© 2004 Ravi Sandhu www.list.gmu.edu The Safety Problem in Access Control HRU Model Ravi Sandhu Laboratory for Information Security Technology George Mason.

Slides:



Advertisements
Similar presentations
TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Advertisements

You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…
Using Matrices in Real Life
Advanced Piloting Cruise Plot.
Cyber-Identity, Authority and Trust in an Uncertain World
© 2004 Ravi Sandhu The Schematic Protection Model (SPM) Ravi Sandhu Laboratory for Information Security Technology George Mason University.
1 Framework for Role-Based Delegation Models (RBDMs) By: Ezedin S.Barka and Ravi Sandhu Laboratory Of Information Security Technology George Mason University.
© 2004 Ravi Sandhu A Perspective on Graphs and Access Control Models Ravi Sandhu Laboratory for Information Security Technology George.
A Logic Specification for Usage Control Xinwen Zhang, Jaehong Park Francesco Parisi-Presicce, Ravi Sandhu George Mason University SACMAT 2004.
© Ravi Sandhu HRU and TAM Ravi Sandhu Laboratory for Information Security Technology George Mason University
© 2004 Ravi Sandhu The Typed Access Matrix Model (TAM) and Augmented TAM (ATAM) Ravi Sandhu Laboratory for Information Security Technology.
Safety in Access Control Take-Grant (best viewed in slide-show mode)
© Ravi Sandhu Security Issues in P2P Systems Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
© 2005 Ravi Sandhu Permissions and Inheritance (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
© 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
OM-AM and RBAC Ravi Sandhu * Laboratory for Information Security Technology (LIST) George Mason University.
Engineering Authority and Trust in Cyberspace: The OM-AM and RBAC Way Prof. Ravi Sandhu George Mason University
© 2005 Ravi Sandhu Access Control Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
Chapter 1 The Study of Body Function Image PowerPoint
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 5 Author: Julia Richards and R. Scott Hawley.
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.
My Alphabet Book abcdefghijklm nopqrstuvwxyz.
Multiplying binomials You will have 20 seconds to answer each of the following multiplication problems. If you get hung up, go to the next problem when.
0 - 0.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
ADDING INTEGERS 1. POS. + POS. = POS. 2. NEG. + NEG. = NEG. 3. POS. + NEG. OR NEG. + POS. SUBTRACT TAKE SIGN OF BIGGER ABSOLUTE VALUE.
SUBTRACTING INTEGERS 1. CHANGE THE SUBTRACTION SIGN TO ADDITION
MULT. INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Addition Facts
Year 6 mental test 5 second questions
ZMQS ZMQS
Richmond House, Liverpool (1) 26 th January 2004.
BT Wholesale October Creating your own telephone network WHOLESALE CALLS LINE ASSOCIATED.
Slide 1 Copyright © 2004 Glenna R. Shaw & FTC Publishing Background Courtesy of Awesome BackgroundsAwesome BackgroundsDeliberation!Deliberation!
ABC Technology Project
© S Haughton more than 3?
© Charles van Marrewijk, An Introduction to Geographical Economics Brakman, Garretsen, and Van Marrewijk.
VOORBLAD.
1 Breadth First Search s s Undiscovered Discovered Finished Queue: s Top of queue 2 1 Shortest path from s.
Twenty Questions Subject: Twenty Questions
Squares and Square Root WALK. Solve each problem REVIEW:
© 2012 National Heart Foundation of Australia. Slide 2.
Lets play bingo!!. Calculate: MEAN Calculate: MEDIAN
Chapter 5 Test Review Sections 5-1 through 5-4.
SIMOCODE-DP Software.
GG Consulting, LLC I-SUITE. Source: TEA SHARS Frequently asked questions 2.
Addition 1’s to 20.
25 seconds left…...
Test B, 100 Subtraction Facts
Week 1.
We will resume in: 25 Minutes.
©Brooks/Cole, 2001 Chapter 12 Derived Types-- Enumerated, Structure and Union.
Figure Essential Cell Biology (© Garland Science 2010)
Intracellular Compartments and Transport
1 Unit 1 Kinematics Chapter 1 Day
PSSA Preparation.
Essential Cell Biology
How Cells Obtain Energy from Food
Chapter 30 Induction and Inductance In this chapter we will study the following topics: -Faraday’s law of induction -Lenz’s rule -Electric field induced.
Slide #2-1 Access Control Matrix and Safety Results CS461/ECE422 Computer Security I, Fall 2009 Based on slides provided by Matt Bishop for use with Computer.
Presentation transcript:

© 2004 Ravi Sandhu The Safety Problem in Access Control HRU Model Ravi Sandhu Laboratory for Information Security Technology George Mason University

© 2004 Ravi Sandhu 2 The Access Matrix Model, Lampson 1971

© 2004 Ravi Sandhu 3 Access Control Models Authentication AuthorizationEnforcement who is trying to access a protected resource? who should be allowed to access which protected resources? who should be allowed to change the access? how does the system enforce the specified authorization Access Control ModelsAccess Control Architecture

© 2004 Ravi Sandhu 4 The OM-AM Way Objectives Models Architectures Mechanisms What? How? AssuranceAssurance

© 2004 Ravi Sandhu 5 The HRU (Harrison-Ruzzo-Ullman) Model, 1976 Ur w V F G r

© 2004 Ravi Sandhu 6 The HRU (Harrison-Ruzzo-Ullman) Model, 1976 Ur w V F r w own G r

© 2004 Ravi Sandhu 7 The HRU (Harrison-Ruzzo-Ullman) Model, 1976 Ur w V F r w own G r r

© 2004 Ravi Sandhu 8 HRU Commands and Operations command α(X1, X2,..., Xk) if rl in (Xs1, Xo1) and r2 in (Xs2, Xo2) and ri in (Xsi, Xoi) then op1; op2; … opn end enter r into (Xs, Xo) delete r from (Xs, Xo) create subject Xs create object Xo destroy subject Xs destroy object Xo

© 2004 Ravi Sandhu 9 HRU Examples

© 2004 Ravi Sandhu 10 HRU Examples

© 2004 Ravi Sandhu 11 HRU Examples

© 2004 Ravi Sandhu 12 HRU Examples

© 2004 Ravi Sandhu 13 The Safety Problem Given initial state protection scheme (HRU commands) Can r appear in a cell that exists in the initial state and does not contain r in the initial state? More specific question might be: can r appear in a specific cell [s,o]

© 2004 Ravi Sandhu 14 The Safety Problem Initial state: r in (o,o) and nowhere else

© 2004 Ravi Sandhu 15 Safety is Undecidable in HRU

© 2004 Ravi Sandhu 16 Safety is Undecidable in HRU

© 2004 Ravi Sandhu 17 Left Move

© 2004 Ravi Sandhu 18 Safety is Undecidable in HRU

© 2004 Ravi Sandhu 19 Right Move

© 2004 Ravi Sandhu 20 Right Move to New Cell

© 2004 Ravi Sandhu 21 Mono-operational systems Safety for mono-operational systems is NP-Complete

© 2004 Ravi Sandhu 22 Monotonic HRU command α(X1, X2,..., Xk) if rl in (Xs1, Xo1) and r2 in (Xs2, Xo2) and ri in (Xsi, Xoi) then op1; op2; … opn end enter r into (Xs, Xo) delete r from (Xs, Xo) create subject Xs create object Xo destroy subject Xs destroy object Xo

© 2004 Ravi Sandhu 23 Safety in HRU Undecidable in general HRU unable to find interesting decidable cases. Mono-operational: decidable but uninteresting and NP- complete Monotonic: undecidable Bi-conditional monotonic: undecidable Mono-conditional monotonic: decidable but uninteresting

© 2004 Ravi Sandhu 24 The Safety Problem in HRU HRU 1976: It would be nice if we could provide for protection systems an algorithm which decided safety for a wide class of systems, especially if it included all or most of the systems that people seriously contemplate. Unfortunately, our one result along these lines involves a class of systems called mono- operational, which are not terribly realistic. Our attempts to extend these results have not succeeded, and the problem of giving a decision algorithm for a class of protection systems as useful as the LR(k) class is to grammar theory appears very difficult. 2004: Considerable progress has been made but much remains to be done and practical application of known results is essentially non-existent. –Progress includes: Take-Grant Model (Jones, Lipton, Snyder, Denning, Bishop; late 79s early 80s), Schematic Protection Model (Sandhu, 80s), Typed Access Matrix Model (Sandhu, 1990s), Graph Transformations (Koch, Mancini, Parisi- Pressice 2000s)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.