Transcript Chapter 4

Chapter 4
Access Control
Manage Principals operations in system
Resources

Access control

Which principals have access to what
resources on the system and when
Applications
Middleware
Operating system
Hardware
Access control system





System authenticates principal using some
method, then controls access to system
resources.
Often a matrix of permissions
Triple of User Program File
See matrix page 53
Matrices grow very large


Control this through groups or roles
Certificated based systems coming about

I have a certificate signed by some authority that I
have a specific right.
Groups and roles
Do not assign rights individually
 Assign to groups that represents the
activities or job titles of employees
 They define the rules, you implement
them
 ACL Access Control List


Column of the matrix who has what rights to
resource
UNIX
Root can access everything.
 Not a good thing, even system admin
should not have access to certain files:

Audit trails
 Logs


Newer versions of UNIX have worked to
separate out these duties

Military versions even more so
Granularity

Security and Database






Database is 1 file so OS must give access to this
one file
Within in the database security is controlled by the
DBMS
This creates various issues with passwords,
management and control
Many systems, many passwords
Companies striving for 1 central directory service
This is why Microsoft wants it’s Active Directory
product to become a “standard”
Sandboxing
Java uses this
 Applet runs in a virtual restricted
environment

Does not have access to hard drive
 JVM has limited local access

Object Request Brokers
Mediates communications between
objects
 Outgrowth of Object Oriented
programming
 Common Object Request Broker
Architecture (CORBA)


Industry standard
Hardware protection

Protect one process from interfering with
another
Memory
 Metadata (data about processes)


Hardware access control


Rings of protection
Less privileged process (user program)
needs to access more privileged process
(device driver)
Processors
Intel processors page 63
 ARM processors page 63
 Security processors page 64
 QoS


Quality of Service issues.

One process does not hog CPU
What goes wrong
Smashing the stack
 Syn flooding
 Trojan horse
 Root kits

Single commands
 Full root kits

Active web content
 And many more programming defects

NSA

NSA
Deep distrust of application security
 Heavy emphasis on trusted OS security

Environmental creep






UNIX original use was in trusted environment
Todays use is in the most untrusted
environment (internet)
Many tools also develop for trusted
environment FTP, SMTP, DNS…
Used in most untrusted environment
Code used to be buggy, now is malicious
Script kiddies anyone can attack system
Discussion topics
Current stack smashing article
 Environment Creep and OS attacks
 Current state of windows root kit
 Where should security lie? OS,
applications, middleware?
 Certificate based security.

Articles

Root Kit articles:
http://www.viruslist.com/en/analysis?pubid=
168740859
 http://searchwindowssecurity.techtarget.com
/originalContent/0,289142,sid45_gci108646
9,00.html

List of resources

Access control



http://en.wikipedia.org/wiki/Access_control
http://www.owasp.org/documentation/topten/a2.htm
l
Groups roles



http://www.microsoft.com/windowsxp/evaluation/fea
tures/accesscntrl.mspx
http://www.tech-faq.com/role-based-access-controlrbac.shtml
http://technet2.microsoft.com/WindowsServer/en/Li
brary/72b55950-86cc-4c7f-8fbf3063276cd0b61033.mspx
List of resources

Sandboxing
http://www.kernelthread.com/publications/se
curity/sandboxing.html
 http://internetweek.cmp.com/trends/0825.ht
m

List of resources

Object Request Brokers
http://en.wikipedia.org/wiki/Object_request_
broker
 http://www.sei.cmu.edu/str/descriptions/corb
a_body.html


Rings

http://www.devx.com/Intel/Article/30125
List of Resources

NSA
http://www.nsa.gov/selinux/
 http://www.nsa.gov/selinux/info/faq.cfm
