Security Models

Security Models - Computer Security Security models an...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
11/07/11 1 Computer Security Security models – an overview.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
11/07/11 2 Finite State Machine Models Automata (=Finite State Machines) are a popular way Of modeling many aspects of computing systems. The essential feature of these are then concepts of: State State transition
Background image of page 2
11/07/11 3 Bell-LaPadula (BLP) Model BLP Structure Combines, . Access permission matrices for access control, a Security lattice , for security levels, an Automaton , for access operations. Security policies are reduced to relations in the BLP structure.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
11/07/11 4 BLP Model A set of subjects S A set of objects O A set of access operations A = {execute,read,append,write} A set L of security levels, with a partial ordering .
Background image of page 4
11/07/11 5 BLP Model We want to use the state of the system to check its security. The state set is: B x M x F, where B = ( SxOxA ) the set of current accesses b . M is the set of permission matrices M A set of security level assignments F L s x L s x L o .
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
11/07/11 6 BLP Model The security level assignments F L s x L s x L o . F has elements f = , where objects. of tion classifica security the gives O : subject, each of level security current the gives : have, can subject each security maximal the gives : L f L S f L S f O C S level. current the dominates level maximal the is, that , : require We S C f f ) , , ( O C S f f f
Background image of page 6
11/07/11 7 BLP Model Security policies: a state ( b,M,f ) must satisfy , 1. Simple security property ( ss-property ): for each access request ( s,o,a ) in b , with access operation a = read , or write , the security level of s must dominate the classification of o , i.e., This is a no read/write up security policy ) ( ) ( s f o f S O
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
11/07/11 8 BLP Model 2. Star property ( * -property): for each access request ( s,o,a ) in b , with access operation a = append , or write , the current security level of s is dominated by the classification of the object o, i.e. . This is a no append/write down policy. Also, if there is an ( s,o,a ) in b with a = append or write, then we must have for all o’ with ( s,o’,a’ ) in b and a’ = read or write ) ( ) ( o f s f O C (o) f (o') f O O
Background image of page 8
11/07/11 9 BLP Model 3. Discretionary security property ( ds-property ): -- for each access ( s,o,a ) in b , we must have . so M a
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 BLP Model The * -property implies that is not possible to send messages to low level subjects. There are two ways to remedy this. Temporarily downgrade a high level subject this is why we introduced the current security level . Identify a set of subjects that are permitted to violate the * -property . These are called
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 52

Security Models - Computer Security Security models an...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online