LectureNote2-AccessMatrix

LectureNote2-AccessMatrix - A UTHORIZATION & A CCESS C...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: A UTHORIZATION & A CCESS C ONTROL AUTHORIZATION & ACCESS CONTROL DISCRETIONARY ACCESS CONTROL HRU MODEL OF AUTHORIZATION SYSTEM MANDATORY ACCESS CONTROL LATTICE BASED ACCESS CONTROL MODELS COMMERCIAL SECURITY CS 556 - Computer Security - c circlecopyrt 2009 Colorado State University 1 / 124 Access Control AUTHORIZATION & ACCESS CONTROL DISCRETIONARY ACCESS CONTROL HRU MODEL OF AUTHORIZATION SYSTEM MANDATORY ACCESS CONTROL LATTICE BASED ACCESS CONTROL MODELS COMMERCIAL SECURITY CS 556 - Computer Security - c circlecopyrt 2009 Colorado State University 2 / 124 Authentication Authorization Enforcement who is trying to access a protected resource? how does the system enforce the speciFed authorization? who should be allowed to access which protected resources? who should be allowed to change the access? Access Control Models Access Control Architectures Authorization AUTHORIZATION & ACCESS CONTROL DISCRETIONARY ACCESS CONTROL HRU MODEL OF AUTHORIZATION SYSTEM MANDATORY ACCESS CONTROL LATTICE BASED ACCESS CONTROL MODELS COMMERCIAL SECURITY CS 556 - Computer Security - c circlecopyrt 2009 Colorado State University 3 / 124 One of the most important techniques for computer security Often neglected Process of expressing access policies in computer systems Expressed in terms of subjects (active entities) accessing objects (passive as well as active entities) Access Control Models AUTHORIZATION & ACCESS CONTROL DISCRETIONARY ACCESS CONTROL HRU MODEL OF AUTHORIZATION SYSTEM MANDATORY ACCESS CONTROL LATTICE BASED ACCESS CONTROL MODELS COMMERCIAL SECURITY CS 556 - Computer Security - c circlecopyrt 2009 Colorado State University 4 / 124 Discretionary Access Control Access Matrix Models HRU and TAM Mandatory Access Control Information Flow Model Chinese Wall Lippners Model Clark-Wilson Model Role-based Access Control D ISCRETIONARY A CCESS C ONTROL AUTHORIZATION & ACCESS CONTROL DISCRETIONARY ACCESS CONTROL HRU MODEL OF AUTHORIZATION SYSTEM MANDATORY ACCESS CONTROL LATTICE BASED ACCESS CONTROL MODELS COMMERCIAL SECURITY CS 556 - Computer Security - c circlecopyrt 2009 Colorado State University 5 / 124 Discretionary Access Control (DAC) AUTHORIZATION & ACCESS CONTROL DISCRETIONARY ACCESS CONTROL HRU MODEL OF AUTHORIZATION SYSTEM MANDATORY ACCESS CONTROL LATTICE BASED ACCESS CONTROL MODELS COMMERCIAL SECURITY CS 556 - Computer Security - c circlecopyrt 2009 Colorado State University 6 / 124 Definition [Bishop p.53] If an individual user can set an access control mechanism to allow or deny access to an object, that mechanism is a discretionary access control (DAC), also called an identity-based access control (IBAC). DAC (contd) AUTHORIZATION & ACCESS CONTROL DISCRETIONARY ACCESS CONTROL HRU MODEL OF AUTHORIZATION SYSTEM MANDATORY ACCESS CONTROL LATTICE BASED ACCESS CONTROL MODELS COMMERCIAL SECURITY CS 556 - Computer Security - c circlecopyrt 2009 Colorado State University 7 / 124...
View Full Document

This note was uploaded on 05/29/2010 for the course CS 556 taught by Professor Staff during the Spring '08 term at Colorado State.

Page1 / 30

LectureNote2-AccessMatrix - A UTHORIZATION & A CCESS C...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online