Download Access Control - Integrated Computer Security - Lecture Slides and more Slides Computer Security in PDF only on Docsity!
Lecture 7
Access Control
Access Control
- ITU-T Recommendation X.800 definition:
- “The prevention of unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner.”
- RFC 2828 defines computer security as:
- “Measures that implement and assure security services in a computer system, particularly those that assure access control service”.
Access Control Policies
- dictates
- what types of access are permitted,
- under what circumstances,
- by whom. based on the identity of the requestor and on access rules
based on comparing security labels with clearances
based on the roles and their accesses
Access Control Requirements
- reliable input
- support for fine and coarse specifications
- least privilege
- separation of duty
- open and closed policies
- policy combinations and conflict resolution
- administrative policies
- dual control
Discretionary Access Control
- scheme in which an entity may enable
another entity to access some resource
- often provided using an access matrix
- one dimension consists of identified subjects that may attempt data access to the resources
- the other dimension lists the objects that may be accessed
- each entry in the matrix indicates the access rights of a particular subject for a particular object
Access Matrix
Authorization
Table
Extended Access Control Matrix
Access Control System Commands
UNIX File Access Control
- control structures with key information needed for a particular file
- several file names may be associated with a single inode
- an active inode is associated with exactly one file
- file attributes, permissions and control information are sorted in the inode
- on the disk there is an inode table, or inode list, that contains the inodes of all the files in the file system
- when a file is opened its inode is brought into main memory and stored in a memory resident inode table
UNIX files are administered using inodes (index nodes)
- may contain files and/or other directories
- contains file names plus pointers to associated inodes
directories are structured in a hierarchical tree
Traditional UNIX File Access Control
- “set user ID”(SetUID)
- “set group ID”(SetGID)
- system temporarily uses rights of the file owner / group in addition to the real user’s rights when making access control decisions
- enables privileged programs to access files / resources not generally accessible
Traditional UNIX File Access Control
- sticky bit
- when applied to a directory it specifies that only the owner of any file in the directory can rename, move, or delete that file
- superuser
- is exempt from usual access control restrictions
- has system-wide access
Access Control Lists (ACLs) in UNIX
- when a process requests access to a file
system object two steps are performed:
- step 1 : selects the most appropriate ACL
- owner, named users, owning / named groups, others
- step 2 : checks if the matching entry contains sufficient permissions