Bca notes for cybersecurity and network security, Lecture notes of Computer Systems Networking and Telecommunications

It contain all Cybersecurity notes and notes related to network security.

Typology: Lecture notes

2018/2019

Uploaded on 01/25/2019

xvishaldongre
xvishaldongre 🇮🇳

5

(1)

1 document

1 / 7

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Foundations of Computer Security
Lecture 25: The Chinese Wall Policy
Dr. Bill Young
Department of Computer Sciences
University of Texas at Austin
Lecture 25: 1 The Chinese Wall Policy
pf3
pf4
pf5

Partial preview of the text

Download Bca notes for cybersecurity and network security and more Lecture notes Computer Systems Networking and Telecommunications in PDF only on Docsity!

Foundations of Computer Security

Lecture 25: The Chinese Wall Policy

Dr. Bill Young

Department of Computer Sciences

University of Texas at Austin

Lecture 25: 1

The Chinese Wall Policy

The Problem

The policies so far have been general. Let’s consider a policy for avery specific commercial concern:

the potential for conflicts of

interest and inadvertant disclosure of information by a consultantor contractor. Example:

A lawyer specializes in product liability and consults for

American Airlines. It could be a breach of confidentiality for her toconsult also for United Airlines.

Why?

A simultaneous contract

with McDonalds would not be a conflict.

Lecture 25: 2

The Chinese Wall Policy

Levels of Abstraction

The security policy builds on three levels of abstraction.

Objects

such as files. Objects contain information about onlyone company.

Company groups

collect all objects concerning a particular company.

Conflict classes

cluster the groups of objects for competing companies.

For example, consider the following conflict classes:

{^

Ford, Chrysler, GM

{^

Bank of America, Wells Fargo, Citicorp

{^

Microsoft

Lecture 25: 4

The Chinese Wall Policy

Chinese Wall Policy

We have a simple access control policy: A subject may accessinformation from any company as long as that subject has neveraccessed information from a different company in the same conflictclass. For example, if you access a file from GM, you subsequently will beblocked from accessing any files from Ford or Chrysler. You arefree to access files from companies in any other conflict class.Notice that permissions change dynamically. The access rightsthat any subject enjoys

depends on the history of past accesses

Lecture 25: 5

The Chinese Wall Policy

Lessons

Unlike previous policies, Brewer and Nash’s Chinese WallPolicy is designed to address a very specific concern: conflictsof interest by a consultant or contractor. This illustrates that security policies can be crafted to solvevery specialized problems. The Chinese Wall is an access control policy in which accessesare sensitive to the history of past accesses.

Next lecture:

Role-Based Access Control

Lecture 25: 7

The Chinese Wall Policy