some applications require information flow which violates properties of the lattice. [1998 Chow and Johnson]

Exceptions to Lattice Model [1998 Chow and Johnson]

Example of a Complex Access Control Policy Computer Automated Bank Loan Application Only clerk(S 1 ) can prepare loan application (write permissions for object O). One of two bank officers, the manager (S 2 ) or accountant (S 3 ) (but not both) must approve the application (append permissions). Approved loan is the appended with electronic check signed by both bank manager (S 2 ) and cashier (S 4 ).

Graphical Representation [1998 Chow and Johnson]

Security Issues  Only subjects with write permissions can alter electronic document.  Must be able to authenticate digital signatures.  Enforce a transitivity exception to write access: clerk cannot alter document once it has been approved.  Enforce sequence order of writes: application, approval, then check.  Enforce aggregation exception: either manager or accountant approves loan, not both (and therefore once approved by one it cannot be disapproved by another).  Check must be signed by both manager and cashier (separation exception). [1998 Chow and Johnson]

Challenge: Simple Model for Implementing Complex Policy  First two issues (write permissions and digital signatures) are solved.  As of book publishing – solution doesn’t exist for the others.  First Possibility - Maintain Finite State Machines for each object. Unfortunately, not simple or efficient.  Second Possibility: Boolean representation of access rules. ACE w (O) = A+ B XOR C + B AND D Achieves simplicity and efficiency, but lacks state information for proper rule enforcement. [1998 Chow and Johnson]

Storing State Information  Storing State Information on Server File must be updated with each access.  Storing State Information on Client: Eliminates need to update file with every access. But, may affect clients ability to access other objects. And, difficult to propagate state information to other clients.  Author’s Conclusion: Use Server.

Part 2 Current Research

 A Software Architecture for Automatic Security Policy Enforcement in Distributed Systems [2007 Hamdi, Bouhoula, Mosbah]  Authors propose: Policy Specification Tool Enforcement and Verification Engine Automatically Generated Enforcement Mechanisms

Policy Programming Language  PPL is used to define the policies and rules that apply to an object or group of objects and the actions that should be taken when a constraint is matched.  Uses Backus–Naur Form (BNF) Syntax

Proposed System Architecture [2007 Hamdi, Bouhoula, and Mosbah]

Policy Enforcement  Portability - PPL is compiled into monitors and configurations for a specific system platform.  PPL compilation allows for the detection of policy conflicts.  All security checks and state management operations occur at entry and exit of policy enforcement point.

Part 3 Future Directions

Automated Security Testing? Security Policies can be very complex— Can a program/system be developed to either prove or disprove (find security holes) in a set of rules or policies of a given system.

References  Randy Chow and Theodore Johnson, Distributed Operating Systems & Algorithms, Addison Wesley Longman, Inc., Reading, MA,  H. Hamdi, A. Bouhoula, M. Mosbah, “A Software Architecture for Automatic Security Policy Enforcement in Distributed Systems”, SecureWare 2007, The International Conference on Emerging Security Information Systems and Technologies, October 14-20, 2007, pages

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.