Chapter-1 Access control Systems & Methodology

IDS :

Honey pots , Padded Cells systems and Vulnerability analysis complement IDS to enhance an
organization’s ability to detect intrusion.

Honey pot Systems : Event Triggers, Sensitive monitors, Event loggers.

IDS – serve as monitoring mechanisms, watching activities, and making decisions

about the whether the observed events are suspicious.

Firewall serve as Barrier Mechanisms.

IDS look at security policy violations dynamically. IDS are analogous to security
monitoring cameras.

Vulnerability analysis systems take a static view of symptoms.

IDS detected and reported : System scanning attacks, DOS attack, system
Penetration attacks.

Honey pots and Padded Cells systems have Legal Implications.

Classification of IDS: Network-based IDS, Host-based IDS, Application- based

IDS.

Signature-based IDS- is the primary technique used by commercial systems to

analyse events to detect attacks.

Anomaly-based IDS- the subject of much research and is used in a limited form
by a number of IDS.

Firewalls are complement to IDS.

Respond is the most important part of IDS and containment. Reporting is the last
step in the IDS and containment process.

The process engine is the heart of the IDS.

A Mutation engine is used to proliferate polymorphic virus.

IDS and Firewall do INTERACT.

IDS detects a DOS attack.

A major issue with IDS –False-positive notification with Anamoloy-based IDS.

IDS Can do – Report alteration to data files, Trace user activity, interpret system
logs and Recognize a known type of attack.

Audit Trails : If audit trails have been designed and implemented to record
appropriate information, they can assist in IDS. Intrusions can be detected in real
time, by examining audit records as they are created or after the fact.

Page 1 of 8
 Chapter-1 Access control Systems & Methodology

Access control techniques:

Role-based access control: Excessive turnover of employees.e.g. Bank Teller,doctor,nurse,
manager. Its an eg. of NON-DAC. It is based on job duties concept.

Rule-based access control: Rule-based and MAC are the same since they are based on
specific rules relating to the nature of the subject and object. It is based on access rules.

DAC: is a means of restricting access to objects based on the identity of subjects and/or
groups to which they belong. A DAC model uses access control matrix where it places the
name of users(subjects) in each row and the names of objects(file or programs) in each
column of a matrix. It treats users and owners are the same.

Access is based on the authorization granted to the user, It uses access control list, It uses grant and
revoke access to objects.
An access control matrix is placing the name of Users in each row and the names of ojbects
in each column.

Example of objects are : records, programs, pages, files, directories etc. An access control
matrix describes an association of objects and subjects for authentication of access rights.

Identity-based policy and User-directed policy are eg. DAC.

ACLs: ACLs techniques provide a straightforward way of granting and denying access to for
a specified user. An ACL is an object associated with a file and containing entries specifying
the access that individual users or groups of users have to the file.Access control list is most
commonly used in the implementation of an access control matrix.

MAC: A MAC restrict access to objects based on the sensitivity of the information contained
in the objects and the formal authorization(i.e.clearence) of ojbects to access information of
such sensitivity.it uses security labels. Simplest to amdiminster. A security label or access
control mechanism is supported by MAC.Security Labels are very strong form of access
control.

e.g. Rule-based policy e.g. MAC.

Access Control Mechanisms:

• Logical ( passwords and encryption)

• Physical(keys and tokens)
• Administrative(forms and procedures) controls .
• Directive,preventive,detective,corrective and recovery controls are controls by action.
• Management , operational , and technical controls are controls by nature.

Non-DAC: Lattice security model is based on non-DAC.

Access to computer facilities and records is limited to authorized personnel on an “as needed”
basis.

Page 2 of 8
 Chapter-1 Access control Systems & Methodology

Principle of Least Privilege: Appropriate Privileges.

Each user(subject) is granted the lowest clearance needed to perform authorized tasks.it most
closely linked to. Integrity.

Security features:

• The granularity of privilege

• The time bounding of privilege
• Privilege inheritance

Consistent with the Principle of Least Privilege:

• Re-authorization when employees change positions

• Users have little access to systems.
• Users have significant access to systems.

Authorization creep: occurs when employees continue to maintain access rights for
previously held positions within an organization and it is a security vulnerability.

I&A techniques:
Password Management –Preventive control.

A virtual password is a password computed from a passphrase that meets the requirements of
the password storage(e.g.56 bits for DES).

User IDs and Passwords are first line of defence against potential security threats ,risks or
losses to the network.

Use of login IDs and passwords is the most commonly used mechanism for providing static
verification of a user.

Using password “advisors” is the most effective method for password creation.

A more simple and basic login controls include : validating username and password.

Password secrecy cannot be tested with automated vulnerability testing tools.

Use randomly generated characters password selection procedure would be the most difficult
to remember.

Password can be stored in password file preferably encrypted.

Password sharing , password guessing and password capturing are the most commonly used
methods to gain unauthorized access..

Access Control Mechanisms:

Page 3 of 8
 Chapter-1 Access control Systems & Methodology

Logical Access Control: e.g. Passwords, PINs and encryption.

Computer based access controls are called logical access controls. It helps to protect.

• Availability- Operating system and other systems software from unauthorized

modification or manipulation.(and there by help to ensure the system’s integrity and
availability).
• The integrity and availability of information by restricting the number of users and
processes with access.
• Confidential information from being disclosed to unauthorized individuals.
• Logical access control mechanisms rely on physical access controls- Application
system access controls, operating system access controls, Utility programs are heavily
dependent on logical access controls to protect against unauthorized access.

Physical Access Control:

Administrative Access control:

FAR/FRR/CER – good measure of performance of biometric-based identification and

authentication technique.Type-I error is false rejection and Type-II error is false acceptance
of imposters.

Kerberos –identification and authentication technique involves a ticket that is linked to a

user’s password to authenticate a system user. The Key-distribution-server is a major
vulnerability with Kerberos.56bit size.

Pre-authentication is required to thwart attacks against a Kerberos security server.

Kerberos uses a trusted third party, Kerberos is a credential-based authentication system,

Kerberos uses symmetric-key cryptography.

Kerberos is a(n): Ticket-oriented protection system.

A replay attack refers to the recording and retransmission of message packets in the
network.it can be prevented by using packet time-stamping.

Kerberos can prevent playback(replay)attack.

Most to least protection against replay attacks:

• Challenge response, one-time password, password and PIN, and Password only.

Kerberos used : Managing encryption keys, Managing centralized access rights, Managing
access permissions.

Kerberos based authentication system would reduce the risk of impersonation in an

environment of networked computer systems.

Authentication services can best provided by Kerberos.(defacto standard)

Weakness of Kerberos:

Page 4 of 8
 Chapter-1 Access control Systems & Methodology

• Subject to dictionary attacks

• Every network application must be modified.

Strength of Kerberos:

• Works with an existing security systems software

• Intercepting and analysing network traffic is difficult.
• The major advantage of a SSO- goes beyond convenience.

Secure RPC and SPX provides a robust authentication mechanism over distributed
environments.

SecureID: Is a token from RSA , inc.

Authentication mechanisms: what the user knows, what the user has, what the user is.

A more reliable authentication device is a : Smart card system.

An example of drawback of smart card includes – A means of gaining unauthorized access.

Smart card: as a means of access control, as a medium for storing and carrying the
appropriate data , a means of access control and data storage.

Robust Authentication: is provided by – Keberos , One-Time Passwords,Challenge-

response exchanges, Secure RPC and Digital Certificates.

Address-based access mechanisms : creates a security problem. It use IP source addresses,

wich are not secure and subject to IP address spoofing attacks. The IP address deals wih
Identification.

Location-based: where the user is authentication techniques is impossible to forge.it deals

with physical address.its used for continuous authentication.

Token-based: token as a means of identification and authentication.

Web-based access mechanisms:uses a secure protocols to accomplish authentication.

Password and PINs are vulnerable to guessing , interception, or brute force attack.

Biometrics can be vulnerable to interception and replay attacks.

Biometric system: user identification and authentication techniques depend on reference
profiles or templates.

Impersonation attacks involving the use of physical keys and biometric checks are less
likely due to the need for the network attacker to be physically near the biometric equipment.

Protective Measures is effective against multiple threats: Access Logs,Encryption,Audit

Trails.

Security mechanisms is least efficient and least effective: Recurring password.(weak security
mechanisms).

Page 5 of 8
 Chapter-1 Access control Systems & Methodology

Cryptography authentication techniques require additional work in administering the security.

Access Controls:

Physical access controls:

Operating system access controls:

Communication system access controls:

Application system access control most specific.

There are trade-offs among controls. A security policy would be most useful in –

• Access versus confidentiality.

• Technical controls versus procedure controls.

Controlling access to the network is provided by – Identification and authentication pair of

high-level system services.

Authentication is a protection against fraudulent transactions:

• The validity of message location being sent.

• The validity of workstations that sent the message.
• The validity of the message originator.

Identification techniques provide strong user authentication:

• What the user is (PIN+combined with fingerprint) for high dollar transactions.
• What the user has(bank automated teller machine card)
• What the user knows

Access Control Models:

The Clark—Wilson Security model : providing data integrity for common

commercial activities.
Separation of duties concept. An access triple – subject, program and data.

Biba Security Model: Integrity model in which no subject may depend on a

less trusted object, including another subject.

Take-Grant Security: Access rights

Chinese Wall: Access control problem.

Bell-Lapadula model: security clearance and sensitivity classification. It deals

with *-Property (No-write down is allowed).it addresses confidentiality by
describing different security levels of security classifications for documents.
These classification levels from least sensitive to most insensitive , include
Unclassifed, confidential , secret and Top Secret.

Bell-Lapadula model and information flow models are used to protect the
confidentiality of classified information.

Page 6 of 8
 Chapter-1 Access control Systems & Methodology

Access Control definitions:

Access control mechanisms: Identification, authentication, authorization and accountability.
Authorization comes after authentications.

Static authentication: uses reusable passwords , which can be compromised by replay attacks.

Robust authentication : includes one-time passwords and digital signatures, which can be
compromised by session hijacking.

Continuous authentication protects against impostors(active attacks) by applying a digital

signature algorithm to every bit of data that is sent from the claimant to the verifier. It
Prevents session hijacking.

Two-factor authentication: A two-factor authentication uses two different

kinds of evidence. For eg. , A challenge-response token card typically requires
both physical possession of the card(something you have , one factor) and a
PIN(something you know, another factor).

Tokens and Firewalls: Token provides a strong authentication for centralized

authentication servers when used with firewalls. For basic authentication, User
IDs, Password and account numbers are used for internal authentication.
Centralized authentication servers such as RADIUS,TACACS/TACACS+ can be
integrated with token-based authentication to enhance administration security.

Accountability: The concept of individual accountability drives the need for

many security safeguards, such as unique (user) identifiers, audit trails
and access authorization rules.
Accountability means holding individual user responsible for their actions. Due to
several problems with passwords they are considered to be the least
effective in exacting accountability. The most effective controls for exacting
accountability include a policy, authorization scheme, identification and
authentication controls, access controls, audit trails, and audtiting.

User Account Administration: An inherent risk is associated with logical

access which is difficult to prevent or mitigate but can be identified via a review
of audit trails. The risk associated with –Missed authorized access. Properly
authorized access , as well as misused authorized access, can use audit trail
analysis. While users can’t be prevented from using resources to which they
have legitimate access authorization, audit trail analysis is used to examine their
actions. Unauthorized access attempts whether successful or not can be
detected through the analysis of audit trails.

Many computer systems provide maintenance accounts. These special login

accounts normally preconfigured at the factory with preset, widely known weak
passwords. It is critical to change these passwords or otherwise disable the
accounts until they are needed. If the account is to be used remotely,
authentication of the maintenance provider can be performed using call-back
confirmation. This helps ensure that remote diagnostic activities actually
originate from an established phone number at the vendor site. Other techniques
can also help ,including encryption and decryption of diagnostic
communications, strong identification and authentication techniques,
such as smart tokens and remote disconnect verifications.

Page 7 of 8
 Chapter-1 Access control Systems & Methodology

Access control Administration: The separation of duties principle , the

“least privilege” principle; that is , users and processes in a system should
have the least number of privileges and for the minimal period of time necessary
to perform their assigned tasks. The authority and capacity to perform certain
functions should be separated and delegated to different individuals. The
principle is often applied to split the authority to write and approve monetary
transactions between two people. It can also be applied to separate the authority
to add users to a system and other system administrator duties from the
authority to assign passwords, conduct audits, and perform other security
administrator duties.

Penetration Tests:
The correct sequence:
• Inform the management about the test
• Develop a test plan
• Conduct the test
• Report the test results.
In terms of IS security, a penetration is defined as Attacks plus breach.

Tiger Teams are NOT true:

• They prove that a computer system is secure.
• They are substitute for methodical testing.
Tiger Teams are True :
• They can be effective when insider work is suspected.
• They represent another independent attack on the system.
• If the system has not been thoroughly tested prior to tiger team testing , it is a waste of
effort and money because the approach will be effective.
• The tiger team test will get the attention of management. It provides a second lines of
defence.

Fraud:
Separation of duties, job rotation, and mandatory vacations are management controls that can
help in preventing fraud.

Separation of duties: The greatest control exposure in a microcomputer(PC) environment is

a Lack of separation of duties.
The objective of separation of duties is that: NO one person has complete control over a
transaction or an activity.
Program library controls allow only assigned programs to run in production and eliminate the
problem of test programs accidently entering the production environment. They also separate
production and testing data to ensure that no test data are used in normal production. This
practice is based on the “Separation of duties” principle.

Administrative Control: Lack of centralized function for PC acquisition, Lack of

centralized function for PC disposition, Lack of distributed policies and procedure are
administrative control such as PC acquisition policies and procedures.

Page 8 of 8