04 - Chapter 4: Security Policies Overview The nature of...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #4-1 Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs . precise Underlying both Trust
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #4-2 Overview Overview Policies Trust Nature of Security Mechanisms Policy Expression Languages Limits on Secure and Precise Mechanisms
Background image of page 2
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #4-3 Security Policy Policy partitions system states into: Authorized (secure) These are states the system can enter Unauthorized (nonsecure) If the system enters any of these states, it’s a security violation Secure system Starts in authorized state Never enters unauthorized state
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #4-4 Confidentiality X set of entities, I information I has confidentiality property with respect to X if no x X can obtain information from I I can be disclosed to others Example: X set of students I final exam answer key I is confidential with respect to X if students cannot obtain final exam answer key
Background image of page 4
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #4-5 Integrity X set of entities, I information I has integrity property with respect to X if all x X trust information in I Types of integrity: trust I , its conveyance and protection (data integrity) I information about origin of something or an identity (origin integrity, authentication) I resource: means resource functions as it should (assurance)
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #4-6 Availability X set of entities, I resource I has availability property with respect to X if all x X can access I Types of availability: traditional: x gets access or not quality of service: promised a level of access (for example, a specific level of bandwidth) and not meet it, even though some access is achieved
Background image of page 6
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #4-7 Policy Models Abstract description of a policy or class of policies Focus on points of interest in policies Security levels in multilevel security models Separation of duty in Clark-Wilson model Conflict of interest in Chinese Wall model
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #4-8 Types of Security Policies Military (governmental) security policy Policy primarily protecting confidentiality Commercial security policy Policy primarily protecting integrity Confidentiality policy Policy protecting only confidentiality Integrity policy Policy protecting only integrity
Background image of page 8
June 1, 2004
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 05/04/2008 for the course CS 526 taught by Professor Wagstaff during the Fall '07 term at Purdue University-West Lafayette.

Page1 / 59

04 - Chapter 4: Security Policies Overview The nature of...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online