DOC PREVIEW
PSU CSE 543 - A Comparison of Commercial and Military Computer Security Policies

This preview shows page 1-2-3-4-5-6 out of 17 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 17 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 17 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 17 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 17 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 17 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 17 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 17 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

A Comparison of Commercial and Military Computer Security PoliciesA formal model of integrity(Clark-Wilson Integrity Model)ProceduresValid StateCertificationCertification RulesEnforcement RulesCertified RelationAllowed RelationUser AuthenticationLogLogUnconstrained Data ItemsUnconstrained Data ItemsSeparation of DutyQ & A1CSE543 CSE543 ––Fall Semester 2006Fall Semester 2006A Comparison of Commercial and Military A Comparison of Commercial and Military Computer Security PoliciesComputer Security PoliciesPresented byAdaezeAdaezeIbenecheIbenecheLu SuLu Su10/10/200610/10/2006Department of Computer Science and EngineeringDepartment of Computer Science and EngineeringThe Pennsylvania State UniversityThe Pennsylvania State University2A formal model of integrityA formal model of integrity(Clark(Clark--Wilson Integrity Model)Wilson Integrity Model)Goal: Goal: Develop rules to ensure that certification and enforceDevelop rules to ensure that certification and enforcement of transactions are done correctly.ment of transactions are done correctly.Data Items:Data Items:¾¾CDIsCDIs(constrained data items):(constrained data items):Data subject to integrity constrains.Data subject to integrity constrains.Accounting example: Accounting example: one integrity constrain for an account isone integrity constrain for an account is(today(today’’s deposits) + (yesterdays deposits) + (yesterday’’s balance) s balance) ––(today(today’’s withdrawals) = (todays withdrawals) = (today’’s balance).s balance).¾¾UDIsUDIs(unconstrained data items):(unconstrained data items):Data not subject to integrity conData not subject to integrity constrains.strains.3ProceduresProceduresIVP (integrity verification procedure):IVP (integrity verification procedure):¾¾The purpose of an IVPThe purpose of an IVPis to confirm that all of the is to confirm that all of the CDIsCDIsin in the system conform to the the system conform to the integrity specificationintegrity specification..¾¾In the accounting example, this corresponds to the In the accounting example, this corresponds to the audit audit functionfunction..TP (transformation procedure):TP (transformation procedure):¾¾The The TPTPcorresponds to our concept of the corresponds to our concept of the wellwell--formed formed transactiontransaction..¾¾The purpose of a TPThe purpose of a TPis to change the is to change the set of set of CDIsCDIsfrom one from one valid statevalid stateto another. to another. ¾¾In the accounting example, a In the accounting example, a TPTPcorresponds to a corresponds to a double double entry transaction.entry transaction.4Valid StateValid StateAt any given time, the At any given time, the CDIsCDIsmust meet the must meet the integrity requirementsintegrity requirements, we call this condition a , we call this condition a ““valid statevalid state””..To maintain To maintain the integrity of the the integrity of the CDIsCDIs, the system , the system must ensure that only must ensure that only a TPa TPcan manipulate the can manipulate the CDIsCDIs. . Before execution of the Before execution of the TPTP, , an IVPan IVPwas executed was executed to verify that the to verify that the CDIsCDIsare in a are in a valid statevalid state..CDICDICDICDICDICDIValid state1Valid state1CDICDICDICDICDICDICDICDICDICDICDICDIValid state 2Valid state 2CDICDICDICDICDICDIValid state 3Valid state 3Initial stateInitial stateIVPIVPTP1TP1TP2TP25CertificationCertificationSystem must ensure that the System must ensure that the TPTPperforms a performs a wellwell--formed transformationformed transformation. . The validity of a TPThe validity of a TP(or an IVP) can be determined (or an IVP) can be determined only by certifying it with respect to a specific only by certifying it with respect to a specific integrity policyintegrity policy..The certification functionThe certification functionis usually is usually a manual a manual operationoperation(security officer, system owner, and (security officer, system owner, and system custodian), some system custodian), some automated aidsautomated aidsmay be may be available.available.6Certification RulesCertification RulesC1: All C1: All IVPsIVPsmust properly ensure that all must properly ensure that all CDIsCDIsare in a are in a valid statevalid stateat the time the IVP is run.at the time the IVP is run.C2: C2: All All TPsTPsmust be certified to be validmust be certified to be valid. That is, . That is, they must take a CDI to a valid final state, given they must take a CDI to a valid final state, given that it is in a valid state to begin with. that it is in a valid state to begin with. For each TP, For each TP, and each set of and each set of CDIsCDIsthat it may manipulate, the that it may manipulate, the security officer must specify a security officer must specify a ““relation,relation,””which which defines that executiondefines that execution. A relation is thus of the . A relation is thus of the form: (form: (TPiTPi, (, (CDIaCDIa, , CDIbCDIb, , CDIcCDIc, . . .)), where the list , . . .)), where the list of of CDIsCDIsdefines a particular set of arguments for defines a particular set of arguments for which the TP has been certified.which the TP has been certified.7Enforcement RulesEnforcement RulesE1: (Certified Relation) The system must maintain E1: (Certified Relation) The system must maintain the list of relations specified in rule C2the list of relations specified in rule C2, and must , and must ensure that ensure that the only manipulation of any CDI is by the only manipulation of any CDI is by a TPa TP, where the TP is operating on the , where the TP is operating on the CDI as CDI as specified in some relationspecified in some relation..8Certified RelationCertified RelationThe above rules provide the basic framework to The above rules provide the basic framework to ensure ensure internal consistency of the internal consistency of the CDIsCDIs. . To provide To provide a mechanism for external consistencya mechanism for external consistency, , the the separation of dutyseparation of dutymechanism, we need mechanism, we need additional rules to control additional rules to control which persons can exewhich


View Full Document

PSU CSE 543 - A Comparison of Commercial and Military Computer Security Policies

Documents in this Course
Agenda

Agenda

14 pages

HYDRA

HYDRA

11 pages

PRIMA

PRIMA

15 pages

CLIMATE

CLIMATE

15 pages

Load more
Download A Comparison of Commercial and Military Computer Security Policies
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view A Comparison of Commercial and Military Computer Security Policies and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view A Comparison of Commercial and Military Computer Security Policies 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?