Authorization - Computer and Network Security - Lecture Slides, Slides of Computer Science

These are the Lecture Slides of Computer and Network Security which includes Authorization, Social Security Number, Trouble with Passwords, Cryptographic Keys, Dictionary Attack, Bad Passwords, Password Experiment, Random Characters etc. Key important points are: Authorization, Authentication, Form of Access Control, Access Control Lists, Capabilities, Actions of Authenticated Users, Lampson’s Access Control Matrix, Confused Deputy, Separation of Authority

Typology: Slides

2012/2013

Uploaded on 03/22/2013

dhimant
dhimant 🇮🇳

4.3

(8)

128 documents

1 / 31

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Part 2 Access Control 1
Authorization
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f

Partial preview of the text

Download Authorization - Computer and Network Security - Lecture Slides and more Slides Computer Science in PDF only on Docsity!

Part 2  Access Control 1

Authorization

Part 2  Access Control 2

Authentication vs

Authorization

 Authentication  Who goes there?

o Restrictions on who (or what) can access system

Authorization  Are you allowed to do that?

o Restrictions on actions of authenticated users

 Authorization is a form of access control

 Authorization enforced by

o Access Control Lists o Capabilities

Part 2  Access Control 4

Are You Allowed to Do That?

Access control matrix has all relevant info

 But how to manage a large access control (AC) matrix?

 Could be 1000’s of users, 1000’s of resources

 Then AC matrix with 1,000,000’s of entries

 Need to check this matrix before access to any resource is allowed

 Hopelessly inefficient

Part 2  Access Control 5

Access Control Lists (ACLs)

 ACL: store access control matrix by column  Example: ACL for insurance data is in blue

rx rx r --- ---

rx rx r rw rw

rwx rwx r rw rw

rx rx rw rw rw

OS

Accounting program

Accounting data

Insurance data

Payroll data

Bob

Alice

Sam

Accounting program

Part 2  Access Control 7

ACLs vs Capabilities

Access Control List Capability

 Note that arrows point in opposite directions!  With ACLs, still need to associate users to filess

file

file

file

file

file

file

r

Alice r

Bob

Fred

w r


rw r r

Alice

Bob

Fred

r w rw


r r r


r

Part 2  Access Control 8

Confused Deputy

 Two resources

o Compiler and BILL file (billing info)

 Compiler can write file BILL

 Alice can invoke compiler with a debug filename

 Alice not allowed to write to BILL

 Access control matrix

x ---

rx rw

Compiler (^) BILL

Alice

Compiler

Part 2  Access Control 10

Confused Deputy

 Compiler acting for Alice is confused

 There has been a separation of authority from the purpose for which it is used

 With ACLs, difficult to avoid this problem

 With Capabilities, easier to prevent problem o Must maintain association between authority and intended purpose o Capabilities make it easy to delegate authority

Part 2  Access Control 11

ACLs vs Capabilities

 ACLs o Good when users manage their own files o Protection is data-oriented o Easy to change rights to a resource  Capabilities o Easy to delegate o Easy to add/delete users o Easier to avoid the confused deputy o More difficult to implement o The “Zen of information security”  Capabilities loved by academics o Capability Myths Demolished

Part 2  Access Control 13

Classifications and Clearances

 Classifications apply to objects

 Clearances apply to subjects

 US Department of Defense uses 4

levels of classifications/clearances

TOP SECRET

SECRET

CONFIDENTIAL

UNCLASSIFIED

Part 2  Access Control 14

Clearances and Classification

 To obtain a SECRET clearance requires a routine background check

 A TOP SECRET clearance requires extensive background check

 Practical classification problems

o Proper classification not always clear o Level of granularity to apply classifications o Aggregation  flipside of granularity

Part 2  Access Control 16

Multilevel Security (MLS)

 MLS needed when subjects/objects at different levels use same system

 MLS is a form of Access Control

 Military/government interest in MLS for many decades o Lots of funded research into MLS o Strengths and weaknesses of MLS relatively well understood (theoretical and practical) o Many possible uses of MLS outside military

Part 2  Access Control 17

MLS Applications

 Classified government/military information

Business example: info restricted to

o Senior management only o All management o Everyone in company o General public

 Network firewall

o Keep intruders at low level to limit damage

 Confidential medical info, databases, etc.

Part 2  Access Control 19

Bell-LaPadula

 BLP security model designed to express essential requirements for MLS

 BLP deals with confidentiality

o To prevent unauthorized reading

 Recall that O is an object, S a subject

o Object O has a classification o Subject S has a clearance o Security level denoted L(O) and L(S)

Part 2  Access Control 20

Bell-LaPadula

 BLP consists of

Simple Security Condition : S can read O if and only if L(O)  L(S) *-Property ( Star Property ): S can write O if and only if L(S)  L(O)

 No read up, no write down