Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Ravi Sandhu HRU and TAM Ravi Sandhu Laboratory for Information Security Technology George Mason University

Similar presentations


Presentation on theme: "© Ravi Sandhu HRU and TAM Ravi Sandhu Laboratory for Information Security Technology George Mason University"— Presentation transcript:

1 © Ravi Sandhu www.list.gmu.edu HRU and TAM Ravi Sandhu Laboratory for Information Security Technology George Mason University www.list.gmu.edu sandhu@gmu.edu

2 © 2004 Ravi Sandhu www.list.gmu.edu 2 The Access Matrix Model, Lampson 1971

3 © 2004 Ravi Sandhu www.list.gmu.edu 3 The HRU (Harrison-Ruzzo-Ullman) Model, 1976 Ur w V F G r

4 © 2004 Ravi Sandhu www.list.gmu.edu 4 The HRU (Harrison-Ruzzo-Ullman) Model, 1976 Ur w V F r w own G r

5 © 2004 Ravi Sandhu www.list.gmu.edu 5 The HRU (Harrison-Ruzzo-Ullman) Model, 1976 Ur w V F r w own G r r

6 © 2004 Ravi Sandhu www.list.gmu.edu 6 HRU Commands and Operations command α(X1, X2,..., Xk) if rl in (Xs1, Xo1) and r2 in (Xs2, Xo2) and ri in (Xsi, Xoi) then op1; op2; … opn end enter r into (Xs, Xo) delete r from (Xs, Xo) create subject Xs create object Xo destroy subject Xs destroy object Xo

7 © 2004 Ravi Sandhu www.list.gmu.edu 7 HRU Examples

8 © 2004 Ravi Sandhu www.list.gmu.edu 8 HRU Examples

9 © 2004 Ravi Sandhu www.list.gmu.edu 9 HRU Examples

10 © 2004 Ravi Sandhu www.list.gmu.edu 10 HRU Examples

11 © 2004 Ravi Sandhu www.list.gmu.edu 11 The Safety Problem Given initial state protection scheme (HRU commands) Can r appear in a cell that exists in the initial state and does not contain r in the initial state? More specific question might be: can r appear in a specific cell [s,o]

12 © 2004 Ravi Sandhu www.list.gmu.edu 12 The Safety Problem Initial state: r in (o,o) and nowhere else

13 © 2004 Ravi Sandhu www.list.gmu.edu 13 Safety is Undecidable in HRU

14 © 2004 Ravi Sandhu www.list.gmu.edu 14 TAM adds types to HRU

15 © 2004 Ravi Sandhu www.list.gmu.edu 15 TAM adds types to HRU

16 © 2004 Ravi Sandhu www.list.gmu.edu 16 TAM commands

17 © 2004 Ravi Sandhu www.list.gmu.edu 17 TAM primitive operations

18 © 2004 Ravi Sandhu www.list.gmu.edu 18 TAM operations: enter and delete

19 © 2004 Ravi Sandhu www.list.gmu.edu 19 TAM operations: create and destroy

20 © 2004 Ravi Sandhu www.list.gmu.edu 20 TAM operations: create and destroy

21 © 2004 Ravi Sandhu www.list.gmu.edu 21 The Safety Problem TAM has much stronger safety properties than HRU


Download ppt "© Ravi Sandhu HRU and TAM Ravi Sandhu Laboratory for Information Security Technology George Mason University"

Similar presentations


Ads by Google