ch10 - Computer Security: Principles and Practice Chapter...

Info iconThis preview shows pages 1–13. Sign up to view the full content.

View Full Document Right Arrow Icon
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 10 Chapter 10 Trusted Computing Trusted Computing and Multilevel Security and Multilevel Security
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Trusted Computing and Multilevel Security present some interrelated topics: formal models for computer security multilevel security trusted systems mandatory access control security evaluation
Background image of page 2
3 Formal Models for Computer Security two fundamental computer security facts: all complex software systems have flaw/bugs is extraordinarily difficult to build computer hardware/software not vulnerable to attack hence desire to prove design and implementation satisfy security requirements led to development of formal security models initially funded by US DoD Bell-LaPadula (BLP) model very influential
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Bell-LaPadula (BLP) Model developed in 1970s as a formal access control model subjects and objects have a security class top secret > secret > confidential > unclassified subject has a security clearance level object has a security classification level class control how subject may access an object applicable if have info and user categories
Background image of page 4
5 Multi-Level Security
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 BLP Formal Description based on current state of system ( b , M , f , H ): (current access set b, access matrix M, level function f, hierarchy H) three BLP properties: ss-property: ( S i , O j , read) has f c ( S i ) f o ( O j ). *-property: ( S i , O j , append) has f c ( S i ) f o ( O j ) and ( S i , O j , write) has f c ( S i ) = f o ( O j ) ds-property: ( S i , O j , A x ) implies A x M [ S i BLP give formal theorems theoretically possible to prove system is secure in practice usually not possible
Background image of page 6
7 BLP Rules 1. get access 2. release access 3. change object level 4. change current level 5. give access permission 6. rescind access permission 7. create an object 8. delete a group of objects
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 BLP Example
Background image of page 8
9 BLP Example cont.
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 BLP Example cont.
Background image of page 10
11 MULTICS Example
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Biba Integrity Model various models dealing with integrity strict integrity policy: simple integrity:
Background image of page 12
Image of page 13
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/05/2011 for the course CS 2105 taught by Professor Ana during the Fall '09 term at National University of Singapore.

Page1 / 40

ch10 - Computer Security: Principles and Practice Chapter...

This preview shows document pages 1 - 13. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online