Notes - Computer Security MT24, Access control


Flashcards

In the context of access control, @define an object.


Any kind of resource (for which access control is relevant).

In the context of access control, @define a subject.


An entity who wishes to access a certain object.

In the context of access control, can you give @examples of some modes of access?


  • Reading
  • Writing
  • Executing
  • Listing
  • Adding
  • Deleting

In the context of access control, the following are all modes of access:

  • Reading
  • Writing
  • Executing
  • Listing
  • Adding
  • Deleting

@Define what is meant by a permission.


Capability to apply one of these modes to an object.

Give a complete definition description of access control in terms of sets.


Access control is completely described by a set $\mathcal A$ where

\[\mathcal A \subseteq \mathcal S \times \mathcal O \times \mathcal P\]

and

  • $\mathcal S$ is the set of all subjects,
  • $\mathcal O$ is the set of all objects, and
  • $\mathcal P$ is the set of all permissions.

If $(s, o, p) \in \mathcal A$, then subject $s$ has permission $p$ to object $o$.

@Define an access control matrix.


A matrix $M _ {s, o}$ whose rows are subjects $s$ and columns are objects $o$, and entries are subsets of permissions $p$, so:

\[M_{s, o} \subseteq \mathcal P\]

@Define an access control list.


A set $\{A _ o \mid o \in \mathcal O\}$, where each $A _ o \subseteq \mathcal S \times \mathcal P$, a list of subjects $s$ who have permission $p$ to that object.

(So really a list indexed by objects of who has what permission to those objects).

What does it mean for an access control system to work by storing capabilities?


Subjects are issued tokens which give them access to the permissions they are entitled.

What are the main differences between access control systems using:

  • Access control lists
  • Capabilities

  • Access control lists store access control information by object
  • Capabilities store access control information in tokens which are issues per subject

One problem when using capabilities (e.g. via tokens) for access control is that it’s difficult to revoke access once a token has been given to a user.

What are some ways of solving this problem?


  • Use timeouts
  • Only allow tokens to be used once

@Define mandatory access control.


System-wide policies determine the permissions, and only a system-wide administrator can change the policies.

@Define discretionary access control.


Each object is assigned an owner, who is allowed to grant or revoke permissions for an object.

What is an advantage of mandatory access control compared to discretionary access control?


The security of the system doesn’t depend on the good behaviour of users.

@Define intermediate control in the context of access control?


When further abstractions are made over $\mathcal S$, $\mathcal O$ and $\mathcal P$ to allow for more efficient administration.

@Define negative permissions in the context of access control.


Where, rather than specifying the permissions a user has, you specify what they cannot do.

Given an @example of how policy conflicts might occur in access control.


A user has certain permissions on an object, but they are part of a group which specifies negative permissions for that object.

@Define privileges in the context of access control.


Rights to execute operations on the computer.

@Define roles in the context of access control.


Groups with certain privileges (rights to execute certain operations on the computer).

@Define RBAC.


Access control specified in terms of roles, which are groups with certain privileges and access permissions.

What memory structures could be used to improve the security of a hardware reference monitor?


  • EPROM, Erasable and programmable read-only memory
  • WROM, Write-once only memory

@Define the concept of a gate in the context of access control.


  • Gates mediate between outer and inner rings of security.
  • Invoking an inner ring object must go via the gate, and the gate ensures that no disallowed operations occur.



Related posts