CS687 - Access Control 1 Spring 2013

5/27/2018 CS687 - Access Control 1 Spring 2013

1/36

New in this term

Access control in windows

Access control in unix (already there)

Active directory and authorization

Group policy in windows (not sure yet

it if fits in here).

LDAP

HiLCoE School of Computer Science &Technology


2/36


CS687Information Systems

Security

Access Control


3/36


Course objectives

Professional carrier

Research orientation

Certification

Technical security (Main focus)

Managerial security


4/36


CS687: Information Systems Security

Course Outline

1. Introduction

2. Security Threats and Vulnerabilities

3. Malicious Software

4. Hacking

5. Cryptography6. Access Control

7. Authentication

8. Network Security

9. Application Security

10. Firewalls and Intrusion Detection System11. Operational Security

12. Topics in Information Systems Security


5/36


Text Book

William Stallings & Lawrie Brown,

Computer Security: Principles and

Practice, Pearson, 2008


6/36


References

Bruice Schneier, Applied

CryptographyProtocols, Algorithms,

[], Second Edition, Wiley StudentEdition, 2006

Stuart McClure et al, HackingExposed, McGraw Hill, 2009


7/36


Access

Accessis the ability to do something

with a computer resource.


8/36


Resources to protect

Files

Programs

Computers

Communication ports

Printers and other peripherals

Disks

etc


9/36


Access to Whom

o Individual users or processes on their

behalf

o Servers, machineso Group of users/entities

o finance department, etc

o PublicoAnonymous


10/36


Access Roles

o In certain cases, access is defined byfunctional assignment rather than aspecific user:

Eg. Manager, CEO, CIO, Operator,Administrator, etc

o See Role Based Access Control

(RBAC)oAuditing, however, is done per the

individuals account


11/36


Access Restrictions

Locations: Access to particular systemresources may also be based upon physicalor logical location.

Time of access: Time-of-day or day-of-weekrestrictions are common limitations onaccess.

Transaction: Access maybe granted for alimited duration to do a very restricted tasks.Eg. Accessing the /etc/passwd to change apassword


12/36


Common Access Rights

Read access provides users with thecapability to view information in a systemresource (such as a file, certain records,

certain fields, or a combination), but notto alterit .

Writeaccess allows users to add to, modify,or delete information in system resources

(e.g., files, records, programs). Normallyuser has read access to anything they havewrite access to.


13/36


Access Rights/Privileges

Executeprivilege allows users to runprograms.

Deleteaccess allows users to erasesystem resources (e.g., files, records,fields, programs). Note that if usershave write access but not delete

access, they could overwrite the fieldor file with any thing effectivelydeleting the information.


14/36

HiLCoE School of Computer Science &

Technology

Access Rights/Privileges

Createaccess allows users to create

new files, records, or fields.

Searchaccess allows users to list the

files in a directory.


15/36


Technology

Access Rights In DB

Select

Insert

Update

Create

Delete


16/36


Technology

Resources in DB

Database

Table

Column

Field

Stored procedure


17/36


Technology

Access Control

Access controlis a mechanisms to

enforce access policies on

resources.


18/36


Technology

AC Protects

Confidential information from beingdisclosed to unauthorized individuals.

Operating systems and other systemsoftware from unauthorized modification ormanipulation (and thereby help ensure thesystem's integrity and availability);

Availability of information by restricting thenumber of users and processes


19/36


Technology

Placement of Access Control

It depends on the resources access to

which is to be restricted

Operating systemsApplications

Database systems

etc


20/36


Technology

Discretional Access Control

A DAC is a type of access control whereby

the entity (ie. Subject) is allowed to define and

change its access rights.

Many UNIX varieties use DAC since they

allow owners to set and unset access rights

on files and directories.

Note, however, that some aspects of UNIX

access control are set centrally by the super

user. Example is x and s access to some

program files.


21/36


Technology

Mandatory Access Control

A mandatory access control (MAC)is a type

of access control whereby access is defined

based on regulations by a central authority.

The philosophy underlying these policies is

that information belongs to an organization

(rather than individual members of it), and it

is that organization which should define the

access control.

E.g. Unix System V


22/36


Technology

Representing andImplementing AC


23/36


Technology

Access Control Matrix

The access control matrix model is

the most precise model used which

describes the rights of subjects overresources in a matrix.


24/36


Technology

ACM: Example

File1 File2 File3 File4

User1 Read,

write,

execute

Execute read write

User2 execute Read,write

read,write,

execute

read


25/36


Technology

ACM: Questions

Adding and deleting ACM entries: who has

the right to add and delete privileges.

Default privileges

Undefined entries

Inconsistencies

Management issues (for the admin)

Re-adjusting access rights, etc


26/36


Technology

ACL

ACL is a simplified implementation of ACM oncolumn basis. In other words, access privileges arekept by the objects (ie. Column wise in the Matrix). A

good example is a file systems in UNIX where theaccess rights are implemented per file (ie. Object)


27/36


Technology

Capability

A simplified implementation of ACM on rows basis.Each subject maintains an un-forgeable list of therights it has to objects.


28/36


Technology

ACL vs Capability

Both implementations make certain questions easierto answer than others. For example, it is easy in an

ACL implementation to find the set of all subjects

who may read a file, but it is difficult to find the set ofall files that a subject may read.


29/36


Technology

Constrained UserInterface

Often used in conjunction with ACLs are constraineduser interfaces, which restrict users' access tospecific functions by never allowing them to requestthe use of information, functions, or other specific

system resources for which they do not have access.Three major types exist: (1) menus, (2) databaseviews, and (3)physically constrained user interfaces.


30/36


Technology

Menus ..

Menus can be used to implement AC

by allowing and disallowing certain

activities depending on the accessrights users.


31/36


Technology

Database View

Databaseviewsis a mechanism for restricting useraccess to data contained in a database. It may benecessary to allow a user to access a database, but

that user may not need access to all the data in thedatabase (e.g., not all fields of a record nor allrecords in the database).


32/36


Technology

Physically

Physicallyconstrained user interfaces can also limit auser's abilities. A common example is an ATMmachine, which provides only a limited number of

physical buttons to select options; no alphabetickeyboard is usually present


33/36


Technology

AC in Unix

Subjects are processes that execute

on behalf of users

Objects are all considered as files:files, directories, devices, etc

Access rights are: read, write,

execute,

but also SetUID and SetGID


34/36


Technology

ReadingAssignment

Access Control in Linux.


35/36


Technology

ReadingAssignment

Access Control in MS Windows.


36/36


Technology

ReadingAssignment

Role Based Access Control in MS

SQL Server.

CS687 - Access Control 1 Spring 2013

Documents

Transcript of CS687 - Access Control 1 Spring 2013