System Security: Access control

Question 1

What is the difference between authentication and authorization?

Answer 1

Authentication means verifying credentials

Authorization means granting permission to resources

Question 2

What are the different access control policies?

Answer 2

• Discretionary access control (DAC)
• Mandatory access control (MAC)
• Role-based access control (RBAC)
• Attribute-based access control (ABAC)

Question 3

What is Discretionary access control (DAC)?

Answer 3

Controls access based on the identity of the requestor and on access rules stating what requestors are allowed to do.

Question 4

What is Mandatory access control (MAC)?

Answer 4

Controls access based on comparing security labels with security clearances.

Question 5

What is Role-based access control (RBAC)?

Answer 5

Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.

Question 6

What is Attribute-based access control (ABAC)?

Answer 6

Controls access based on attributes of the user, the resource to be accessed, and current environmental conditions.

Attributes contain information that can indicate the class of information, a name, and a value:

• Subjects’ attributes can be a name, job title, etc.
• Objects’ attributes can be title, subject, date, author, etc.
• Environments’ attributes can be current date/time, network security level, etc.

Policies are a set of rules that govern allowable behavior.

Question 7

What is the general approach to implementing Discretionary Access Control?

Answer 7

Access matrix.
One side of matrix with subjects and one with objects.
The intersection of a subject and object in the matrix contains access rights the subject has on the object (read, write, etc.). The access matrix can be decomposed into Access Control Lists (ACL) or capability tickets.

Question 8

UNIX file access control TO DO

Answer 8

TO DO

he didnt explain this in the lecture, but explicitly said that it could be on the exam

Question 9

How is Role-based access control often implemented?

Answer 9

Access matrix.
Exactly the same as Discretionary Access Control, but with roles instead of subjects. Users are grouped into roles. A user can have one or more roles.

Roles can be organized in a hierarchy. Subordinate jobs may have a subset of the access rights of a superior job function.

Constrains can be added to force relationships between roles. For example: a user can not have role 1 and role 2 at the same time.

Question 10

What is the Bell-LaPadula model?

Answer 10

A computer security model.
Subjects and objects are assigned security classes. The security classes form a strict hierarchy and are referred to as security levels.
Example: top secret > confidential > unclassified

A subject has a security clearance.
An object has a security classification.

Question 11

What are the four access modes in the Bell-LaPadula model?

Answer 11

Read
Append
Write
Execute

Question 12

What properties must a Multilevel Security (MLS) system enforce?

Answer 12

1. No read-up / ss-property. Subjects must be unable to read objects with higher security levels.
2. No write down / *-property. Should not be able to write into objects of lower security clearance. This is to prevent classified information from being accessible by anyone. The user should log out and in with another access right before doing such things.
3. ds-property. An individual may grant another individual access to a document as long as the above 2 rules are satisfied.

Question 13

What is the Biba Integrity Model?

Answer 13

Similar to Bel-LaPadula, but integrity and not confidentiality.
Access modes: modify, observe, execute, invoke.

Question 14

What is the Chinese Wall Model?

Answer 14

Once a subject accesses information from a dataset, access to other Conflict of Interest (CI) classes are blocked.

A subject s can access an object o only if at least one of the following is true:

• o is in the same dataset as an object already accessed by s
• o belongs to a Conflict of Interest which s has not yet accessed any information.

Question 15

TO DO, not covered in lectures:

• Application of MLS
• Trusted computing and the trusted platform module
• Common criteria for security evaluation
• Assurance and evalutation

Answer 15

to do