-
access control
the prevention of unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner
-
access control
the central element of computer security
-
security policy or access control policy
specifies who or what may have access to each specific system resource and the type of access that is permitted in each instance
-
authentication
verification that the credentials of a user or other system entity are valid
-
authorization
the granding of a right or permission to a system entity to access a system resource - determines who is trusted for a given purpose
-
audit
an indepedent review and examination of system records and activities in order to test for adequacy of system controls, to ensure compliance with established policy and operational procedures, to detect breaches in security
-
Discretionary access control (DAC)
Mandatory access control (MAC)
Role-based access control (RBAC)
can use all access controls together
categories of access control policies
-
Discretionary access control (DAC)
controls access based on the identity of the requestor and on access rules stating what requestors are (or are not) allowed to do - might have access rights that permit the entity, by its own volition, to enable another entity to access some resource
-
Mandatory access control (MAC)
controls access based on comparing security labels (which indicate how sensitive or critical system resources are) with security clearances (wihich indicate system entities are eligible to access certain resources) - may not, just by its own volition, enable another entity to access that resource
-
Role-based access control (RBAC)
controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles
-
least privilege
the principle that access control should be implemented so that each system entity is granted the minimum system resources and authorizations that the entity needs to do its work
-
separation of duty
the practice of dividing the steps in a system function among different individuals, so as to keep a single individual from subverting the process
-
closed policies
the most useful, and most typical, class of access control policies
-
closed policies
only accesses that are specifically authorized are allowed
-
open policies
authorizations specify which accesses are prohibited; all other accesses are allowed
-
administrative policies
policies needed to specify who can add, delete, or modify authorization rules
-
subject, object, & access right
basic elements of access control
-
subject
an entity capable of accessing objects
-
object
a resource to which access is controlled - an entity used to contain and/or receive information
-
owner - creator
group - membership in the group is sufficient to exercise these rights
world - the least amount of access is granted to users who are able to access the system but are not included in the categories owner and group
three classes of subject with different access rights for each class
-
access right
describes the way in which a subject may access an object
-
access control lists/tickets
are formed when an access matrix is decomposed by columns - specifies users and their permitted access rights for each object
-
access matrix
consists of two dimensions - one dimension consists of identified subjects that may attempt data access to the resources, and the other dimension lists the objects that may be accessed
-
cabability tickets/lists - present a greater security problem than acces control lists
are formed when an access matrix is decomposed by rows - specifies authorized objects and operations for a particular user
-
user mode
the mode in which a user program executes in which certain areas of memory are protected from the user's use and in which certain instructions may not be executed
-
kernel mode (system mode)
the mode in which a user program operates in which privileged instructions may be executed and in which protected areas fo memory may be accessed
-
Role based access control:
user - individual w/access
role - named job function
permission - approval of access
session - mapping between a user & an activated subset of the set of roles to which the user is assigned
four types of entities in an RBAC
-
mutually exclusive roles
cardinality
prerequisite
three types of constraints in an RBAC3
-
mutually exclusive roles
roles such that a user can be assigned to only one role in the set
-
cardinality
refers to setting a maximum number with respect to roles
-
prerequisite
dictates that a user can only be assigned to a particular role if it is already assigned to some other specified role
-
SSD (Static Separation of Duty Relations)
enables the definition of a set of mutually exclusive roles, such that if a user is assigned to one role in the set, the user may not be assigned to any other role in the set
-
DSD (Dynamic Separation of Duty Relations)
limit the permissions available to a user by placing constraints on the roles that can be activated within or across a user's sessions - enables the administrator to specify certain capabilities for a user at different, non-overlapping spans of time
-
protection domain
a set of objects together with access rights to those objects
|
|