Scribd Logo
Importer

Bienvenue sur Scribd !

  • Access Control

    Transféré par

    Mohamedi Feten
    16 vues14 pages
    "A security mechanism is a procedure that enforces some part of the security policy" "a security model is a model that represents a particular policy or set of policies" "access control models: protect access to data" "integrity control models: verify that data is not changed"

    Description originale:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formats disponibles

    PPT, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    "A security mechanism is a procedure that enforces some part of the security policy" "a security model is a model that represents a particular policy or set of policies" "access control models: protect access to data" "integrity control models: verify that data is not changed"

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    16 vues14 pages

    Access Control

    Transféré par

    Mohamedi Feten
    "A security mechanism is a procedure that enforces some part of the security policy" "a security model is a model that represents a particular policy or set of policies" "access control models: protect access to data" "integrity control models: verify that data is not changed"

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 14

    INFORMATION SECURITY

    Why Model?
    What is an information security model? Why use one? A security policy is a statement that partitions the states of the system into a set of authorized, or secure, states and a set of unauthorized, or nonsecure, states A security mechanism is a procedure that enforces some part of the security policy. A security model is a model that represents a particular policy or set of policies.

    Categories of InfoSec Models


    Two major categories of information security models:
    Access Control models: protect access to data Integrity Control models: verify that data is not changed

    The access control model


    Elements:
    Objects Subjects Requests

    An access control matrix


    file1 rwx r r file2 rw r r file3 r file4 x x x

    Objects Subject

    user1 user2 user3

    Bell-LaPadula Security Model


    The Bell-LaPadula (BLP) model is about information confidentiality, and this model formally represents the long tradition of attitudes about the flow of information concerning national secrets.
    .

    Bell LaPadula - Details


    Earliest formal model Each user subject and information object has a fixed security class labels Use the notation to indicate dominance Simple Security (ss) property: the no read-up property
    A subject s has read access to an object iff the class of the subject C(s) is greater than or equal to the class of the object C(o) i.e. Subjects can read Objects iff C(o) C(s)

    Access Control: Bell-LaPadula

    Top Secret

    Read OK
    Re ad O
    ad Re

    Top Secret

    Secret

    Secret

    OK

    Unclassified

    Unclassified

    Access Control: Bell-LaPadula

    Top Secret
    b or F n de id

    Top Secret

    Secret

    d ea R Read OK
    Re ad O

    Secret

    Unclassified

    Unclassified

    Access Control: Bell-LaPadula

    Top Secret

    Top Secret

    Secret

    Fo rb id de n

    Secret

    Re ad

    Unclassified

    rb Fo d ea R Read OK

    n de id

    Unclassified

    Bell - LaPadula (2)


    * property
    (star): the no write-down property
    While a subject has read access to object O, the subject can only write to object P if C(O) C (P)

    Access Control: Bell-LaPadula

    Top Secret
    W

    Write OK
    rit e Fo rb id

    Top Secret

    de n

    W e rit Fo

    Secret

    Secret
    n

    rb id de

    Unclassified

    Unclassified

    Access Control: Bell-LaPadula

    Top Secret
    OK e rit

    Top Secret

    Secret
    W

    Write OK
    rit e Fo rb id

    Secret

    de n

    Unclassified

    Unclassified

    Access Control: Bell-LaPadula

    Top Secret

    Top Secret

    Unclassified

    Write OK

    rit e

    Secret

    Secret

    r it W

    OK e

    Unclassified

    Vous aimerez peut-être aussi