CSCE 201 Introduction to Information Security Fall 2010 Access Control Models.

Slides:



Advertisements
Similar presentations
RBAC Role-Based Access Control
Advertisements

INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.
ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.
ENGINEERING AUTHORITY AND TRUST IN CYBERSPACE: A ROLE-BASED APPROACH Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
ROLE-BASED ACCESS CONTROL: A MULTI-DIMENSIONAL VIEW Ravi Sandhu, Edward Coyne, Hal Feinstein and Charles Youman Seta Corporation McLean, VA Ravi Sandhu.
A THREE TIER ARCHITECTURE FOR ROLE-BASED ACCESS CONTROL Ravi Sandhu and Hal Feinstein Seta Corporation McLean, VA Ongoing NIST-funded project Other Project.
Role-Based Access Control CS461/ECE422 Fall 2011.
The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.
Access Control Chapter 3 Part 3 Pages 209 to 227.
Vinay Kumar Madhadi 10/28/2009 CSC Outline  Part 1 : Mandatory Flow Control Models? MAC vs. DAC Information Flow Control  Part 2 : Different Models-Lattice.
1 Access Control Models Prof. Ravi Sandhu Executive Director and Endowed Chair January 25, 2013 & February 1, 2013
Access Control RBAC Database Activity Monitoring.
Access Control Methodologies
Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies (2000) Author: Sylvia Osborn, Ravi Sandhu,Qamar Munawer.
Some slides were taken from Database Access Control Tutorial, Lars Olson, UIUC CS463, Computer Security.
Access Control Patterns Fatemeh Imani Mehr Amirkabir university of technology, Department of Computer Engineering & Information Technology.
Database Security - Farkas 1 Database Security and Privacy.
Access Control Intro, DAC and MAC System Security.
Role Based Access Control Venkata Marella. Access Control System Access control is the ability to permit or deny the use of a particular resource by a.
Security Fall 2009McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
Security Fall 2006McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 4: Access Control.
User Domain Policies.
Role Based Access control By Ganesh Godavari. Outline of the talk Motivation Terms and Definitions Current Access Control Mechanism Role Based Access.
Fall 2010/Lecture 301 CS 426 (Fall 2010) Role Based Access Control.
Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
Li Xiong CS573 Data Privacy and Security Access Control.
CSCE 548 Secure Software Development Security Use Cases.
© G. Dhillon, IS Department Virginia Commonwealth University Principles of IS Security Formal Models.
CatBAC: A Generic Framework for Designing and Validating Hybrid Access Control Models Bernard Stepien, University of Ottawa Hemanth Khambhammettu Kamel.
Role-Based Access Control Richard Newman (c) 2012 R. Newman.
1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.
Session 2 - Security Models and Architecture. 2 Overview Basic concepts The Models –Bell-LaPadula (BLP) –Biba –Clark-Wilson –Chinese Wall Systems Evaluation.
Security+ All-In-One Edition Chapter 19 – Privilege Management Brian E. Brzezicki.
CSCE 201 Introduction to Information Security Fall 2010 Access Control.
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
Lattice-Based Access Control Models Ravi S. Sandhu Colorado State University CS 681 Spring 2005 John Tesch.
Li Xiong CS573 Data Privacy and Security Access Control.
Access Control. What is Access Control? The ability to allow only authorized users, programs or processes system or resource access The ability to disallow.
Access Control MAC. CSCE Farkas 2 Lecture 17 Reading assignments Required for access control classes:  Ravi Sandhu and P. Samarati, Access Control:
Policy, Models, and Trust
ROLE BASED ACCESS CONTROL 1 Group 4 : Lê Qu ố c Thanh Tr ầ n Vi ệ t Tu ấ n Anh.
COEN 350: Network Security Authorization. Fundamental Mechanisms: Access Matrix Subjects Objects (Subjects can be objects, too.) Access Rights Example:
Database Security Chapter Terms Security – all the processes and mechanisms by which computer-based equipment, information and services are.
Privilege Management Chapter 22.
What is Access Control? Discretionary Access Control (DAC)
Computer Security: Principles and Practice
Access Control.
Security Overview. Security Objectives Confidentiality: prevent/detect/deter improper disclosure of information Integrity: prevent/detect/deter improper.
Context Aware RBAC Model For Wearable Devices And NoSQL Databases Amit Bansal Siddharth Pathak Vijendra Rana Vishal Shah Guided By: Dr. Csilla Farkas Associate.
Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
22 feb What is Access Control? Access control is the heart of security Definitions: * The ability to allow only authorized users, programs or.
1 Role-Based Access Control (RBAC) Prof. Ravi Sandhu Executive Director and Endowed Chair January 29, © Ravi.
Chapter 5 : DataBase Security Lecture #1-Week 8 Dr.Khalid Dr. Mohannad Information Security CIT460 Information Security Dr.Khalid Dr. Mohannad 1.
CSCE 522 Access Control.
Access Control Model SAM-5.
Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé
Role-Based Access Control (RBAC)
Access Control Role-based models RBAC
Role-Based Access Control (RBAC)
Role-Based Access Control Richard Newman (c) 2012 R. Newman
OS Access Control Mauricio Sifontes.
Access Control.
Role Based Access Control
Role-Based Access Control George Mason University and
Access Control What’s New?
Presentation transcript:

CSCE 201 Introduction to Information Security Fall 2010 Access Control Models

CSCE Farkas2 Reading assignments Required: – An Introduction to Computer Security: The NIST Handbook, : Chapter 17, LOGICAL ACCESS CONTROL, pages – Microsoft support, Use access control to restrict who can use your files, 2001, 2005, ol.mspx ol.mspx Recommended: – Sudhakar Govindavajhala and Andrew W. Appel, Windows Access Control Demystied, 2006, – Ravi Sandhu, Edward Coyne, Hal Feinstein and Charles Youman, Role- Based Access Control Models, IEEE Computer, Volume 29, Number 2, February

CSCE Farkas3 3 Access Control Models All accesses Discretionary AC Mandatory AC Role-Based AC

CSCE Farkas4 4 DAC and Trojan Horse Employee Black’s Employee Brown: read, write Black, Brown: read, write Brown Black Read Employee REJECTED! Black is not allowed To access Employee

CSCE Farkas5 5 DAC and Trojan Horse Employee Black’s Employee Brown: read, write Black, Brown: read, write Brown Black Word Processor TH Inserts Trojan Horse Into shared program Uses shared program Reads Employee Copies Employee To Black’s Employee

CSCE Farkas6 6 DAC Overview Advantages: – Intuitive – Easy to implement Disadvantages: – Inherent vulnerability (look TH example) – Maintenance of ACL or Capability lists – Maintenance of Grant/Revoke – Limited power of negative authorization

Mandatory Access Control ( Mandatory Access Control (review only)

CSCE Farkas8 Mandatory Access Control Objects: security classification e.g., grades=(confidential, {student-info}) Subjects: security clearances e.g., Joe=(confidential, {student-info}) Access rules: defined by comparing the security classification of the requested objects with the security clearance of the subject e.g., subject can read object only if label(subject) dominates label(object)

CSCE Farkas9 Mandatory Access Control Security Classes (labels): (A,C) A – total order authority level C – set of categories e.g.,A = confidential > public, C = {student-info, dept-info} (confidential,{ }) (confidential,{dept-info}) (confidential,{student-info,dept-info}) (confidential,{student-info}) (public,{student-info,dept-info}) (public,{,dept-info}) (public,{ }) (public,{student-info})

CSCE Farkas10 Mandatory Access Control Dominance (  ): label l=(A,C) dominates l’=(A’,C’) iff A  A’ and C  C’ e.g., (confidential,{student-info})  (public,{student-info}) BUT (confidential, {student-info})  (public,{student-info, department-info})

CSCE Farkas11 Bell- LaPadula (BLP) Model Confidentiality protection Lattice-based access control – Subjects – Objects – Security labels Supports decentralized administration

CSCE Farkas12 BLP Reference Monitor All accesses are controlled by the reference monitor Cannot be bypassed Access is allowed iff the resulting system state satisfies all security properties Trusted subjects: subjects trusted not to compromise security

CSCE Farkas13 BLP Axioms 1. Simple-security property: a subject s is allowed to read an object o only if the security label of s dominates the security label of o – No read up – Applies to all subjects

CSCE Farkas14 *-property: a subject s is allowed to write an object o only if the security label of o dominates the security label of s No write down Applies to un-trusted subjects only BLP Axioms 2.

CSCE Farkas15 Trojan Horse and BLP Employee Black’s Employee Brown: read, write Black, Brown: read, write Brown Black Word Processor TH Insert Trojan Horse Into shared program Use shared program Read Employee Copy Employee To Black’s Employee Secret Public Secret  Public Public Secret Reference Monitor

Role-Based Access Control (RBAC)

CSCE Farkas17 RBAC Motivation Multi-user systems Multi-application systems Permissions are associated with roles Role-permission assignments are persistent v.s. user-permission assignments Intuitive: competency, authority and responsibility

CSCE Farkas18 Motivation Express organizational policies – Separation of duties – Delegation of authority Flexible: easy to modify to meet new security requirements Supports – Least-privilege – Separation of duties – Data abstraction

CSCE Farkas19 RBAC Allows to express security requirements but CANNOT ENFORCE THESE PRINCIPLES e.g., RBAC can be configured to enforce BLP rules but its correctness depend on the configuration done by the system security officer.

CSCE Farkas20 Roles User group: collection of user with possibly different permissions Role: mediator between collection of users and collection of permissions RBAC independent from DAC and MAC (they may coexist) RBAC is policy neutral: configuration of RBAC determines the policy to be enforced

CSCE Farkas21 RBAC RBAC 3 consolidated model RBAC 1 role hierarchy RBAC 2 constraints RBAC 0 base model

CSCE Farkas22 RBAC U Users R Roles P Permissions. S Sessions User assignment Permission assignment

CSCE Farkas23 RBAC0 User: human beings Role: job function (title) Permission: approval of a mode of access – Always positive – Abstract representation – Can apply to single object or to many

CSCE Farkas24 RBAC 0 UA: user assignments – Many-to-many PA: Permission assignment – Many-to-many Session: mapping of a user to possibly may roles – Multiple roles can be activated simultaneously – Permissions: union of permissions from all roles – Each session is associated with a single user – User may have multiple sessions at the same time

CSCE Farkas25 RBAC 0 Permissions apply to data and resource objects only Permissions do NOT apply to RBAC components Administrative permissions: modify U,R,S,P Session: under the control of user to – Activate any subset of permitted roles – Change roles within a session

RBAC1, 2, and 3 review only

CSCE Farkas27 RBAC U Users R Roles P Permissions. S Sessions User assignment Permission assignment Role Hierarchy

CSCE Farkas28 RBAC 1 Structuring roles Inheritance of permission from junior role (bottom) to senior role (top) Partial order – Reflexive – Transitive – Anti-symmetric

CSCE Farkas29 RBAC 1 Role Hierarchy Primary-care Physician Specialist Physician Health-care provider Inheritance of privileges

CSCE Farkas30 RBAC 1 Limit scope of inheritance Project Supervisor Test Engineer Programmer Project Member Test Engineer’ Test Engineer Programmer Programmer’ Project Member Project Supervisor Private Roles

CSCE Farkas31 RBAC 2 – Constraints Enforces high-level organizational policies Management of decentralized security Constraints define “acceptable” and “not acceptable” accesses

CSCE Farkas32 RBAC 2 – Components Same as RBAC 0 + Constraints

CSCE Farkas33 RBAC U Users R Roles P Permissions. S Sessions User assignment Permission assignment Constraints

CSCE Farkas34 RBAC 2 Mutually exclusive roles Dual constraint of permission assignments (permission assigned to at most one mutually exclusive role) Cardinality constraints (e.g., # of roles an individual can belong) Prerequisite roles

CSCE Farkas35 RBAC 2 Constraints can apply to sessions, user and roles functions

CSCE Farkas36 RBAC U Users R Roles P Permissions. S Sessions User assignment Permission assignment Constraints

CSCE Farkas37 Next Class Windows XP access control

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.