UND CSCI 389 - Access Control Methodologies Chapter 2

Unformatted text preview:

Access Control MethodologiesBasics of Access ControlAccess Control Basics (continued)ControlsAccess Control TechniquesAccess Control DesignsMandatory Access ControlMandatory Access Control (continued)Discretionary Access ControlNon-discretionary Access ControlAccess Control AdministrationAccess Control Administration (continued)AccountabilityAccess Control ModelsState Machine ModelState Machine Model (continued)Slide 17Identification and Authentication MethodsIdentification and Authentication Methods (continued)Single Sign-OnKerberosFile and Data OwnershipRelated Methods of AttacksSummarySummary (continued)Access Control MethodologiesChapter 2Basics of Access Control•Access control is a collection of methods and components–Supports confidentiality (protects information from unauthorized disclosure)–Supports integrity (protects information from unauthorized modification)•Goal: to allow only authorized subjects to access objects that they are permitted to accessAccess Control Basics (continued)•Subject–The entity that requests access to a resource•Object–The resource a subject attempts to access•Least privilege philosophy–A subject is granted permissions needed to accomplish required tasks and nothing moreControls•Mechanisms put into place to allow or disallow object access–Any potential barrier to unauthorized access•Controls organized into different categories•Common categories–Administrative (enforce security rules through policies)–Logical/Technical (implement object access restrictions)–Physical (limit physical access to hardware)Access Control Techniques•Choose techniques that fit the organization’s needs•Considerations include–Level of security required–User and environmental impact of security measures•Techniques differ in –The way objects and subjects are identified–How decisions are made to approve or deny accessAccess Control Designs•Access control designs define rules for users accessing files or devices•Three common access control designs–Mandatory access control–Discretionary access control–Non-discretionary access controlMandatory Access Control•Assigns a security label to each subject and object•Matches label of subject to label of object to determine when access should be granted•A common implementation is rule-based access control–Often requires a subject to have a need to know in addition to proper security clearance–Need to know indicates that a subject requires access to object to complete a particular taskMandatory Access Control (continued)•Common military data classifications–Unclassified, Sensitive but Unclassified, Confidential, Secret, Top Secret•Common commercial data classifications–Public, Sensitive, Private, ConfidentialDiscretionary Access Control•Uses identity of subject to decide when to grant an access request•All access to an object is defined by the object owner•Most common design in commercial operating systems–Generally less secure than mandatory control–Generally easier to implement and more flexible•Includes –Identity-based access control –Access control lists (ACLs)Non-discretionary Access Control•Uses a subject’s role or a task assigned to subject to grant or deny object access–Also called role-based or task-based access control•Works well in environments with high turnover of subjects since access is not tied directly to subject•Lattice-based control is a variation of non-discretionary control–Relationship between subject and object has a set of access boundaries that define rules and conditions for accessAccess Control Administration•Can be implemented as centralized, decentralized, or hybrid•Centralized access control administration–All requests go through a central authority–Administration is relatively simple–Single point of failure, sometimes performance bottlenecks–Common packages include Remote Authentication Dial-In User Service (RADIUS), Challenge Handshake Authentication Protocol (CHAP), Terminal Access Controller Access Control System (TACACS)Access Control Administration (continued)•Decentralized access control administration–Object access is controlled locally rather than centrally–More difficult administration•Objects may need to be secured at multiple locations–More stable•Not a single point of failure–Usually implemented using security domainsAccountability•System auditing used by administrators to monitor –Who is using the system–What users are doing•Logs can trace events back to originating users•Process of auditing can have a negative effect on system performance–Must limit data collected in logs–Clipping levels set thresholds for when to start collecting dataAccess Control Models•Provide conceptual view of security policies•Map goals and directives to specific system events•Provide a formal definition and specification of required security controls•Many different models and combinations of models are usedState Machine Model•A collection of defined states and transitions•Modifications change objects from one state to the next•A state represents the characteristics of an object at a point in time•Transitions represent the modifications that can be made to objects to change from one state to anotherState Machine Model (continued)State Machine Model (continued)•Bell-LaPadula model–Works well in organizations that focus on confidentiality •Biba model–Focuses on integrity controls•Clark-Wilson Model–Not a state machine model–Restricts access to a small number of tightly controlled access programs•Noninterference Model–Often an addition to other models–Ensures that changes at one security level do not bleed over into other levelsIdentification and Authentication Methods•Two-factor authentication uses two phases–Identification–Authentication•Security practices often require input from multiple categories of authentication techniques•Most complex authentication mechanism is biometrics (detection and classification of a subject’s physical attributes)Identification and Authentication Methods (continued)Single Sign-On•Used to avoid multiple logins •Once a subject is positively identified, authentication information can be used within a trusted group•Great for users since they can sign on once and use multiple resources•Requires additional work for administrators•Several good SSO systems in use, Kerberos is one


View Full Document

UND CSCI 389 - Access Control Methodologies Chapter 2

Download Access Control Methodologies Chapter 2
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Access Control Methodologies Chapter 2 and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Access Control Methodologies Chapter 2 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?