Uploaded byKelvinDube4
PPTX, PDF25 views

boundary_security.pptx

The document discusses boundary controls and access control mechanisms. It describes how boundary controls establish the interface between users and computer systems by authenticating users' identities. It then examines different types of access controls, including identification, authentication, authorization of users and resources. It discusses implementing access control mechanisms and challenges around open vs closed environments, authorization approaches, and dynamics of authorization. It also covers cryptographic controls like encryption techniques, choosing cipher systems, key distribution, and digital signatures.

Embed presentation

Download to read offline
Boundary Controls • The boundary subsystem establishes the interface between the would-be user of a computer system and the computer system itself. • Once boundary subsystem functions are complete, the user can commence to use the resources of the system. • Boundary subsystem controls have one primary pu rpose: to establish the identity and authenticity of would-be users of a system. • This chapter examines some of the major types of security exercised in the boundary subsystem.
Boundary Controls Access Controls • An Access Control Mechanism is used in a compute r installation for preventing unauthorized access to and use of resources.
Boundary Controls Functions of an Access Control Mechanism. • An access control mechanism associates with ident ified, authorized users the resources they are perm itted to access and the action privileges they have with respect to those resources. • The mechanism processes user's requests in three steps, identification, authentication, and authorizat ion
Boundary Controls Identification and Authentication • Four classes of authentication are remembered inf ormation, possessed information, personal charact eristics and dialog. • There is need to understand the weaknesses in ea ch of the class of authentication. • Passwords, possessed objects, and personal charac teristics all have a further weakness that the authe ntication information is reduced to a bit stream wh ich can be wiretapped.
Boundary Controls Object Resources • In a generalized access control mechanism, all reso urces must be named since the mechanism must c ouple users with resources they are permitted to u se. • It is important that the access control mechanism h ave a means of identifying the authenticity of the o bject resources it provides to a user .e.g assigning object resources a unique identity that can not be copied.
Boundary Controls Action Privileges • If a user has the permission to use a commodity, th e amount of the commodity that the user can cons ume must be specified. • The most complex action privileges relate to the us e of data resources • ADD, INSERT, APPEND,MODIFY file1 File2 file3 John Own Read Write Alice Read Own Read Write Read bob Read Write Read Own Read Write
Boundary Controls Action privileges • Data independent – all the contents of a file ar e subject to the action privilege assigned to th e file • Data dependent – can apply to data items wit hin a file e.g salary < 15000
Boundary Controls • One of the important restrictions on action privileg es is a temporal restriction e.g no access to the ter minal after working hours. Implementing an Access Control Mechanism • Full implementation of an ACM can be costly. In pr actise, some trade offs must be made; overall contr ol must be decreased to reduce costs and improve performance. • The tradeoffs made in the ACM must be reasonabl e, given the overall control requirements of the ins tallation
Boundary Controls Problems in Implementing ACM (1)Open Vs Closed Environment • While an open environment allows for an easier im plementation of an ACM, only in a closed environm ent can effective control be exercised over users. (2)Approaches to Authorization • They are two approaches to implementing the aut horization module in an access control mechanism:
Boundary Controls • A ticket oriented approach? • A list oriented approach? (3)Dynamics of Authorization • Some difficult implementation problems arise in th e area of authorization dynamics.
Boundary Controls Cryptographic Controls • Cryptology is the science of secret codes • Cryptography deals with systems for translating dat a into codes that are meaningless to anyone who d oes not possess the system for recovering the initia l data. • Cryptanalysis are the techniques for recovering enc rypted data • Cipher is an algorithm for performing encryption o r decryption
Boundary Controls Cryptographic Techniques They are three classes of techniques for enciphering plaintext: • Substitution ciphers • Transposition ciphers. • Product ciphers
Boundary Controls Choosing a Cipher System • A cipher system has two components: algorithm an d the key • Five desirable properties of a cipher system: • High Work Factor • Small key • Simplicity • Low error propagation • Little expansion of message size.
Boundary Controls Public Key Cryptosystems • Ensuring the secure distribution of a private key to parties who need the key is a difficult task. • The widely known public key cryptosystem is the R SA scheme. • The disadvantage of public key cryptosystems is th at they are slow relative to the processing time req uired for private-key cryptosystems.
Boundary Controls Key Distribution • Maintaining the secrecy of the cryptographic key is of paramount importance. • The method chosen to distribute a key must be reli able; and maintain the secrecy of the keys thus mai ntaining overall secrecy of the cryptosystem. • Reminder: assignment diffie-hellman key exchange protocol
Boundary Controls Explain Diffie-Hellman key exchange, El-gamal a nd RSA Algorithms.
Boundary Controls Digital Signatures • Establishing the authenticity of individuals and pre venting the disavowal of messages and or contract s are still critical requirements when data is exchan ged in electronic form. • A digital signature is simply a string of 0s and 1s rat her than a line drawn on a page. • Public key cryptosystems can be used to establish: secret messages signed messages signed, secret messages.
Boundary Controls Secret Message • S Pur(m) • R Prr[Pur(m)] Signed Secret Message • S Pur(m) • S Prs[Pur(m)] • R Pus (Prs[Pur(m)]) • R Prr[Pur(m)]

More Related Content

PPT
Access control mechanism (DAC, MAC and RBAC).ppt
byDAKSHATAPANCHAL2
 
PPT
access control information security professor hossein saiedian fall 2014
bymaneltighiouart7
 
PPTX
Access Control for Database Priciples IS
byerricnocteam
 
PPT
Chapter 5-Security Mechanisms and Techniques.ppt
byLina Shimelis
 
PPTX
information security(authentication application, Authentication and Access Co...
byZara Nawaz
 
PPT
AccessControl.ppt
byDAKSHATAPANCHAL2
 
PPT
4_5949547032388570388.ppt
byMohammedMohammed578197
 
PDF
IS&C-Lecture-2.pdf full training lgd slkjgdgj
byangeldamson
 
Access control mechanism (DAC, MAC and RBAC).ppt
byDAKSHATAPANCHAL2
 
access control information security professor hossein saiedian fall 2014
bymaneltighiouart7
 
Access Control for Database Priciples IS
byerricnocteam
 
Chapter 5-Security Mechanisms and Techniques.ppt
byLina Shimelis
 
information security(authentication application, Authentication and Access Co...
byZara Nawaz
 
AccessControl.ppt
byDAKSHATAPANCHAL2
 
4_5949547032388570388.ppt
byMohammedMohammed578197
 
IS&C-Lecture-2.pdf full training lgd slkjgdgj
byangeldamson
 

Similar to boundary_security.pptx

PPTX
Security-Mechanisms-and-Policies-Protecting-System-Resources (1).pptx
bypalkartik420238
 
PDF
Access Control Fundamentals
bySetiya Nugroho
 
PPTX
Access-Controls System Integragation Administration.pptx
bywenzduke3098
 
PPTX
Week No 13 Access Control Part 1.pptx
byXhamiiiCH
 
PPTX
Data security authorization and access control
byLeo Mark Villar
 
PPT
Isys20261 lecture 12
byWiliam Ferraciolli
 
PPTX
How to write secure code
byFlaskdata.io
 
PPT
Chapter 11 Presentation
byAmy McMullin
 
DOCX
2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docx
byvickeryr87
 
PPTX
Computer security concepts
byPrachi Gulihar
 
DOCX
Comprehensive Analysis of Contemporary Information Security Challenges
bysidraasif9090
 
PPTX
Lecture-12-ACL_information_Security.pptx
byhomecooking511
 
PPTX
information security introduction and its advantages.pptx
bymzrajpoot12
 
PPTX
TYPES OF ATTACKS, DOS, DDOS updated information security intro .pptx
bymzrajpoot12
 
PPTX
2 countermeasures
byMr Patrick NIYISHAKA
 
PPTX
2 countermeasures
byMr Patrick NIYISHAKA
 
PPTX
Least privilege, access control, operating system security
byPrachi Gulihar
 
PDF
Certified Information Systems Security Professional (cissp) Domain “access co...
bymaster student
 
PDF
CYB 102 – Fundamentals of Cyber Security .pdf
byAbolarinwa
 
PPTX
Access Controls
byprimeteacher32
 
Security-Mechanisms-and-Policies-Protecting-System-Resources (1).pptx
bypalkartik420238
 
Access Control Fundamentals
bySetiya Nugroho
 
Access-Controls System Integragation Administration.pptx
bywenzduke3098
 
Week No 13 Access Control Part 1.pptx
byXhamiiiCH
 
Data security authorization and access control
byLeo Mark Villar
 
Isys20261 lecture 12
byWiliam Ferraciolli
 
How to write secure code
byFlaskdata.io
 
Chapter 11 Presentation
byAmy McMullin
 
2.· Unshielded Twisted Pair (UTP) Cables· Shielded Twisted Pai.docx
byvickeryr87
 
Computer security concepts
byPrachi Gulihar
 
Comprehensive Analysis of Contemporary Information Security Challenges
bysidraasif9090
 
Lecture-12-ACL_information_Security.pptx
byhomecooking511
 
information security introduction and its advantages.pptx
bymzrajpoot12
 
TYPES OF ATTACKS, DOS, DDOS updated information security intro .pptx
bymzrajpoot12
 
2 countermeasures
byMr Patrick NIYISHAKA
 
2 countermeasures
byMr Patrick NIYISHAKA
 
Least privilege, access control, operating system security
byPrachi Gulihar
 
Certified Information Systems Security Professional (cissp) Domain “access co...
bymaster student
 
CYB 102 – Fundamentals of Cyber Security .pdf
byAbolarinwa
 
Access Controls
byprimeteacher32
 

More from KelvinDube4

PPTX
CLOUD_COMPUTING_PRESENTATION.pptx
byKelvinDube4
 
PPTX
introduction.pptx
byKelvinDube4
 
PPTX
DATA COM PRESENTATION-1.pptx
byKelvinDube4
 
PPTX
Fundamental_Security_Design_Principles.pptx
byKelvinDube4
 
PPTX
Group 5 Presentation.pptx
byKelvinDube4
 
PPTX
Group 5 Presentation.pptx
byKelvinDube4
 
PPTX
Group 6 Presentation - Copy.pptx
byKelvinDube4
 
CLOUD_COMPUTING_PRESENTATION.pptx
byKelvinDube4
 
introduction.pptx
byKelvinDube4
 
DATA COM PRESENTATION-1.pptx
byKelvinDube4
 
Fundamental_Security_Design_Principles.pptx
byKelvinDube4
 
Group 5 Presentation.pptx
byKelvinDube4
 
Group 5 Presentation.pptx
byKelvinDube4
 
Group 6 Presentation - Copy.pptx
byKelvinDube4
 

Recently uploaded

PPTX
S.Y. B. Pharm Medicinal Chemistry I Unit-I
byMs. Ashatai Patil
 
PPTX
Plant fibres used as surgical dressings & Sutures – Surgical Catgut and Ligat...
bySai Meer College of Pharmacy
 
PDF
Conservation of Earthen Structures in India Preserving Traditional and Sustai...
byAman Kumar Singh
 
PDF
Biological source, chemical constituents, and therapeutic efficacy of the fol...
bySai Meer College of Pharmacy
 
PPTX
Drug acting on ANS.pptx (Drug acts on Sympathetic and parasympathetic NS)
byManarat International University
 
PPTX
Simulation Learning in Health Sciences and Human Service programs at Camosun ...
bygabitouss
 
PDF
Intellectual Property Rights I Types (IPR)
byAmit Gangwal
 
PDF
Four Stars Of Destiny By General Manoj Mukund Naravane
byAman744562
 
PDF
Beyond the Absurd: A Comparative Reading of Waiting for Godot and the Bhagava...
byKruti Vyas
 
PPTX
Renal Physiology- Juxtaglomerular Apparatus.pptx
byDisha Soriya
 
PPTX
A Memory of Two Mondays by Arthur Miller
byDhatriParmar
 
PPTX
How to Set Recurring Tasks in Odoo Projects
byCeline George
 
PDF
PHARMACOLOGY 1 ( BP 404 T) Unit 1 (Cology 1)
byChetan Mali
 
PDF
Family and Marriage __ Sociology __ Jhasketan Kuanar __ NURSING VIBE ONLY .pdf
byJK NURSING VIBES ONLY JHASKETAN KUANAR
 
PDF
BP502T Industrial Pharmacy I (Theory) UNIT– I (Part 1)
byRushi Mandali
 
PPTX
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
PPTX
Greengnorance Toolkit Module 4 Active Mobility and Transport
byKarl Donert
 
PDF
Intellectual Property Rights II Types (IPR)
byAmit Gangwal
 
PPTX
Methods & Applications of Enzyme Immobilization Technique.pptx
byAnupkumar Sharma
 
PPTX
Greengnorance Toolkit Module 2 Energy saving
byKarl Donert
 
S.Y. B. Pharm Medicinal Chemistry I Unit-I
byMs. Ashatai Patil
 
Plant fibres used as surgical dressings & Sutures – Surgical Catgut and Ligat...
bySai Meer College of Pharmacy
 
Conservation of Earthen Structures in India Preserving Traditional and Sustai...
byAman Kumar Singh
 
Biological source, chemical constituents, and therapeutic efficacy of the fol...
bySai Meer College of Pharmacy
 
Drug acting on ANS.pptx (Drug acts on Sympathetic and parasympathetic NS)
byManarat International University
 
Simulation Learning in Health Sciences and Human Service programs at Camosun ...
bygabitouss
 
Intellectual Property Rights I Types (IPR)
byAmit Gangwal
 
Four Stars Of Destiny By General Manoj Mukund Naravane
byAman744562
 
Beyond the Absurd: A Comparative Reading of Waiting for Godot and the Bhagava...
byKruti Vyas
 
Renal Physiology- Juxtaglomerular Apparatus.pptx
byDisha Soriya
 
A Memory of Two Mondays by Arthur Miller
byDhatriParmar
 
How to Set Recurring Tasks in Odoo Projects
byCeline George
 
PHARMACOLOGY 1 ( BP 404 T) Unit 1 (Cology 1)
byChetan Mali
 
Family and Marriage __ Sociology __ Jhasketan Kuanar __ NURSING VIBE ONLY .pdf
byJK NURSING VIBES ONLY JHASKETAN KUANAR
 
BP502T Industrial Pharmacy I (Theory) UNIT– I (Part 1)
byRushi Mandali
 
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
Greengnorance Toolkit Module 4 Active Mobility and Transport
byKarl Donert
 
Intellectual Property Rights II Types (IPR)
byAmit Gangwal
 
Methods & Applications of Enzyme Immobilization Technique.pptx
byAnupkumar Sharma
 
Greengnorance Toolkit Module 2 Energy saving
byKarl Donert
 

boundary_security.pptx

  • 1.
    Boundary Controls • Theboundary subsystem establishes the interface between the would-be user of a computer system and the computer system itself. • Once boundary subsystem functions are complete, the user can commence to use the resources of the system. • Boundary subsystem controls have one primary pu rpose: to establish the identity and authenticity of would-be users of a system. • This chapter examines some of the major types of security exercised in the boundary subsystem.
  • 2.
    Boundary Controls Access Controls •An Access Control Mechanism is used in a compute r installation for preventing unauthorized access to and use of resources.
  • 3.
    Boundary Controls Functions ofan Access Control Mechanism. • An access control mechanism associates with ident ified, authorized users the resources they are perm itted to access and the action privileges they have with respect to those resources. • The mechanism processes user's requests in three steps, identification, authentication, and authorizat ion
  • 4.
    Boundary Controls Identification andAuthentication • Four classes of authentication are remembered inf ormation, possessed information, personal charact eristics and dialog. • There is need to understand the weaknesses in ea ch of the class of authentication. • Passwords, possessed objects, and personal charac teristics all have a further weakness that the authe ntication information is reduced to a bit stream wh ich can be wiretapped.
  • 5.
    Boundary Controls Object Resources •In a generalized access control mechanism, all reso urces must be named since the mechanism must c ouple users with resources they are permitted to u se. • It is important that the access control mechanism h ave a means of identifying the authenticity of the o bject resources it provides to a user .e.g assigning object resources a unique identity that can not be copied.
  • 6.
    Boundary Controls Action Privileges •If a user has the permission to use a commodity, th e amount of the commodity that the user can cons ume must be specified. • The most complex action privileges relate to the us e of data resources • ADD, INSERT, APPEND,MODIFY file1 File2 file3 John Own Read Write Alice Read Own Read Write Read bob Read Write Read Own Read Write
  • 7.
    Boundary Controls Action privileges •Data independent – all the contents of a file ar e subject to the action privilege assigned to th e file • Data dependent – can apply to data items wit hin a file e.g salary < 15000
  • 8.
    Boundary Controls • Oneof the important restrictions on action privileg es is a temporal restriction e.g no access to the ter minal after working hours. Implementing an Access Control Mechanism • Full implementation of an ACM can be costly. In pr actise, some trade offs must be made; overall contr ol must be decreased to reduce costs and improve performance. • The tradeoffs made in the ACM must be reasonabl e, given the overall control requirements of the ins tallation
  • 9.
    Boundary Controls Problems inImplementing ACM (1)Open Vs Closed Environment • While an open environment allows for an easier im plementation of an ACM, only in a closed environm ent can effective control be exercised over users. (2)Approaches to Authorization • They are two approaches to implementing the aut horization module in an access control mechanism:
  • 10.
    Boundary Controls • Aticket oriented approach? • A list oriented approach? (3)Dynamics of Authorization • Some difficult implementation problems arise in th e area of authorization dynamics.
  • 11.
    Boundary Controls Cryptographic Controls •Cryptology is the science of secret codes • Cryptography deals with systems for translating dat a into codes that are meaningless to anyone who d oes not possess the system for recovering the initia l data. • Cryptanalysis are the techniques for recovering enc rypted data • Cipher is an algorithm for performing encryption o r decryption
  • 12.
    Boundary Controls Cryptographic Techniques Theyare three classes of techniques for enciphering plaintext: • Substitution ciphers • Transposition ciphers. • Product ciphers
  • 13.
    Boundary Controls Choosing aCipher System • A cipher system has two components: algorithm an d the key • Five desirable properties of a cipher system: • High Work Factor • Small key • Simplicity • Low error propagation • Little expansion of message size.
  • 14.
    Boundary Controls Public KeyCryptosystems • Ensuring the secure distribution of a private key to parties who need the key is a difficult task. • The widely known public key cryptosystem is the R SA scheme. • The disadvantage of public key cryptosystems is th at they are slow relative to the processing time req uired for private-key cryptosystems.
  • 15.
    Boundary Controls Key Distribution •Maintaining the secrecy of the cryptographic key is of paramount importance. • The method chosen to distribute a key must be reli able; and maintain the secrecy of the keys thus mai ntaining overall secrecy of the cryptosystem. • Reminder: assignment diffie-hellman key exchange protocol
  • 16.
    Boundary Controls Explain Diffie-Hellmankey exchange, El-gamal a nd RSA Algorithms.
  • 17.
    Boundary Controls Digital Signatures •Establishing the authenticity of individuals and pre venting the disavowal of messages and or contract s are still critical requirements when data is exchan ged in electronic form. • A digital signature is simply a string of 0s and 1s rat her than a line drawn on a page. • Public key cryptosystems can be used to establish: secret messages signed messages signed, secret messages.
  • 18.
    Boundary Controls Secret Message •S Pur(m) • R Prr[Pur(m)] Signed Secret Message • S Pur(m) • S Prs[Pur(m)] • R Pus (Prs[Pur(m)]) • R Prr[Pur(m)]