Presentation is loading. Please wait.

Presentation is loading. Please wait.

FUNDAMENTAL CONCEPTS IN COMPUTER SECURITY

Published byRoland Thompson Modified over 6 years ago

Similar presentations

Presentation on theme: "FUNDAMENTAL CONCEPTS IN COMPUTER SECURITY"— Presentation transcript:

1 FUNDAMENTAL CONCEPTS IN COMPUTER SECURITY
Dr. Shamik Sural Dept. of computer science & engineering Iit kharagpur

2 Agenda Basic Terminology Access Control Models
Role-based Access Control New Access Control Techniques

3 Basic Terminology Confidentiality, Integrity, Availability
Which one is more important Authentication and Authorization How are they different Assurance How to decide which software to use Threats and Attacks Different types of malicious intent

4 Evolution of Access Control Models
DAC (1970) MAC RBAC (1995) ABAC (2010+)

5 Traditional Access Control Types
Discretionary Access Control Model (DAC) Access to a resource determined by the owner of the resource Mandatory Access Control Model (MAC) Establishes access control by defining clearance levels of resources as well the requestors Requestor cannot read a resource whose clearance level is greater than that of the requestor Role Based Access Control (RBAC) Many requestors grouped to form roles Roles are assigned permissions Access control based on the role of requestor

6 RBAC Model

7 RBAC Model – User to Role Assignment
Librarian Deputy Librarian Assistant Librarian (Acq.) Assistant Librarian (Circ.) Library Employee Member ABC 1 DEF GHI JKL MNO PQR STU VWX YZ

8 RBAC Model – Role to Permission Assignment
App. Purch. Order New Book Waive Fine Issue Book Return Calc. Fine Declare Lost Request New Journal Sub. Approve New Recruit. Hire Interns View Catalog Librarian 1 Deputy Librarian AL (Acq.) AL (Circ.) Lib. Employee Member

9 RBAC Model –Role Hierarchy
Librarian Deputy Librarian Assistant Librarian (Acquisition) Assistant Librarian (Circulation) Library Employee Member

10 RBAC Model – Effective Permission Assignment
User App. Purch. Order New Book Waive Fine Issue Book Return Calc. Fine Declare Lost Request New Journal Sub. Approve New Recruit. Hire Interns View Catalog ABC 1 DEF GHI JKL MNO PQR STU VWX YZ

11 RBAC Model for Library Software Development
Project Supervisor Role Software Engineer Role Hardware Engineer Role Project Member Role

12 Interesting Role Hierarchies
Software Engineer’S Project Supervisor Role Hardware Engineer’S Private Role Private Role Software Engineer Role Hardware Engineer Role Project Member Role

13 Introduction to ABAC A more general form of access control. Covers DAC, MAC and RBAC Policies formulated based on general attributes of subjects rather than their identity or role or clearance level, etc. Environment conditions taken into considerations Flexible in terms of policy formulation and attribute update More on this next time 

14 THANK YOU

Download ppt "FUNDAMENTAL CONCEPTS IN COMPUTER SECURITY"

Similar presentations

INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.

INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.
ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.

ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.
Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.

Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.
RBAC and HIPAA Security Uday O. Ali Pabrai, CHSS, SCNA Chief Executive, HIPAA Academy.

RBAC and HIPAA Security Uday O. Ali Pabrai, CHSS, SCNA Chief Executive, HIPAA Academy.
Access Control CS461/ECE422 Fall 2011. Reading Material Chapter 4 through section 4.5 Chapters 23 and 24 – For the access control aspects of Unix and.

Access Control CS461/ECE422 Fall Reading Material Chapter 4 through section 4.5 Chapters 23 and 24 – For the access control aspects of Unix and.
Operating System Security

Operating System Security
The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.

The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.
Jan. 2014Dr. Yangjun Chen ACS-49021 Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )

Jan. 2014Dr. Yangjun Chen ACS Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
Access Control Methodologies

Access Control Methodologies
Access Control & Digital Rights Management KAIST KSE Uichin Lee.

Access Control & Digital Rights Management KAIST KSE Uichin Lee.
Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.

Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.
Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.

Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.

Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 4: Access Control.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 4: Access Control.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.

Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

Similar presentations

Ads by Google