Computer Security Access Control Matrix - PowerPoint PPT Presentation

About This Presentation
Title:

Computer Security Access Control Matrix

Description:

Access Control Matrix Model. A model used to describe the protection states. ... Each entry a[s,o] of A belongs to R, and is the right of. user s over file s. 10/24/09 ... – PowerPoint PPT presentation

Number of Views:336
Avg rating:3.0/5.0
Slides: 17
Provided by: MikeBur3
Category:

less

Transcript and Presenter's Notes

Title: Computer Security Access Control Matrix


1
Computer SecurityAccess Control Matrix
2
States of a Computer System
  • The state of a system is the collection of
    current values of all
  • components of the system memory locations,
    secondary
  • storage, registers etc
  • Protection states are those states that have to
    be protected.
  • .P set of all protection states of the system
  • .Q set of all authorized protection states
  • The system is not secure if the current state is
    in P - Q
  • A security policy characterizes the states in Q
  • A security mechanism prevents the system entering
  • a state in P - Q

3
Access Control Matrix Model
  • A model used to describe the protection states.
  • It characterizes the rights of each subject of
    the
  • system (entity/process) regarding the objects of
    the
  • system (entities/processes) in terms of a matrix.

4
Butler-Lampson Model
  • This describes the rights of users s (subjects)
    over
  • files o (objects) by a matrix A whose rows are
    indexed
  • By the subjects and columns by the objects.
  • The rights belong to a set R.
  • Each entry as,o of A belongs to R, and is the
    right of
  • user s over file s.

5
Butler-Lampson Model
  • In this model P is the triple (S,O,A)
  • where S is the set of users, O the set of files,
    A the
  • Access Control Matrix.
  • R depends on the application.

6
Examples of ACMs
  • file 1 file 2
    process 1 process 2
  • process 1 R, W, O R R,
    W, E, O W
  • process 2 A R, O
    R R, W, E, O
  • Here R Read, Wright, Own, Append, Execute
  • process 1 can read/write file 1, read file 2,
    communicate
  • with process 2 by writing to it, etc

7
Examples rights on a LAN
  • host names telegraph nob
    toadflex
  • telegraph own ftp
    ftp
  • nob ftp,
    nfs, amil own ftp, nfs, mail
  • toadflex ftp,
    mail ftp, nfs, amil own
  • Here R ftp, mail, nfs, own , where
  • ftp the right to access the File Transfer
    Protocol
  • mail the right to send/receive using the Simple
    Mail Transfer Protocol (SMTP)
  • nsf the right to access file systems using the
    Network File System protocol

8
Examples rights in a program
  • host names counter inc_ctr dec_ctr
    manager
  • inc_ctr
  • dec_ctr -
  • manager call
    call call
  • Here inc_ctr increases a counter and dec_ctr
    decreases it.
  • R , -, call

9
Other examples
  • Access Control by Boolean expression evaluation
  • Access Control by History
  • See textbook

10
Protection State Transitions
  • Initial state of the system X0 (S0,O0,A0 )
  • Transitions t1, t2,
  • Corresponding states X1, X2,
  • We use the notation Xi - ti1 Xi1
  • to indicate the state transition from Xi to Xi1
  • X - Y indicates that starting at X, after a
    series of
  • transitions the system enters state Y.

11
Protection State Transitions
  • Xi - ci1 (pi1,1 ,, pi1,m) Xi1
  • Indicates that the transition is caused by the
    command
  • ci1 on the parameters pi1,1 ,, pi1,m.

12
The Harrison-Ruzzo-Ullman Model
  • This is based on a set of primitive commands.
  • create subject s
  • create object o
  • enter r into as,o
  • delete r from as,o
  • destroy subject s
  • destroy object o

13
The Harrison-Ruzzo-Ullman Model
  • Example.
  • command createfile(p,f)
  • create object f
  • enter own into a(p,f)
  • enter r into a(p,f)
  • enter w into a(p,f)
  • end

14
The Harrison-Ruzzo-Ullman Model
  • Example. conditional commands
  • Suppose process p wants to give process q the
    right to read file f
  • command grantreadfile1(p,f,q)
  • if own in a(p,f)
  • then
  • enter r into a(q,f)
  • end
  • See textbook for other examples.

15
Copying and owning
  • Rights
  • copy right (grant right) augments existing
    rights
  • own right
  • Copy right allows its possessor to grant rights
    (this right is often
  • considered a flag attachment hence flag right)
  • Own right allows its possessor to add or delete
    privileges to
  • themselves.

16
Attenuation of privilege
  • The Principle of Attenuation of Privilege says
    that
  • a subject may not give rights it does not possess
    to another subject.
Write a Comment
User Comments (0)
About PowerShow.com