Scribd
Upload
8 views27 pages

Access Control Principles in Computer Security

The document discusses access control in computer security, defining it as the prevention of unauthorized resource use. It outlines various access control policies such as Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role-based Access Control (RBAC), along with their principles and requirements. Additionally, it covers UNIX file access control mechanisms and introduces Identity, Credential, and Access Management (ICAM) as a comprehensive approach to managing digital identities and access control.

Uploaded by

rmoosh854310
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
8 views27 pages

Access Control Principles in Computer Security

The document discusses access control in computer security, defining it as the prevention of unauthorized resource use. It outlines various access control policies such as Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role-based Access Control (RBAC), along with their principles and requirements. Additionally, it covers UNIX file access control mechanisms and introduces Identity, Credential, and Access Management (ICAM) as a comprehensive approach to managing digital identities and access control.

Uploaded by

rmoosh854310
Copyright
© All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd

Computer Security:

Principles and Practice

Chapter 4: Access Control

CIT 460 - Computer and Information Security


Access Control
• “The prevention of unauthorized use of a resource,
including the prevention of use of a resource in an
unauthorized manner“
• Central element of computer security
• Assume have users and groups
Authenticated to the system
Assigned access rights to certain resources on the system

2
Access Control Principles

3
Access Control Policies

• Discretionary Access Control (DAC): based on the identity of


the requestor and access rules
• Mandatory Access Control (MAC): based on comparing
security labels with security clearances (mandatory: one with
access to a resource cannot pass to others)
• Role-based Access Control (RBAC): based on user roles
• Attribute-based Access Control: based on the attributes of the
user, the resources and the current environment

4
Access Control
Requirements
• Reliable input: a mechanism to authenticate
• Fine and coarse specifications: regulate access at varying levels
(e.g., an attribute or entire DB)
• Least privilege: minimum authorization to do its work
• Separation of duty: divide steps among different individuals
• Open and closed policies: accesses specifically authorized or all
accesses except those prohibited
• Administrative policies: who can add, delete, modify rules

5
Access Control Elements
• Subject: entity that can access objects
a process representing user/application
often have 3 classes: owner, group, world
• Object: access controlled resource
e.g., files, directories, records, programs, etc
number/type depends on the environment
• Access right: way in which subject accesses an object
e.g., read, write, execute, delete, create, search

6
Discretionary Access
Control
• Often provided using an access matrix
lists subjects in one dimension (rows)
lists objects in the other dimension (columns)
each entry specifies access rights of the specified subject to
that object
• Access matrix is often sparse
• Can decompose by either row or column

7
Access Control Structures

• Access control lists (decomposed by column)


• Capability tickets (decomposed by row)
• See page 119
• Also see alternative table representation on page 120
(tabular but not sparse)

8
An access matrix

9
Access matrix data
structures

10
Alternate
authorization
table

11
An Access Control Model

• Extend the universe of objects to include processes,


devices, memory locations, subjects

12
Access
Control
Function

13
Access control system
commands

14
Protection Domains: More
Useful
• Set of objects together with access rights to those objects
• More flexibility when associating capabilities with protection
domains
• In terms of the access matrix, a row defines a protection
domain
• User can spawn processes with a subset of the access rights of
the user
• Association between a process and a domain can be static or
dynamic
• In user mode certain areas of memory are protected from use
and certain instructions may not be executed
• In kernel mode privileged instructions may be executed in
protected areas of memory
15
UNIX File Concepts
• UNIX files administered using inodes (index nodes)
• An inode:
control structure with key info on file (attributes, permissions, …)
on a disk: an inode table for all files
when a file is opened, its inode is brought to RAM
• Directories form a hierarchical tree
may contain files or other directories
are a file of names and inode numbers

16
UNIX File Access
Control
• Unique user identification number (user ID)
• Member of a primary group identified by a
group ID
• 12 protection bits
• 9 bits specify read, write, and execute
permission for the owner of the file,
members of the group, and all other users
• 2 bits speficiy SetID, SetGID
• 1 is the sticky bit (only owner can remove,
delete, …, a directory)
• The owner ID, group ID, and protection bits
are part of the file’s inode
17
UNIX File Access Control
• “set user ID”(SetUID) or “set group ID”(SetGID)
System temporarily uses rights of the file owner/group in
addition to the real user’s rights when making access control
decisions
Enables privileged programs to access files/resources that not
generally accessible
• Sticky bit
on directory limits rename/move/delete to owner
• Super-user
is exempt from usual access control restrictions

18
UNIX Access Control
Lists
• Modern UNIX systems support ACLs
• Can specify any number of additional users/groups and associated
rwx permissions
• When access is required
Select most appropriate ACL
 owner, named users, owning/named groups, others
Check if user has sufficient permissions for access

19
UNIX Extended Access
Control List

20
Role-
Based
Access
Control
Access based on
role’, not identity

Many-to-many
elationship between
users and roles

Roles often static

21
Role-
Based
Access
Control

Role-users and
roles-object
access matrix

22
Example of
role
hierarchy

• Director has most privileges


• Each role inherits all privileges from lower roles
• A role can inherit from multiple roles
• Additional privileges can be assigned to a role

23
Identity, Credential, and
Access Management
(ICAM)
• A comprehensive approach to manage and implement
digital identities, credentials, and access control
• Developed by the U.S. government
• Designed to create trusted digital identity representations
of individuals and nonperson entities (NPEs)
• A credential is an object or data structure that
authoritatively binds an identity to a token possessed and
controlled by a subscriber
• Use the credentials to provide authorized access to an
agency’s resources

24
1. Connects digital identity
to individuals

ICAM

2. Data structures that


binds a token possessed
by a subscriber

4. Identity verification of
individuals from external
organizations
3. Management of how access
is granted to entities

25
Case study: RBAC system
for a bank

26
Summary
• Introduced access control principles
subjects, objects, access rights
• Discretionary access controls
access matrix, access control lists (ACLs), capability tickets
UNIX traditional and ACL mechanisms
• Role-based access control
• case study

27

You might also like