Note-13

Note-13 - CSE 467/598 Data and Information Security Prof....

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
CSE 467/598 Data and Information Security Prof. Gail-Joon Ahn based on slides for "Computer Security: Art and Science" 2 Secure ( Basic Security Theorem ) ! A system is secure iff ! if it starts at a secure state ! ! s satisfy ! Simple security condition ! *-property ! Discretionary security property ! ..and only one rule selected per request!!!
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
based on slides for "Computer Security: Art and Science" 3 So what is BST??? ! Role of Basic Security Theorem is to demonstrate that rules preserve security ! Bell-LaPadula defines security in terms of 3 properties ! simple security condition, ! *-property, ! discretionary security property ! Showing “system is secure” involves proving “rules preserve these 3 properties” based on slides for "Computer Security: Art and Science" 4 Controversy (McLean) ! “value of the BST is much overrated since ! there is a great deal more to security than it captures; ! what is captured by the BST is so trivial that it is hard to imagine a realistic security model for which it does not hold.”
Background image of page 2
based on slides for "Computer Security: Art and Science" 5 McLean’s System Z ! A system supporting weak tranquility ! On any request, System Z 1. downgrades all subjects and objects to lowest level 2. adds the requested access permission ! Let initial state satisfy all 3 properties ! Successive states also satisfy all 3 properties ! Clearly non-secure ! On first request, everyone can read everything Looks Secure!!!!! based on slides for "Computer Security: Art and Science" 6 Reconsider System Z ! Initial state: ! subject s , object o ! C = {High, Low}, K = {All} ! f c ( s ) = (Low, {All}), f o (o) = (High, {All}) ! m [ s , o ] = { w }, b = { ( s , o , w ) }. ! s requests r access to o ! After request ! f’ c ( s ) = (Low, {All}), f ! o ( o ) = (Low, {All}) ! m [ s , o ] = {r , w } ( s , o , r ) " b , Cannot read Can read
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
based on slides for "Computer Security: Art and Science" 7 McLean’s Reformulation of Secure Action ! Given state that satisfies the 3 properties, ! the action transforms the system into a state that satisfies these properties ! eliminates any accesses present in the transformed state that would violate the property in the initial state, ! then the action is secure based on slides for "Computer Security: Art and Science" 8 Why is there a controversy? ! Bell-LaPadula Model developed as a model in
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 19

Note-13 - CSE 467/598 Data and Information Security Prof....

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online