05 - Chapter 5: Confidentiality Policies Overview What is a...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #5-1 Chapter 5: Confidentiality Policies Overview What is a confidentiality model Bell-LaPadula Model General idea Informal description of rules Formal description of rules Tranquility Controversy †-property System Z
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #5-2 Overview Bell-LaPadula Informally Formally Example Instantiation Tranquility Controversy System Z
Background image of page 2
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #5-3 Confidentiality Policy Goal: prevent the unauthorized disclosure of information Deals with information flow Integrity incidental Multi-level security models are best-known examples Bell-LaPadula Model basis for many, or most, of these
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #5-4 Bell-LaPadula Model, Step 1 Security levels arranged in linear ordering Top Secret: highest Secret Confidential Unclassified: lowest Levels consist of security clearance L ( s ) Objects have security classification L ( o )
Background image of page 4
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #5-5 Example security level subject object Top Secret Tamara Personnel Files Secret Samuel E-Mail Files Confidential Claire Activity Logs Unclassified Ulaley Telephone Lists Tamara can read all files Claire cannot read Personnel or E-Mail Files Ulaley can only read Telephone Lists
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #5-6 Reading Information Information flows up , not down “Reads up” disallowed, “reads down” allowed Simple Security Condition (Step 1) Subject s can read object o iff, L ( o ) L ( s ) and s has permission to read o Note: combines mandatory control (relationship of security levels) and discretionary control (the required permission) Sometimes called “no reads up” rule
Background image of page 6
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #5-7 Writing Information Information flows up, not down “Writes up” allowed, “writes down” disallowed *-Property (Step 1) Subject s can write object o iff L ( s ) L ( o ) and s has permission to write o Note: combines mandatory control (relationship of security levels) and discretionary control (the required permission) Sometimes called “no writes down” rule
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #5-8 Basic Security Theorem, Step 1 If a system is initially in a secure state, and every transition of the system satisfies the simple security condition, step 1, and the *- property, step 1, then every state of the system is secure Proof: induct on the number of transitions
Background image of page 8
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #5-9
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 05/04/2008 for the course CS 526 taught by Professor Wagstaff during the Fall '07 term at Purdue University-West Lafayette.

Page1 / 81

05 - Chapter 5: Confidentiality Policies Overview What is a...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online