csce727-lect9-3

csce727-lect9-3 - Security Policies Reading For this class:...

Info iconThis preview shows pages 1–13. Sign up to view the full content.

View Full Document Right Arrow Icon
Security Policies Security Policies
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Information Warfare - Farkas 2 Reading Reading For this class: Denning: Chapter 13 – Access Controls M. Daminaou, N. Dulay, E. Lupu, M. Sloman: The Ponder Policy Specification Language, http://www.doc.ic.ac.uk/~mss/Papers/Ponder-summary.pdf S. De Capitani di Vimercati, P. Samarati, S. Jajodia: Policies, Models, and Languages for Access Control, http://seclab.dti.unimi.it/Papers/2005-DNIS.pdf S. Jajodia, P. Samarati, M.L. Sapino, and V.S. Subrahmanian: Flexible Support for Multiple Access Control Policies, http://seclab.dti.unimi.it/Papers/tods-logic.ps Look at the Security Services of the NETWORK AND INFORMATION SECURITY SERVICES, USC, http://uts.sc.edu/network/
Background image of page 2
Why Do We Need Security Why Do We Need Security Policies? Policies? Basic Purpose of Policy Policy and Legislative Compliance Policies as Catalysts for Change Policies Must be Workable Information Warfare - Farkas 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Who Will Use the Policy? Who Will Use the Policy? Audience groups Audience and policy content Information Warfare - Farkas 4
Background image of page 4
Policy Type Policy Type Policy Hierarchy Governing Policy Technical Policies Job Aids / Guidelines Information Warfare - Farkas 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Policy Development Policy Development Development Process Maturity Top-Down Versus Bottom-Up Current Practice Versus Preferred Future Consider All Threat Types Policy Development Life Cycle Information Warfare - Farkas 6
Background image of page 6
Technical Policies Technical Policies Information Warfare - Farkas 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Information Warfare - Farkas 8 Policy, Model, Policy, Model, Mechanism Mechanism Policy : High-level rules Model : formal representation – proof of properties Mechanism : low-level specifications Separation of policy from the implementation!
Background image of page 8
Information Warfare - Farkas 9 System Architecture System Architecture and Policy and Policy Simple monolithic system Distributed homogeneous system under centralized control Distributed autonomous systems homogeneous domain Distributed heterogeneous system Complexity Of Policy
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Information Warfare - Farkas 10 Traditional Access Traditional Access Control Control Protection objects : system resources for which protection is desirable Memory, file, directory, hardware resource, software resources, etc. Subjects : active entities requesting accesses to resources User, owner, program, etc. Access mode : type of access Read, write, execute
Background image of page 10
Information Warfare - Farkas 11 Access Control Models Access Control Models See CSCE 522 for details Been around for a while: Discretionary Access Control Mandatory Access Control Role-Based Access Control Relatively new: Usage-Based Access Control Capabilities-Based Access Control
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Information Warfare - Farkas 12 Closed vs. Open Systems Closed vs. Open Systems Closed system Open System Access req. Access req. Exists Rule?
Background image of page 12
Image of page 13
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/13/2011 for the course CSCE 727 taught by Professor Staff during the Spring '11 term at South Carolina.

Page1 / 47

csce727-lect9-3 - Security Policies Reading For this class:...

This preview shows document pages 1 - 13. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online