Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop."— Presentation transcript:

1 Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop

2 ORCON Problem: organization creating document wants to control its dissemination Example: Secretary of State writes a memo for distribution to her immediate subordinates, and she must give permission for it to be disseminated further. This is “originator controlled” (here, the “originator” is a person). Introduction to Computer Security ©2004 Matt Bishop

3 Requirements Subject s  S marks object o  O as ORCON on behalf of organization X. X allows o to be disclosed to subjects acting on behalf of organization Y with the following restrictions: 1. o cannot be released to subjects acting on behalf of other organizations without X’s permission; and 2. Any copies of o must have the same restrictions placed on it. Introduction to Computer Security ©2004 Matt Bishop

4 DAC Fails Owner can set any desired permissions This makes 2 unenforceable Introduction to Computer Security ©2004 Matt Bishop

5 MAC Fails Problem: abstraction MAC classification, categories centrally controlled, and access controlled by a centralized policy ORCON controlled locally Specific to an object (not system-wide) Specified by originator Introduction to Computer Security ©2004 Matt Bishop

6 Combine Them (MAC and DAC) The owner of an object cannot change the access controls of the object. When an object is copied, the access control restrictions of that source are copied and bound to the target of the copy. These are MAC (owner can’t control them) The creator (originator) can alter the access control restrictions on a per-subject and per-object basis. This is DAC (owner can control it) Introduction to Computer Security ©2004 Matt Bishop

7 Role-based Access Control (RBAC) Access depends on function, not identity Example: Allison, bookkeeper for Math Dept, has access to financial records. She leaves. Betty hired as the new bookkeeper, so she now has access to those records The role of “bookkeeper” dictates access, not the identity of the individual. Introduction to Computer Security ©2004 Matt Bishop

8 Definitions Role r: collection of job functions trans(r): set of authorized transactions for r Active role of subject s: role s is currently in actr(s) Authorized roles of a subject s: set of roles s is authorized to assume authr(s) canexec(s, t) is true iff subject s can execute transaction t at current time Introduction to Computer Security ©2004 Matt Bishop`1

9 Axioms Let S be the set of subjects and T the set of transactions. Rule of role assignment: (  s  S)(  t  T) [canexec(s, t)  actr(s) ≠  ]. If s can execute a transaction, it has a role This ties transactions to roles Rule of role authorization: (  s  S) [actr(s)  authr(s)]. Subject must be authorized to assume an active role (otherwise, any subject could assume any role) Introduction to Computer Security ©2004 Matt Bishop

10 Axiom Rule of transaction authorization: (  s  S)(  t  T) [canexec(s, t)  t  trans(actr(s))]. If a subject s can execute a transaction, then the transaction is an authorized one for the role s has assumed Introduction to Computer Security ©2004 Matt Bishop

11 Containment of Roles Trainer can do all transactions that trainee can do (and then some). This means role r contains role r (r > r). So: (  s  S)[r  authr(s)  r > r  r  authr(s) ] Introduction to Computer Security ©2004 Matt Bishop

12 Separation of Duty Let r be a role, and let s be a subject such that r  auth(s). Then the predicate meauth(r) (for mutually exclusive authorizations) is the set of roles that s cannot assume because of the separation of duty requirement. Separation of duty: (  r 1, r 2  R) [ r 2  meauth(r 1 )  [ (  s  S) [ r 1  authr(s)  r 2  authr(s) ] ] ] Introduction to Computer Security ©2004 Matt Bishop

13 Key Points Hybrid policies deal with both confidentiality and integrity Different combinations of these ORCON model neither MAC nor DAC Actually, a combination RBAC model controls access based on functionality Introduction to Computer Security ©2004 Matt Bishop

Download ppt "Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop."

Similar presentations

1 ISA 662 Information System Security Hybrid Policies Chapter 6 from Bishop ’ s book.

1 ISA 662 Information System Security Hybrid Policies Chapter 6 from Bishop ’ s book.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #7-1 Chapter 7: Hybrid Policies Overview Chinese Wall Model Clinical Information.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #7-1 Chapter 7: Hybrid Policies Overview Chinese Wall Model Clinical Information.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
RBAC and Usage Control System Security. Role Based Access Control Enterprises organise employees in different roles RBAC maps roles to access rights After.

RBAC and Usage Control System Security. Role Based Access Control Enterprises organise employees in different roles RBAC maps roles to access rights After.
Slide #5-1 Chapter 5: Confidentiality Policies Overview –What is a confidentiality model Bell-LaPadula Model –General idea –Informal description of rules.

Slide #5-1 Chapter 5: Confidentiality Policies Overview –What is a confidentiality model Bell-LaPadula Model –General idea –Informal description of rules.
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
1 Confidentiality Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 18, 2004.

1 Confidentiality Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 18, 2004.
Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.

Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.
Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.

Hybrid Policies Overview Chinese Wall Model Clinical Information Systems Security Policy ORCON RBAC Introduction to Computer Security ©2004 Matt Bishop.
Confidentiality Policies  Overview  What is a confidentiality model  Bell-LaPadula Model  General idea  Informal description of rules  Formal description.

Confidentiality Policies  Overview  What is a confidentiality model  Bell-LaPadula Model  General idea  Informal description of rules  Formal description.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.

Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
June 1, 2004Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #7-1 Chapter 7: Hybrid Policies Overview Chinese Wall Model Clinical Information.

June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #7-1 Chapter 7: Hybrid Policies Overview Chinese Wall Model Clinical Information.
Security Fall 2009McFadyen ACS-49021 How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.

Security Fall 2009McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
Security Fall 2006McFadyen ACS-49021 How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.

Security Fall 2006McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
1 Hybrid Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 23, 2004.

1 Hybrid Policies CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 23, 2004.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #4-1 Chapter 4: Security Policies Overview The nature of policies –What they.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #4-1 Chapter 4: Security Policies Overview The nature of policies –What they.
Computer Security Hybrid Policies

Computer Security Hybrid Policies
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #5-1 Chapter 5: Confidentiality Policies Overview –What is a confidentiality.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #5-1 Chapter 5: Confidentiality Policies Overview –What is a confidentiality.
Chapter 6: Integrity Policies Overview Requirements Biba’s models Clark-Wilson model Introduction to Computer Security ©2004 Matt Bishop.

Chapter 6: Integrity Policies Overview Requirements Biba’s models Clark-Wilson model Introduction to Computer Security ©2004 Matt Bishop.
Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.

Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.

Similar presentations

Ads by Google