Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Lecture 7Access Control
Access Control• ITU-T Recommendation X.800 definition:  – “The prevention of unauthorized use of a resource,    including ...
Access Control Principles                                               Granting of a right                               ...
Access Control Policies• dictates                                          based on comparing  – what types of access are ...
Access Control Requirements•   reliable input•   support for fine and coarse specifications•   least privilege•   separati...
Access Control Basic Elements                      •concept equates with that of process  subject entity      •typically h...
Discretionary Access Control• scheme in which an entity may enable  another entity to access some resource  – often provid...
Access Matrix
Example of Access Control Structures
     Click to edit the outline text     format      −   Second Outline LevelAuthorization Level        Third Outline     ...
Extended Access Control Matrix
Access ControlFunction
Access  Control  SystemCommands
Protection Domains• set of objects together with access rights to  those objects• more flexibility when associating capabi...
Protection Domains• association between a process and a domain  can be static or dynamic• in user mode certain areas of me...
Daemon behavior• Many daemons in Unix and other OSes,  generally are started with  superuser/root/administrator rights by ...
UNIX File Access ControlUNIX files are administered using inodes (index nodes)• control structures with key information ne...
UNIX File Access Control                        • Click to edit Master text styles• unique user identification            ...
Traditional UNIX File Access Control• “set user ID”(SetUID)• “set group ID”(SetGID)  – system temporarily uses rights of t...
Traditional UNIX File Access Control• sticky bit   – when applied to a directory it specifies that only     the owner of a...
Access Control Lists (ACLs) in UNIX• modern UNIX systems support ACLs  – FreeBSD, OpenBSD, Linux, Solaris• FreeBSD  – Setf...
Access Control Lists (ACLs) in UNIX• when a process requests access to a file  system object two steps are performed:  – s...
Upcoming SlideShare
Loading in …5
×

Topic 7 access control

1,465 views

Published on

  • Be the first to comment

  • Be the first to like this

Topic 7 access control

  1. 1. Lecture 7Access Control
  2. 2. Access Control• ITU-T Recommendation X.800 definition: – “The prevention of unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner.”• RFC 2828 defines computer security as: – “Measures that implement and assure security services in a computer system, particularly those that assure access control service”.
  3. 3. Access Control Principles Granting of a right or permission to an12 entity to access a system resource.108 Column 16 Column 2 Column 34 Verification that the2 credentials of a user or an entity are valid.0 Row 1 Row 2 Row 3 An independent review Row 4 and examination of system records and activities
  4. 4. Access Control Policies• dictates based on comparing – what types of access are permitted, security labels with – under what circumstances, clearances – by whom. based on the identity of the requestor and on access rules based on the roles and their accesses
  5. 5. Access Control Requirements• reliable input• support for fine and coarse specifications• least privilege• separation of duty• open and closed policies• policy combinations and conflict resolution• administrative policies• dual control
  6. 6. Access Control Basic Elements •concept equates with that of process subject entity •typically held accountable for the capable of actions they initiate accessing objects •often have three classes: owner, group, world •entity used to contain and/or object receive information resource to which access is •protection depends on the controlled environment in which access control operates access right: the way in •e.g. read, write, execute, which a subject delete, create, search may access an object
  7. 7. Discretionary Access Control• scheme in which an entity may enable another entity to access some resource – often provided using an access matrix – one dimension consists of identified subjects that may attempt data access to the resources – the other dimension lists the objects that may be accessed – each entry in the matrix indicates the access rights of a particular subject for a particular object
  8. 8. Access Matrix
  9. 9. Example of Access Control Structures
  10. 10.  Click to edit the outline text format − Second Outline LevelAuthorization Level Third Outline  Table − Fourth Outline Level  Fifth Outline Level  Sixth Outline Level Seventh Outline LevelClick to edit Master text styles
  11. 11. Extended Access Control Matrix
  12. 12. Access ControlFunction
  13. 13. Access Control SystemCommands
  14. 14. Protection Domains• set of objects together with access rights to those objects• more flexibility when associating capabilities with protection domains• in terms of the access matrix, a row defines a protection domain• user can spawn processes with a subset of the access rights of the user
  15. 15. Protection Domains• association between a process and a domain can be static or dynamic• in user mode certain areas of memory are protected from use and certain instructions may not be executed• in kernel mode privileged instructions may be executed and protected areas of memory may be accessed
  16. 16. Daemon behavior• Many daemons in Unix and other OSes, generally are started with superuser/root/administrator rights by the OS. They request the OS to reduce their rights to a specific user which has been configured.• This allows the daemon(server) process to have less access in case there is a bug in the server software which could be exploited.
  17. 17. UNIX File Access ControlUNIX files are administered using inodes (index nodes)• control structures with key information needed for a particular file• several file names may be associated with a single inode• an active inode is associated with exactly one file• file attributes, permissions and control information are sorted in the inode• on the disk there is an inode table, or inode list, that contains the inodes of all the files in the file system• when a file is opened its inode is brought into main memory and stored in a memory resident inode tabledirectories are structured in a hierarchical tree• may contain files and/or other directories• contains file names plus pointers to associated inodes
  18. 18. UNIX File Access Control • Click to edit Master text styles• unique user identification – Second level number (user ID) – Third level• member of a primary group Fourth level • – Fifth level identified by a group ID – belongs to a specific group – 12 protection bits – specify read, write, and execute permission for owner of file, members of group and all other users – owner ID, group ID, and protection bits are part of file’s inode
  19. 19. Traditional UNIX File Access Control• “set user ID”(SetUID)• “set group ID”(SetGID) – system temporarily uses rights of the file owner / group in addition to the real user’s rights when making access control decisions – enables privileged programs to access files / resources not generally accessible
  20. 20. Traditional UNIX File Access Control• sticky bit – when applied to a directory it specifies that only the owner of any file in the directory can rename, move, or delete that file• superuser – is exempt from usual access control restrictions – has system-wide access
  21. 21. Access Control Lists (ACLs) in UNIX• modern UNIX systems support ACLs – FreeBSD, OpenBSD, Linux, Solaris• FreeBSD – Setfacl assigns a list of UNIX user IDs and groups – any number of users and groups can be associated with a file – read, write, execute protection bits – a file does not need to have an ACL – includes an additional protection bit that indicates whether the file has an extended ACL
  22. 22. Access Control Lists (ACLs) in UNIX• when a process requests access to a file system object two steps are performed: – step 1: selects the most appropriate ACL – owner, named users, owning / named groups, others – step 2: checks if the matching entry contains sufficient permissions

×