ECE-8843 Prof. John A. Copeland 404 894-5177 fax 404 894-0035 Office: GCATT Bldg.

Slides:

Advertisements

Similar presentations

Trusted System Elements and Examples CS461/ECE422 Fall 2011.

Advertisements

Information Flow and Covert Channels November, 2006.

1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.

Lecture 8 Access Control (cont)

CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.

IT Security Evaluation By Sandeep Joshi

Computer Security: Principles and Practice Chapter 10 – Trusted Computing and Multilevel Security.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 10 – Trusted Computing.

Security Models and Architecture

Access Control Intro, DAC and MAC System Security.

Secure Operating Systems Lesson 0x11h: Systems Assurance.

—On War, Carl Von Clausewitz

Chapter 11 Firewalls.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

CS 483 – SD SECTION (8) AUTHORIZATION. INTRODUCTION The authorization (or access control) process is used to decide if person, program or device X is.

Chapter 10 Firewalls. Introduction seen evolution of information systems now everyone want to be on the Internet and to interconnect networks has persistent.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

Stephen S. Yau CSE , Fall Evaluating Systems for Functionality and Assurance.

Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.

Sicurezza Informatica Prof. Stefano Bistarelli

Information Systems Security Security Architecture Domain #5.

User Domain Policies.

Chapter 20 Firewalls.

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 20 October 28, 2004.

1 Confidentiality Policies September 21, 2006 Lecture 4 IS 2150 / TEL 2810 Introduction to Security.

1 IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 6 Oct 2-9, 2013 Security Policies Confidentiality Policies.

© G. Dhillon, IS Department Virginia Commonwealth University Principles of IS Security Formal Models.

1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.

Chapter 11 Firewalls.

Controlling Files Richard Newman based on Smith “Elementary Information Security”

1 Chapter 20: Firewalls Fourth Edition by William Stallings Lecture slides by Lawrie Brown(modified by Prof. M. Singhal, U of Kentucky)

Session 2 - Security Models and Architecture. 2 Overview Basic concepts The Models –Bell-LaPadula (BLP) –Biba –Clark-Wilson –Chinese Wall Systems Evaluation.

Security Architecture and Design Chapter 4 Part 3 Pages 357 to 377.

Security+ All-In-One Edition Chapter 19 – Privilege Management Brian E. Brzezicki.

Chapter 5 Network Security

Multics CysecLab Graduate School of Information Security KAIST.

Access Controls Henry Parks SSAC 2012 Presentation Outline Purpose of Access Controls Access Control Models –Mandatory –Nondiscretionary/Discretionary.

Security fundamentals Topic 2 Establishing and maintaining baseline security.

Chapter 5 – Designing Trusted Operating Systems

COEN 350: Network Security Authorization. Fundamental Mechanisms: Access Matrix Subjects Objects (Subjects can be objects, too.) Access Rights Example:

Computer Security: Principles and Practice

CS426Fall 2010/Lecture 211 Computer Security CS 426 Lecture 21 The Bell LaPadula Model.

Dr. Jeff Teo Class 4 July 2, Deliverables Lecture on Trusted Computing: Evolution and Direction Review of students’ blogs and assignments Summarize.

ECE Prof. John A. Copeland fax Offices: Klaus 3362.

Chapter 8: Principles of Security Models, Design, and Capabilities

CSCE 727 Awareness and Training Secure System Development and Monitoring.

Database Security. Introduction to Database Security Issues (1) Threats to databases Loss of integrity Loss of availability Loss of confidentiality To.

Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.

Cryptography and Network Security

Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 5: Security Architecture and Models.

22 feb What is Access Control? Access control is the heart of security Definitions: * The ability to allow only authorized users, programs or.

Lecture 2 Page 1 CS 236 Online Security Policies Security policies describe how a secure system should behave Policy says what should happen, not how you.

CS457 Introduction to Information Security Systems

Database System Implementation CSE 507

Securing Network Servers

Access Control Model SAM-5.

Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé

Computer Data Security & Privacy

or call for office visit,

Instructor Materials Chapter 5: The Art of Ensuring Integrity

Operating Systems Security

Instructor Materials Chapter 5: The Art of Ensuring Integrity

Guest Lecture in Acc 661 (Spring 2007) Instructor: Christopher Brown)

Computer Security Access Control

Instructor Materials Chapter 5: Ensuring Integrity

IS 2150 / TEL 2810 Information Security & Privacy

Presentation transcript:

ECE Prof. John A. Copeland fax Office: GCATT Bldg 579 or call for office visit, or call Kathy Cheek, Chapter 10b - Trusted Systems

2 Trusted Systems Subject: - an entity capable of accessing objects. Usually a process of an application being run by a user. Note that a secure user authentication procedure is essential (pass-phase, biometrics,...). Object: - anything to which access is controlled. This includes files, portions of files, programs, segments of memory, records and fields of records in a database. Access Right: - a way in which an object can be accessed by a subject, typically read, write, and execute. Access matrix, access control list (ACL), or capability list (ticket): ways of defining access rights.

3

4

5

6 Multilevel Security No Read Up (Simple Security Property): - a subject can only read an object of less or equal security level. No write down (*-Property): - a subject can only write to an object of greater or equal security level (can not lower the security classification of information by writing to an object with a lower security level). You can contribute information to a higher security level report, but can not read the report. Need to Know - a subject can only access data if he is cleared for that project or category (compartmentalized sensitive information). [not in book] Reference Monitor: - a way to enforce the rules above....* Top-Secret Secret Confidential Unclassified * so secret we can’t reveal the name.

7

8 Alice’s program has a Trojan Horse hidden inside.

9 When Bob runs Alice’s program, the Trojan writes info from Bob’s Secret file to Alice’s Confidential file (“write down”).

10 Alice’s Program has to access the Secret Program through the Reference Monitor, which upgrades the level of the process to Secret. Secret Clearance Confidential Clearance

11 The Security Monitor will not let the (now rated Secret) process write down to a lower level file.

The Computer Security Center within the National Security Agency has a Commercial Product Evaluation Program To be rated a “Trusted System” (at a certain level) and be eligible for government and DoD RFP’s, the computer must provide: Complete Mediation: Security rules are enforced on every access, not just when a file is opened. Isolation: The reference monitor and database are protected from unauthorized modification. Verifiability: The reference monitor’s correctness must be mathematically provable (that it can provide Complete Mediation and Isolation). 12

In January 1996, the United States, United Kingdom, Germany, France, Canada, and the Netherlands released a jointly developed evaluation standard for a multi- national marketplace. This standard is known as the "Common Criteria for Information Technology Security Evaluation" (CCITSE) usually referred to as the "Common Criteria" (CC). The Common Criteria can be used for the following purposes: (see table on next slide) Under the Common Criteria, each level of trust rating from the TCSEC can be specified as a Protection Profile (PP). A Protection Profile looks very similar to a level of trust rating but has two fundamental differences. First, where the TCSEC binds sets of features and assurances together, the Common Criteria allows Protection Profiles to combine features and assurances together in any combination. Also, the TCSEC specifies a fixed set of ratings (profiles), but the Common Criteria allows for consumers to write a customized set of requirements in a standard format. The TPEP office is currently developing Protection Profiles that map to the C2 rating referred to in the TCSEC and SBU Firewall Protection Profiles. Common Criteria evaluations are now in progress using the Firewall Protection Profiles. “Common Criteria” Security Specifications