




























Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
The major points which are very useful in understanding the concept of the computer security are:Access Control Models, Accesses, Discretionary, Mandatory, Role-Based, Trojan Horse, Employee, Brown, Write, Shared Program
Typology: Slides
1 / 36
This page cannot be seen from the preview
Don't miss anything!





























CSCE 201 - Farkas 2
All accesses
Discretionary AC
Mandatory AC (^) Role-Based AC
CSCE 201 - Farkas 4
Employee
Black’s Employee
Brown: read, write
Brown Black, Brown: read, write
Black
Word Processor
TH Inserts Trojan Horse Into shared program
Uses shared program ReadsEmployee
Copies Employee To Black’s Employee
CSCE 201 - Farkas (^) Docsity.com 5
Objects: security classification
e.g., grades=(confidential, {student-info})
Subjects: security clearances
e.g., Joe=(confidential, {student-info})
Access rules: defined by comparing the security classification of the requested objects with the security clearance of the subject
e.g., subject can read object only if label(subject) dominates label(object)
Security Classes (labels): (A,C) A – total order authority level C – set of categories e.g., A = confidential > public , C = {student-info, dept-info}
(confidential,{ })
(confidential,{dept-info})
(confidential,{student-info,dept-info})
(confidential,{student-info})
(public,{student-info,dept-info}) (public,{,dept-info}) (public,{ })
(public,{student-info})
*-property : a subject s is allowed to write an object o only if the security label of o dominates the security label of s
No write down Applies to un-trusted subjects only
Employee
Black’s Employee
Brown: read, write
Brown^ Black, Brown: read, write
Black
Word Processor
TH Insert Trojan Horse Into shared program
Use shared program (^) Read Employee
Copy Employee To Black’s Employee
Secret
Public
Public^ Secret^ ≥^ Public
Secret
Reference Monitor
RBAC 3 consolidated model
RBAC (^1) role hierarchy
RBAC (^2) constraints
RBAC 0 base model