Firewall Policy with Mandatory Access Control Model - PowerPoint PPT Presentation

1 / 25
About This Presentation
Title:

Firewall Policy with Mandatory Access Control Model

Description:

... hardware and software moved the computing from desk-top to networked computers ... 'Survey of recent operating systems research, designs and implementations' ACM ... – PowerPoint PPT presentation

Number of Views:72
Avg rating:3.0/5.0
Slides: 26
Provided by: mot122
Category:

less

Transcript and Presenter's Notes

Title: Firewall Policy with Mandatory Access Control Model


1
Firewall Policy with Mandatory Access Control
Model
  • Reena Cherukuri

2
Introduction
  • In 1960s the classified information was safely
    handled as the computers were oriented for single
    user at a time.
  • In the early 70s technological advances have
    made it possible for the Multi user Multi
    processor operating system.
  • With the advent of first multi user multi
    processor operating systems information security
    became a very important issue.

3
Multi User Operating System
  • Balance requirements of multiple users
  • Provide each program enough and separate
    resources
  • Isolate problems with one user from the rest
  • Enforce good computer use
  • Protect users from each other evil

4
Security Issues
  • Flaws and Patches
  • Targeted Malicious code
  • Trapdoors
  • Covert Channels
  • Viruses and other malicious code
  • Viruses
  • Trojan Horses
  • Non-malicious program errors
  • Buffer overflow
  • Incomplete Mediation
  • Time-of-check to Time-of use errors
  • Combinations

5
Access Control Models
  • These models are designed to control the flow of
    information in the organization.
  • Terms used in Access control models
  • Subject Something or someone to which access is
    granted or denied, i.e. a user, application, or
    system process.
  • Object Something that is granted access or
    denied for, i.e. a file, printer, application, or
    system process

6
Types of Access Control Models
  • Discretionary Access Control Models (DAC)
  • Mandatory Access Control Models (MAC)

7
DAC - The Model
  • A Set of Objects (O)
  • A Set of Subjects (S)
  • An Access Matrix (A)
  • Element A i,j specifies the access which
    subject i has to object j.
  • ACLs Storing the matrix by Columns
  • Capabilities Storing the matrix by Rows

8
DAC - Drawbacks
  • Does not provide real assurance on the flow of
    information in a system.
  • Does not impose any restriction on the usage of
    information by a User once the User has received
    it.
  • Objects are at the whim or fancy of their owners
    to grant access to them for other Users.
  • Information can be copied from one Object to
    another, so access to a copy is possible even if
    the owner of the original does not provide access
    to it.

9
MAC - The Model
  • Subjects and Objects in a System have a certain
    classification.
  • Read Up - A Subject's integrity level must be
    dominated by the integrity level of the Object
    being read.
  • Write Down - A Subject's integrity level must
    dominate the integrity level of the Object being
    written.

10
BELL-LAPADULA MODEL
  • The concept of mandatory access controls was
    first formalized by Bell and LA Padula
  • The key idea in BLP is to augment discretionary
    access controls with mandatory access controls,
    so as to ensure the information flow policies.
  • The mandatory access control policy is expressed
    in terms of security labels attached to subjects
    and objects. A label on an object is called a
    security classification, while a label on a user
    is called security clearance.

11
BLP MODEL
  • The specific mandatory access rules given in BLP
    are as follows, where ? signifies the security
    label of the indicated subject or object.
  • Simple-Security Property Subject s can read
    object o only if ?(s) ? (o).
  • -Property Subject s can write object o only
    if ?(s) ?(o). (The -property is pronounced as
    the star-property.)

12
BLP MODEL
13
BIBA MODEL
  • Formulated for the purpose of integrity.
  • The basic concept of BIBA model is that
    low-integrity information should not be allowed
    to flow to high-integrity objects, whereas the
    opposite is acceptable.
  • In Biba Model the high integrity is placed
    towards the top of the lattice of security labels
    and low integrity to bottom.
  • The information flow is from top to bottom.

14
BIBA MODEL
  • Simple-Integrity Property Subject s can read
    object o only if ?(s) ?(o).
  • Integrity -Property Subject s can write object
    o only if ?(s) ?(o).
  • These properties are called the duals of the
    corresponding properties of BLP.
  • BIBA and BLP models can be combined in situations
    where both confidentiality and integrity are
    concerned.

15
COMPOSITE MODEL
  • The combined mandatory controls are as follows
  • Subject s can read object o only if ?(s) ?(o)
    and ?(s) ?(o).
  • Subject s can write object o only if ?(s) ?(o)
    and ?(s) ?(o).
  • It is a popular model and has been implemented in
    several OS, database and network products.
  • It is the simultaneous application of two
    lattices, in which the information flow occurs in
    opposite direction.

16
Composite Model
17
Distributed Environments
  • In late 80s and early 90s the enterprises
    started to disintegrate as PCs gained a lot of
    importance.
  • Since individual persons are responsible for
    their own PCs the security was the
    responsibility of the owner too.
  • Mid 90s as internet gained a lot of importance
    the enterprises started distributing.
  • Advances in hardware and software moved the
    computing from desk-top to networked computers
    that cover a large geographical area, possibly
    the whole world.

18
Firewalls
  • Firewalls are computer security facilities which
    used to control unauthorized access into the
    network.
  • They are used to enforce a security policy of the
    organization and they are placed between
    networks.
  • They are the security enforcement points that
    separate networks.
  • It is a device that interfaces the network to the
    outside world and shields the network from
    unauthorized users.

19
What can't a firewall do?
  • They cannot provide complete security
  • They can do nothing to guard against insider
    threats.
  • Employee misconduct or carelessness cannot be
    controlled by firewalls.
  • Policies involving the use and misuse of
    passwords and user accounts must be strictly
    enforced.
  • The firewalls cannot handle the Trojan horses or
    malicious code. They can be delivered though
    email etc.

20
How to improve Security?
Firewall
  • Distributed systems

Firewall Policy
DAVIE
BOCA
Jupiter
COAST
21
How to improve Security?
Firewall
  • Distributed systems

Central Firewall Policy
DAVIE
BOCA
Jupiter
COAST
22
Firewalls Using MAC
  • Now with the organization firewall we implement
    the MAC.
  • Depending on the subjects (IP address) role in
    the organization we give them the read and the
    write access.
  • The roles are defined by the administrator.
  • This prevents the Trojan Horses.
  • It is very easy to implement and it avoids a lot
    of configuration errors.

23
References
  • C. Mohan Survey of recent operating systems
    research, designs and implementations ACM SIGOPS
    Operating Systems Review,  Volume 12 Issue 1,
    January 1978
  • Harrison, M.A., W.L. Rizzo, and J.D. Ullam,
    Protection in Operating Systems, Communications
    of the ACM, 19, 8, Pp. 461-471, August 1976
  • Ravi S. Sandhu and Pierangela Samarati. Access
    control Principles and practice, IEEE
    Communications, 32(9)40-48, 1994.
  • D.E. Bell and L.J. LaPadula, "Secure Computer
    Systems Mathematical Foundations and Model,"
    Mitre Corp. Report No. M74-244, Bedford, Mass.,
    1975. (Also available through Nat'l Technical
    Information Service, Springfield, Va., Report No.
    NTIS AD-771543.)
  • Dorothy E. Denning, A lattice model of secure
    information flow, Communications of the ACM,
    v.19 n.5, p.236-243, May 1976
  • Ravi S. Sandhu Lattice-Based Access Control
    Models (Vol. 26, No. 11) p. 9-19 November 1993
  • Rolf Oppliger Internet security firewalls and
    beyond Communications of the ACM, Volume 40 , 
    Issue 5 p 92 102, May 1997
  • Mark Vandenwauver, Joris Claessens, Wim Moreau,
    Katholieke Universiteit at Leuven Why
    Enterprises Need More than Firewalls and
    Intrusion Detection Systems IEEE 8th
    International Workshops on Enabling Technologies
    Infrastructure for Collaborative Enterprises June
    16 - 18, 1999 Palo Alto, California p. 152

24
Questions Suggestions ????
25
Thank You!!!!
Write a Comment
User Comments (0)
About PowerShow.com