access control
play

Access Control Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - - PowerPoint PPT Presentation

Apr 03, 2023 •415 likes •784 views

Access Control Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - COMP4631 - L17 1 Agenda of this Lecture The basic concepts of access control, ACLs, capabilities, etc. Two approaches to access control Further reading C. Ding -

  1. Access Control Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - COMP4631 - L17 1

  2. Agenda of this Lecture • The basic concepts of access control, ACLs, capabilities, etc. • Two approaches to access control • Further reading C. Ding - COMP4631 - L17 2

  3. An Example • I, the owner of the cding home directory, have total control over all files in all directories and subdirectories. private Public_html • Everyone else can read all files in “Public_html”, but should not do other operations on the files Question : How do I do in this subdirectory. the access controls? C. Ding - COMP4631 - L17 3

  4. Access Control • Computer security : it deals with the prevention and detection of unauthorized actions. • Computer systems control access to data and shared resources, like memory, printers, etc, primarily for reasons of integrity , not so much for confidentiality . • Access control is at the core of computer security. C. Ding - COMP4631 - L17 4

  5. Subjects and Objects • Terminology for access control: à subject: active entity --- user or process à object: passive entity --- file or resource à access operation: read, write, ... • Subjects and objects provide a different focus of control (first design principle) à What is the subject allowed to do? (1st approach) à What may be done with an object? (2nd approach) C. Ding - COMP4631 - L17 5

  6. The Two Approaches in Practice • Traditionally, multi-user operating systems manage files and resources, i.e. objects. • Access control takes the 2nd approach. • Application-oriented IT systems, like database management systems, offer services directed to the end user and may well control the actions of subjects. • Access control takes the 1st approach. C. Ding - COMP4631 - L17 6

  7. The Fundamental Model of Access Control Security Access reference Subject Object request monitor The security reference monitor will check the access control policy and will grant or reject the request. Real World Examples ? C. Ding - COMP4631 - L17 7

  8. Access Operations and Access Rights C. Ding - COMP4631 - L17 8

  9. Access Operations • Access operations: No uniform definition. They differ from system to system. • Examples: basic memory access, method calls in an object-oriented system. • We will look at a few typical sets of access operations. On the most elementary level, a subject may à observe an object or à alter an object . • Observe and Alter are called access modes . C. Ding - COMP4631 - L17 9

  10. Access Rights • Access rights of the Bell-LaPadula Access control model: • The four Bell LaPadula access rights: à execute à read à append, also called blind write à write • Mapping between access rights and access modes. execute append read write Observe X X Alter X X C. Ding - COMP4631 - L17 10

  11. Rationale • A user has to open a file to get access . Files can be opened for read access or for write access so that the O/S can avoid potential conflicts. • Write access usually includes read access . A user editing a file should not be asked to open it twice. Hence, the write right includes Observe and Alter mode. • Few systems actually implement append . altering an object without observing its content is rarely useful (exception: audit log). • A file can be used without being opened (read). Example: use of a cryptographic key. This motivates the execute right, which includes neither Observe nor Alter mode. C. Ding - COMP4631 - L17 11

  12. Unix • Access control • Applied to a directory , policies are expressed the access operations in terms of three take this meaning: operations: à read : list contents à read : read from a file à write : create or rename à write : write to a file files in the directory à execute : execute a à execute : search the directory file These operations differ from the Bell-LaPadula model. E.G., Unix write access does not imply read access. Creation and deletion of files are governed by access control to the directory. C. Ding - COMP4631 - L17 12

  13. Windows NT Access operations in the NTFS (New Technology File System) file system of Windows NT: à read à delete à write à change permission à execute à change ownership •We no longer rely on operations on directories to handle deletion of files or change of access rights. • Operations for modifying access rights are another ingredient you may want to use when setting security policies. C. Ding - COMP4631 - L17 13

  14. Basic Problems in Access Control • Who should be in charge of defining access control policies in your security system? • How to express and capture your security policies with a data structure correctly? • How to store your access control policies in your security system? • How to retrieve security policies? • How to make your access control system very efficient? C. Ding - COMP4631 - L17 14

  15. Ownership for Manipulating Access Rights C. Ding - COMP4631 - L17 15

  16. Ownership (1) • Security policies specify how subjects are allowed to access objects . • Who is in charge of setting the policy? – The owner of a resource decrees who is allowed to have access. Such a policy may be called discretionary as access control is at the owner’s discretion. – A system wide policy decrees who is allowed to have access. Such a policy may be called mandatory. C. Ding - COMP4631 - L17 16

  17. Ownership (2) • Most operating systems support the concept of ownership of a resource and consider ownership when making access control decisions. • Operations for manipulating access rights are grant and revoke. C. Ding - COMP4631 - L17 17

  18. How to Capture and Implement Access Control Policies • Access decision is based on a set of access control policies • What data structure should be used to express the set of policies? • How to make an access decision as quickly as possible? C. Ding - COMP4631 - L17 18

  19. Access Control Structures • Several options for defining access control : – The access control structure should allow you to express the access control policy you want to enforce. – You should be able to check that your policy has been captured correctly. • Access rights can be defined individually for each combination of subject and object. • For large numbers of subjects and objects, such structures are cumbersome to manage. Intermediate levels of control are preferable. C. Ding - COMP4631 - L17 19

  20. Access Control Matrix • Notation: – S … set of subjects – O … set of objects – A … set of access operations • Access control matrix : M = (M so ) s Î S,o Î O , M so Í A. • The entry M so specifies the operations subject s may perform on object o . bill.doc edit.exe fun.com Alice - {exec} {exec,read} Bob {read,write} {exec} {exec,read,write} C. Ding - COMP4631 - L17 20

  21. Access Control Matrix ctd. • The access control matrix is – an abstract concept – not very suitable for direct implementation – not very convenient for managing security C. Ding - COMP4631 - L17 21

  22. Capabilities • Focus on the subject – access rights are stored with the subject – capabilities º rows of the access control matrix Alice edit.exe: {exec} fun.com: {exec,read} • Subjects may grant rights to other subjects. Subjects may grant the right to grant rights. • Problems: – How to check who may access a specific object? – How to revoke a capability? • Distributed system security has created renewed interest in capabilities. C. Ding - COMP4631 - L17 22

  23. Access Control with Capability in HKUST Room 001 Computer 111 Printer 1234 …………… TV 999 Yes No Yes ………. No Capability for Cunsheng Ding in HKUST C. Ding - COMP4631 - L17 23

  24. Access Control Lists (ACLs) • Focus on the object – access rights are stored with the object – ACLs º columns of the access control matrix fun.com Alice: {exec} Bill: {exec,read,write} • Access rights are defined for groups of users. – Unix: owner, group, others • Problem: How to check access rights of a specific subject? • ACLs are typical for certain secure operating systems. C. Ding - COMP4631 - L17 24

  25. Access Control with ACL in HKUST Cunsheng Ding Yes John Wong No Paul Wu Yes ………. ……. Alice Fu No ACL for Color Printer 111111 C. Ding - COMP4631 - L17 25

  26. How to Make Access Control Efficiently? C. Ding - COMP4631 - L17 26

  27. Intermediate Controls - Groups • Groups are an intermediate layer between users & objects. users groups objects • To deal with special cases, negative permissions withdraw rights users groups objects C. Ding - COMP4631 - L17 27

  28. Partial orderings • A partial ordering £ (`less or equal’) on a set L is relation on L (i.e., subset of L x L ) that is – reflexive: for all a Î L , a £ a – transitive: for all a,b,c Î L , if a £ b and b £ c , then a £ c – antisymmetric: for all a,b Î L , if a £ b and b £ a , then a=b • An example for a partial ordering is the subset relation Í on a power set P(C). • REMARK: A partial order may be used to define an access control policy. C. Ding - COMP4631 - L17 28

Recommend

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects : system resources for which protection is

577 views • 21 slides
Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views • 47 slides
Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control? How Is Access Determined? Who Determines Access? Forms of Access Control SELinux Booleans iptables File Access Control Lists Apache Access Control

711 views • 36 slides
1 General Access Control General Access Control Control of access to memory relatively easy:

1 General Access Control General Access Control Control of access to memory relatively easy:

Role of Access Control Before closing back doors we need to close front doors Access control: determines access to files & processes in OS Fall 2008 We will return to these themes throughout the course Fall 2008 CS

512 views • 6 slides
SYSTEM DIAGRAMS Door Entry & Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry & Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry & Access Control ACCESS CONTROL ACCESS CONTROL Allowing residents / staff access to site areas Main entrance Vehicle entrances Pedestrian entrances Gate / Barrier entrance Bin / Bike / Refuge

336 views • 14 slides
Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs Access Control Administration Accountability Chapter 2 Access Control Models Identification and Authentication Methods Lecturer:

708 views • 9 slides
Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control Introduction to Computer Security Access control, contd Announcements intermission Stephen McCamant Capability-based access control University

380 views • 7 slides
D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient access control and authentication checks Insecure access control methods Private, internal functions and data are accessible through a

547 views • 11 slides
Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a

Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a

Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP NETWORKED ACCESS CONTROL Smart.Net-IP is a simple, modular approach to networked access control with scalability in mind. Easy management from a central location PC from anywhere with an

196 views • 9 slides
Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of achieving confiden5ality and integrity) Who can access What Objects : Subjects : Files/ Programs/ Sockets/ User/ process/ applica5on Hardware/

985 views • 46 slides
Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer

Outline Basics of access control Unix-style access control CSci 5271 Introduction to Computer Security Announcements intermission Day 10: OS security: access control Multilevel and mandatory access control Stephen McCamant University of

324 views • 10 slides
Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of

Access Control Chester Rebeiro Indian Institute of Technology Madras Access Control (the tao of achieving confidentiality and integrity) Who can access What Objects : Subjects : Files/ Programs/ Sockets/ User/ process/ application

1.31k views • 50 slides
Access Control Mechanisms Week 6 1 CEN-5079: 7.March.2019 Why Access Control Following

Access Control Mechanisms Week 6 1 CEN-5079: 7.March.2019 Why Access Control Following

Access Control Mechanisms Week 6 1 CEN-5079: 7.March.2019 Why Access Control Following authentication, we need to decide what the subject can access 1 Read F 1 OK 2 Bob Write to F Alice 2 F NO ! 3 Execute G G 3 OK

596 views • 56 slides
Insecure Direct Object Reference IDOR ( Broken Access Control ) IDOR ( Broken Access Control ) ~#

Insecure Direct Object Reference IDOR ( Broken Access Control ) IDOR ( Broken Access Control ) ~#

Insecure Direct Object Reference IDOR ( Broken Access Control ) IDOR ( Broken Access Control ) ~# whoami Eric Biako Bsc. IT, CEH v9 Information security officer @ E-connecta Moderator @ https://legalhackmen.com IDOR ( Broken Access Control )

517 views • 12 slides
Access Control SecAppDev 2016 Maarten Decat maarten.decat@kuleuven.be @maartendecat What is

Access Control SecAppDev 2016 Maarten Decat maarten.decat@kuleuven.be @maartendecat What is

Access Control SecAppDev 2016 Maarten Decat maarten.decat@kuleuven.be @maartendecat What is access control? Access control is the part of security that constrains the actions that are performed in a system based on access control rules .

1.4k views • 113 slides
1 Types of Power-Saving MACs The Sensor MAC (S-MAC) Three distinct classes of power-saving

1 Types of Power-Saving MACs The Sensor MAC (S-MAC) Three distinct classes of power-saving

What Is Media Access Control? Media Access Control (MAC) determines who gets access to the shared medium, and when Media Access Control In wired settings, usually just tries to avoid Greg Hackmann contention In wireless settings, can

399 views • 7 slides
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control Fundamentals Objectives Define Access Controls List the four Access Control Models Describe logical Access Control Methods Explain the

128 views • 8 slides
DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios

DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios

DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios Kokoris-Kogias, Prof. Bryan Ford 1 Motivation Access Control: Management of access to a resource Simple access control Static binding

494 views • 24 slides
Security (2) Summer 2016 Cornell University 1 Today Access control DAC MAC 2

Security (2) Summer 2016 Cornell University 1 Today Access control DAC MAC 2

CS 4410 Operating Systems Security (2) Summer 2016 Cornell University 1 Today Access control DAC MAC 2 Access control Confidentiality and integrity are often enforced using access control. Predefined operations are the

649 views • 17 slides
Overview Access control lists Capability lists Locks and keys Rings-based

Overview Access control lists Capability lists Locks and keys Rings-based

Overview Access control lists Capability lists Locks and keys Rings-based access control Propagated access control lists May 31, 2005 ECS 235, Computer and Information Slide #1 Security Access Control Lists Columns

1.24k views • 80 slides
Access Control for Smart Objects Access Control for Smart Objects Jan Janak, Hyunwoo Nam, Henning

Access Control for Smart Objects Access Control for Smart Objects Jan Janak, Hyunwoo Nam, Henning

IAB Workshop on Smart Object Security Paris, March 2012 Access Control for Smart Objects Access Control for Smart Objects Jan Janak, Hyunwoo Nam, Henning Schulzrinne I R T Columbia University Internet Real-Time Laboratory This work is

57 views • 5 slides
Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System

Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System

Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System Evaluation Criteria (TCSEC) Background MAC Mandatory Access Control Firm security levels DAC Discretionary Access Control Access

240 views • 6 slides
Access Control Origin Usage Control (UCON) Since the advent of timesharing system The

Access Control Origin Usage Control (UCON) Since the advent of timesharing system The

Access Control Origin Usage Control (UCON) Since the advent of timesharing system The main goal is to selectively determine who can access services, resources, and ISA 767, Secure Electronic Commerce digital contents and Xinwen

313 views • 10 slides
Working Set- -Based Access Control for Based Access Control for Working Set Network File

Working Set- -Based Access Control for Based Access Control for Working Set Network File

Working Set- -Based Access Control for Based Access Control for Working Set Network File Systems Network File Systems Stephen Smaldone, Vinod Ganapathy, and Liviu Iftode DiscoLab - Department of Computer Science Rutgers, The State University

667 views • 23 slides

More recommend