Wednesday 9 January 2019

OS Security Goals, Policy & Model and Access Control Techniques

 Security Goals

Secrecy (confidentiality)
- Unauthorized disclosure
- Limits the objects (files/sockets) that a process can read

- Unauthorized modification
- Limits the objects that a process can write
 (objects may contains information that other processes depend on)

- Limits the system resources that processes (or users) may consume 
- Therefore preventing denial of service attacks
- Achieved by OS resource management techniques like fair scheduling

Confidentiality & Integrity

Achieved by Access Control
  • Every access to an object in the system should be controlled
  • All and Only authorized accesses can take place
Access Control Systems

Development of an access control system has three components
- Security Policy  : high level rules that define access control
- Security Model  : a formal representation of the access control security policy and its working.
       (this allows a mathematical representation of a policy; there by aid in proving that the model is secure)
- Security Mechanism  : low level (sw / hw) functional implementations of policy and model.

Security Policy
  • A scheme for specifying and enforcing security policies in a system
  • Driven by
         - Understanding of threat and system design
  • Often take the form of a set of statements
       - Succinct statements
       - Goals are agreed upon either by
                 * The entire community
                 * Top management
                 * Or is the basis of a formal mathematical analysis

A bad security policy model of a company

Megacorp Inc security policy
  1. This policy is approved by Management.
  2. All staff shall obey this security policy.
  3. Data shall be available only to those with a 'need-to-know'. 
  4. All breaches of this policy shall be reported at once to security.

Security Model

Why have it at all?
  • It is a mathematical representation of the policy.
  • By proving the model is secure and that the mechanism correctly implements the model, we can argue that the system is indeed secure (w.r.t. the security policy)

Security Mechanism
  • Implementing a correct mechanism is non trivial 
  • Could contain bugs in implementation which would break the security
  • The implementation of the security policy must work as a 'trusted base' (reference monitor)
  • Properties of the implementation
           - Tamper proof
           - Non-bypassable (all access should be evaluated by the mechanism)
           - Security kernel - must be confined to a limited part of the system (scattering security functions all over the system implies that all code must be verified)
          - Small - so as to achieve rigorous verification.

Discretionary Access Control

Discretionary (DAC)
  • Access based on
          - Identity of requestor
          - Access rules state what requestors are (or are not) allowed to do
  • Privileges granted or revoked by an administrator
  • Users can pass on their privileges to other users
  • Example. Access Matrix Model.
Access Matrix Model
  • By Butler Lampson, 1971
  • Subjects : active elements requesting information
  • Objects : passive elements storing information

States of Access Matrix 


Post a Comment

Popular Posts


AI (28) Android (24) AngularJS (1) Assembly Language (2) aws (17) Azure (7) BI (10) book (4) Books (121) C (77) C# (12) C++ (82) Course (66) Coursera (184) Cybersecurity (24) data management (11) Data Science (99) Data Strucures (7) Deep Learning (11) Django (6) Downloads (3) edx (2) Engineering (14) Excel (13) Factorial (1) Finance (6) flutter (1) FPL (17) Google (19) Hadoop (3) HTML&CSS (46) IBM (25) IoT (1) IS (25) Java (92) Leet Code (4) Machine Learning (46) Meta (18) MICHIGAN (5) microsoft (4) Pandas (3) PHP (20) Projects (29) Python (791) Python Coding Challenge (268) Questions (2) R (70) React (6) Scripting (1) security (3) Selenium Webdriver (2) Software (17) SQL (41) UX Research (1) web application (8)


Person climbing a staircase. Learn Data Science from Scratch: online program with 21 courses