UT CS 361 - Lecture 25 - The Chinese Wall Policy

Unformatted text preview:

Foundations of Computer SecurityLecture 25: The Chinese Wall PolicyDr. Bill YoungDepartment of Computer SciencesUniversity of Texas at AustinLecture 25: 1 The Chinese Wall PolicyThe ProblemThe policies so far have been general. Let’s consider a policy for avery specific commercial concern: the potential for conflicts ofinterest and inadvertant disclosure of information by a consultantor contractor.Example: A lawyer specializes in product liability and consults forAmerican Airlines. It could be a breach of confidentiality for her toconsult also for United Airlines. Why? A simultaneous contractwith McDonalds would not be a conflict.Lecture 25: 2 The Chinese Wall PolicyChinese Wall PolicyBrewer and Nash (1989) proposed a policy called the ChineseWall Policy that addresses such conflicts of interest.Strictly speaking, this is not an integrity policy, but an accesscontrol confidentiality policy.Lecture 25: 3 The Chinese Wall PolicyLevels of AbstractionThe security policy builds on three levels of abstraction.Objects such as files. Objects contain information about onlyone company.Company groups collect all objects concerning a particularcompany.Conflict classes cluster the groups of objects for competingcompanies.For example, consider the following conflict classes:{ Ford, Chrysler, GM }{ Bank of America, Wells Fargo, Citicorp }{ Microsoft }Lecture 25: 4 The Chinese Wall PolicyChinese Wall PolicyWe have a simple access control policy: A subject may accessinformation from any company as long as that subject has neveraccessed information from a different company in the same conflictclass.For example, if you access a file from GM, you subsequently will beblocked from accessing any files from Ford or Chrysler. You arefree to access files from companies in any other conflict class.Notice that permissions change dynamically. The access rightsthat any subject enjoys depends on the history of past accesses.Lecture 25: 5 The Chinese Wall PolicyChinese WallFormally, the policy restricts access according to the following twoproperties:(Chinese Wall) Simple Security Rule: A subject s can begranted access to an object o only if the object:is in the same company datasets as the objects alreadyaccessed by s, that is, “within the Wall,” orbelongs to an entirely different conflict of interest class.(Chinese Wall) *-property: Write access is only permitted if:access is permitted by the simple security rule, andno object can be read which is:in a different company dataset than the one for which writeaccess is requested, andcontains unsanitized information.Lecture 25: 6 The Chinese Wall PolicyLessonsUnlike previous policies, Brewer and Nash’s Chinese WallPolicy is designed to address a very specific concern: conflictsof interest by a consultant or contractor.This illustrates that security policies can be crafted to solvevery specialized problems.The Chinese Wall is an access control policy in which accessesare sensitive to the history of past accesses.Next lecture: Role-Based Access ControlLecture 25: 7 The Chinese Wall


View Full Document

UT CS 361 - Lecture 25 - The Chinese Wall Policy

Documents in this Course
Load more
Download Lecture 25 - The Chinese Wall Policy
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture 25 - The Chinese Wall Policy and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture 25 - The Chinese Wall Policy 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?