Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  2. 2. CONTENTS• Access control principles• Mandatory Access Control (MAC)• Discretionary Access Control (DAC)• Role-based Access Control• Role-based Access Control Types
  3. 3. Access Control Principles• Computer-based access controls can prescribe not only who or what process may have access to a specific system resource, but also the type of access that is permitted.• Access control is not a stand alone component of a security system• Access control coexists with other security services• Access control works closely with audit control
  4. 4. Mandatory AC• MAC mechanisms assign a security level to all information, assign a security clearance to each user, and ensure that all users only have access to that data for which they have a clearance. Principle: Read Down Access equal or less Clearance Write Up Access equal or higher Clearance Better security than DAC
  5. 5. Mandatory AC (cont) Individuals Resources Server 1 “Top Secret” Server 2 “Secret” Server 3 “Classified”
  6. 6. Discretionary AC • Restricts access to objects based solely on the identity of users who are trying to access them.Individuals Resources Application Server 1 Access List Name Access Server 2 Tom Yes John No Cindy Yes Server 3
  7. 7. Role-Based AC• A user has access to an object based on the assigned role.• Roles are defined based on job functions.• Permissions are defined based on job authority and responsibilities within a job function.• Operations on an object are invocated based on the permissions.• The object is concerned with the user’s role and not the user. “Ideally, the [RBAC] system is clearly defined and agile, making the addition of new applications, roles, and employees as efficient as possible”
  8. 8. Role-Based ACIndividuals Roles Resources Role 1 Server 1 Role 2 Server 2 Server 3 Role 3 User’s change frequently, Roles don’t
  9. 9. Privilege• Roles are engineered based on the principle of least privileged• A role contains the minimum amount of permissions to instantiate an object.• A user is assigned to a role that allows him or her to perform only what’s required for that role.• No single role is given more permission than the same role for another user.
  10. 10. RBAC Reference Model• The NIST RBAC model is defined in terms of four model components . • Core RBAC • Hierarchical RBAC • Static Separation of Duty Relations • Dynamic Separation of Duty Relations
  11. 11. Core Components• Defines: – USERS – ROLES – OPERATIONS (ops) – OBJECTS (obs) – User Assignments (ua) – Permissions (prms) – Sessions
  12. 12. Core RBAC• It embodies the essential aspects of RBAC.• The basic concept of RBAC is that users are assigned to roles, and users acquire permissions by being members of roles.• Core RBAC includes requirements that user-role and permission-role assignment can be many-to-many.• It includes requirements for user-role review whereby the roles assigned to a specific user can be determined as well as users assigned to specific role. A similar requirement for permission-role review is imposed as an advanced review feature.• It allows includes the concept of user sessions, which allows selective activation and deactivation of roles.• Finally it requires that users be able to simultaneously exercise permission of multiple roles. This precludes products that restrict users of activation of one role at a time.
  13. 13. (UA) (PA) User Assign- Permission ment Assignment USERS ROLES OPS OBS PRMSuser_sessions session_roles SESSIONS Core RBAC
  14. 14. Hierarchical RBAC• It adds requirements for supporting role hierarchies. A hierarchy is mathematically a partial order defining a seniority relation between roles, whereby the seniors roles acquire the permission of their juniors, and junior roles acquire the user membership of their seniors. This standard recognizes two types of role hierarchies – General Hierarchical RBAC: In this case, there is support for an arbitrary partial order to serve as role hierarchy, to include the concept of multiple inheritance of permissions and user membership among roles. – Limited Hierarchical RBAC: Some systems may impose restrictions on the role hierarchy. Most commonly, hierarchies are limited to simple structures such as trees and inverted trees
  15. 15. RH (Role Hierarchies)• Natural means of structuring roles to reflect organizational lines of authority and responsibilities• General and Limited• Define the inheritance relation among roles i.e. r1 inherits r2 User Guest r-w-e -r-
  16. 16. General RH Support Multiple Guest Role Set Inheritance User Role Set Power User Role Set Admin Role Set Only if all permissions of r1 are also permissions of r2 i.e. r1 inherits r2Only if all users of r1 are also users of r2 User Guest r-w-h -r-
  17. 17. (RH) Role Hierarchy (UA) (PA) User Assign- Permission ment Assignment USERS ROLES OPS OBS PRMSuser_sessions session_roles SESSIONSHierarchical RBAC
  18. 18. Constrained RBAC SSD (RH) Role Hierarchy (UA) (PA) User Assign- Permission ment Assignment USERS ROLES OPS OBS PRMSuser_sessions session_roles SESSIONS DSD
  19. 19. Separation of Duties• Enforces conflict of interest policies employed to prevent users from exceeding a reasonable level of authority for their position.• Ensures that failures of omission or commission within an organization can be caused only as a result of collusion among individuals.• Two Types: – Static Separation of Duties (SSD) – Dynamic Separation of Duties (DSD)
  20. 20. Static Separation of Duty Relations• Enforce constraints on the assignment of users to roles• Place restrictions on sets of roles. If a user is assigned to one role, the user is prohibited from being a member of a second role.
  21. 21. Because of the conflict of role ‘billing’ and ‘Cashier’ , Frank is prohibited to be assigned both of them
  22. 22. DSD Places constraints on the users that can be assigned to a set of roles, thereby reducing the number of potential prms that can be made available to a user. Constraints are across or within a user’s session. No user may activate n or more roles from the roles set in each user session. Timely Revocation of Trust ensures that prms do not persist beyond the time that they are required for performance of duty.
  23. 23. DSD (cont) Roles inherits Cashier Supervisor Closes Cashier Role session Close Cash Drawer Opens Supv Role session Supervisor Cashier Open Cash DrawerAccounting Error Correct Error
  24. 24. Conclusion• RBAC is used to simplify security policy administration• RBAC is an open-ended technology,which ranges from very simple to fairly sophisticated.• RBAC continues to be an evolving technology.
  25. 25. QUESTIONS?