Lecture6 - IS2150/TEL2810 IntroductiontoSecurity JamesJoshi

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
1 IS 2150 / TEL 2810 Introduction to Security James Joshi Associate Professor, SIS Lecture 6 September 27, 2011 Take Grant Model
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Objective Understand Take-Grant model Specific, restricted Analyze Right Sharing Stealing/Theft conspiracy 2
Background image of page 2
3 Take-Grant Protection Model System is represented as a directed graph Subject: Object: Labeled edge indicate the rights that the source object has on the  destination object Four   graph rewriting rules (“de jure”, “by law”, “by rights”) The graph changes as the protection state changes according to 1.  Take rule Take rule :   if  γ , the take rule produces another graph with a transitive  edge  α     β   added . Either : γ α β γ β x z y x z y x  takes ( α  to  y ) from  z
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Take-Grant Protection Model 2.  Grant rule :  if  γ , the take rule produces another graph with a  transitive edge  α     β  added. γ α β γ β x z y x z y 3. 3. Create rule Create rule : α x x y 4. 4. Remove rule Remove rule : β   - α x y β x y z  grants ( α  to  y ) to  x x  creates ( α  to new vertex)  y x  removes ( α  to)  y
Background image of page 4
5 Take-Grant Protection Model: Sharing Given  G 0 , can vertex  x  obtain  α  rights over  y ? Can_share ( α , x y , G 0 ) is true iff  G 0 G n There is an  α  edge from  x  to  y  in  G n tg-path :   v 0 ,…, v n  with  t  or  g  edge between any  pair of vertices  v i v i+1 Vertices  tg-connected  if  tg-path  between them Theorem:  Any two subjects with  tg-path  of  length 1 can share rights
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Any two subjects with  tg-path  of length  1 can share rights Four possible length 1  tg -paths 1. Take rule 2. Grant rule 3. Lemma 3.1 4. Lemma 3.2 { t }   β   α   β   α { g }   β   α { t } { g }   β   α Can_share (α, x x , , y y , G 0 ) x y z
Background image of page 6
7 Any two subjects with  tg-path  of length  1 can share rights Lemma 3.1 Sequence: Create Take Grant Take   β   α α  { t } Can_share (α, x x , , y y , G 0 ) g tg α x y   β   α { t } z Prove Lemma 3.2 Prove Lemma 3.2
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Island :  Maximal  tg -connected subject-only  subgraph Can_share  all rights in island Proof:  Induction from previous theorem Bridge :   tg -path between subjects v 0  and  v n  with edges of the following form: t *,  t t
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 27

Lecture6 - IS2150/TEL2810 IntroductiontoSecurity JamesJoshi

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online