COMPUSEC - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

COMPUSEC

Description:

... the environment of the information system (locks, guards, etc), protection from disaster ... communications security. COMPUSEC Security. computer security ... – PowerPoint PPT presentation

Number of Views:143
Avg rating:3.0/5.0
Slides: 20
Provided by: knig9
Category:

less

Transcript and Presenter's Notes

Title: COMPUSEC


1
COMPUSEC
  • Security Policies
  • Reference Monitor
  • MAC, DAC, RBAC

2
References
  • Gasser, m., Building a Secure Computer System,
    Van Nostrand Reinhold, 1988
  • SandHu, R., Samarati, P., Access Control
    Principles and Practice, IEEE Communications,
    Sep. 1994

3
Teaching Points
  • Security Policies
  • Modes of Operation
  • The Reference Monitor
  • Discretionary Access Control
  • Mandatory Access Control

4
Information Security Objectives
  • Confidentiality (or Secrecy)
  • related to disclosure of Information
  • Integrity
  • related to modification of information
  • Availability
  • related to denial of access to information

5
Information Security Requirements
  • Policy
  • describes how people may access documents or
    other information
  • Protection Mechanisms
  • controls for maintaining the security of the
    information
  • Assurance
  • degree of confidence that the system security
    policy has been correctly implemented

6
Components of a Security Policy
  • External Security
  • controls physical access to the system security
    that the system itself cannot address
  • Physical Security
  • control of physical access to the environment of
    the information system (locks, guards, etc),
    protection from disaster

7
Components of a Security Policy
  • External Security (contd)
  • Administative Security
  • Personnel Security
  • techniques used in deciding whom to trust with
    information
  • Procedural Security
  • controls the process of granting people access to
    machines, handling physical input and output
    (printouts, etc) installing/modifying H/W and S/W

8
Components of a Security Policy
  • Internal Security
  • security controls that are implemented in the
    hardware or software of the system
  • COMSEC Security
  • communications security
  • COMPUSEC Security
  • computer security

9
(No Transcript)
10
Modes of Operation
  • Dedicated Mode
  • users all cleared, all have need-to -know
  • System-High Mode
  • users all cleared, may not have need-to-know
  • Compartmented Mode
  • users all cleared, may not have formal access
    approval for all compartments
  • Controlled Mode
  • Multilevel Mode
  • users may not be cleared for all information

11
Protection Mechanisms
  • Identification Authentication
  • who is it?
  • is it really that person?
  • used to track exactly who is responsible for
    actions in the system
  • Audit
  • tracking of security relevant events
  • Access Control
  • control access of subjects to information objects
  • reference monitor concept

12
The Reference Monitor
13
Properties of a Reference Monitor
  • May be implemented in any combination of S/W,
    H/W, firmware
  • Properties
  • must be tamper proof
  • must always be invoked
  • must be small enough to be subjected to analysis
    and tests to ensure that it is correct

14
The Access Control Matrix
15
Discretionary Access Control (DAC)
  • judgement-based
  • Users can exercise their judgement (i.e.
    discretion) in granting access to objects
  • The containment problem
  • It is very difficult to control the flow of
    information
  • Trojan Horse
  • who do we really trust?

16
Mandatory Access Control (MAC)
  • rule-based
  • Static rules enforced by the system govern access
    and these rules cannot be circumvented
  • Security labels used to govern clearance and
    classification
  • Security lattice (domiance)
  • Simple security property
  • -property

17
The Security Lattice
TS/nato,alpha
TS/nato
TS/alpha
TS
S/nato
S/alpha
S
C
U
18
Security Properties
  • Simple Security Property
  • for a subject to access an object such that it is
    able to read information from the object, then
    the clearance of the subject must dominate the
    classification of the object.
  • -Property
  • if a subject has simultaneous access to more than
    one object, the classification of all of the
    objects it can read information from must
    dominate the classification of all the objects it
    can write to

19
Teaching Points
  • Security Policies
  • Modes of Operation
  • The Reference Monitor
  • Discretionary Access Control
  • Mandatory Access Control
Write a Comment
User Comments (0)
About PowerShow.com