CS 356 – Lecture 7 Access Control Spring 2013
Review • Chapter 1: Basic Concepts and Terminology – Integrity, Confidentiality, Availability, Authentication, and Accountability – Types of threats: active vs. passive, insider/outsider – Lots of terminology and general concepts • Chapter 2: Basic Cryptographic Tools – Symmetric key encryption and secure hashing – Public key cryptography – Random Numbers • Chapter 3 – User Authentication – Passwords – Checking passwords and other user auth techniques • Chapter 4 – Access Control Lists – Concepts and Discretionary Access Control – Role Based Access Control (RBAC)
Chapter 4 Access Control
Access Control Policies
UNIX File Access Control l unique user identification number (user ID) l member of a primary group identified by a group ID l belongs to a specific group l 12 protection bits l specify read, write, and execute permission for the owner of the file, members of the group and all other users l the owner ID, group ID, and protection bits are part of the file’s inode
Role-Based Access Control (RBAC)
Access Control Matrix
Role-Based Access Control Models
Scope RBAC Models
Example of Role Hierarchy
Constraints - RBAC • provide a means of adapting RBAC to the specifics of administrative and security policies of an organization • a defined relationship among roles or a condition related to roles • types: mutually exclusive cardinality prerequisite roles roles • a user can only be • setting a maximum • dictates that a user assigned to one role in number with respect to can only be assigned the set (either during a roles to a particular role if it session or statically) is already assigned to some other specified • any permission role (access right) can be granted to only one role in the set
RBAC System and Administrative Functional Specification supporting administrative review system functions functions functions • provide the • provide functions • provide the capability to for session capability to create, delete, and management and perform query maintain RBAC for making access operations on elements and control decisions RBAC elements relations and relations
NIST RBAC Model
Basic Definitions • object – any system resource subject to access control, such as a file, printer, terminal, database record • operation – an executable image of a program, which upon invocation executes some function for the user • permission – an approval to perform an operation on one or more RBAC protected objects
Core RBAC supporting administrative review system functions functions functions • add and delete • create a user • enable an users from the set session with a administrator to of users default set of active view but not modify roles all the elements of • add and delete roles the model and their from the set of roles • add an active role to relations a session • create and delete instances of user-to- • delete a role from a role assignment session • create and delete • check if the session instances of subject has permission-to-role permission to assignment perform a request operation on an object
Hierarchical RBAC general role limited role hierarchies hierarchies impose restrictions allow an arbitrary partial ordering of resulting in a simpler tree the role hierarchy structure supports multiple inheritance, in role may have one or more which a role may inherit permissions immediate ascendants but from multiple subordinate roles and is restricted to a single more than one role can inherit from immediate descendant the same subordinate role
Static Separation of Duty Relations (SSD) • enables the definition of a set of mutually exclusive roles, such that if a user is assigned to one role in the set, the user may not be assigned to any other role in the set • can place a cardinality constraint on a set of roles • defined as a pair ( role set, n ) where no user is assigned to n or more roles from the role set • includes administrative functions for creating and deleting role sets and adding and deleting role members • includes review functions for viewing the properties of existing SSD sets
Dynamic Separation of Duty Relations (DSD) • limit the permissions available to a user • places constraints on the roles that can be activated within or across a user’s sessions • define constraints as a pair (role set, n ), where n is a natural number n ≤ 2, with the property that no user session may activate n or more roles from the role set • enables the administrator to specify certain capabilities for a user at different, non-overlapping spans of time • includes administrative and review functions for defining and viewing DSD relations
Functions and Roles for Banking Example (a) Functions and Official Positions
Functions and Roles for Banking Example (b) Permission Assignments
Functions and Roles for Banking Example (c) PA with Inheritance
Example of Access Control Administration
Summary • access control • prevent unauthorized users from gaining access to resources • prevent legitimate users from accessing resources in an unauthorized manner • enable legitimate users to access resources in an authorized manner • subjects, objects, access rights • authentication, authorization, audit • discretionary access controls (DAC) • controls access based on identity • mandatory access control (MAC) • controls access based on security labels • role-based access control (RBAC) • controls access based on roles
What ’ s Next • Read Chapter 1, 2, 3, 4, (skip 5), and 6 – Chap 1: Focus on big picture and recurring concepts – Chap 2: Identify cryptographic tools and properties – Chap 3: How can you authenticate a user? – Chap 4: Access Control – Chap 6: Intrusion Detection • Homework Posted on Course Website – Due Tuesday • Project 1 Posted on Course Website • Next Lecture Topics From Chapter 6 – Malicious Software
Recommend
More recommend
