Computer Security: Principles and Practice, 1/e

Lecture 8Access Control (cont)modified from slides of Lawrie BrownThis chapter focuses on access control enforcement within a computer system.The chapter considers the situation of a population of users and user groups that areable to authenticated to a system and are then assigned access rights to certain resourceson the system. A more general problem is a network or Internet-based environment, inwhich there are a number of client systems, a number of server systems, and a numberof users who may access servers via one or more of the client systems. This more generalcontext introduces new security issues and results in more complex solutions than thoseaddressed in this chapter. We cover these topics in Chapter 23.

1Mandatory Access Control (MAC)2UnclassifiedConfidentialSecretTop Secretcan-flowdominanceLabeling Mechanism is usedMilitary SecurityRequire a strict classification of subjects and objects in security levels

Drawback of being too rigid

Applicable only to very few environmentsPrevent any illegal flow of information through the enforcement of multilevel securityAdopted from : Role-Based Access Control by Prof.Ravi Sandhuuser with secret label is not allowed to read a file with label of top secret.

2Compartments and Sensitivity LevelsUnclassifiedRestrictedConfidentialSecretTop SecretCompartment 1Compartment 3Compartment 2Information access is limited by the need-to-knowCompartment: Each piece of classified information may be associated with one or more projects called compartments

Classification & Clearance

class of a piece of information

Clearance: an indication that a person is trusted to access information up to a certain level of sensitivity

clearance of a subject

Dominance RelationWe say that s dominates o (or o is dominated by s) if o