CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Access Control • Describe the permissions available to computing
Security Engineering: A Guide to Building Dependable Distributed Systems 51 CHAPTER 4 Access Control Going all the way back to early time-sharing
A CLP Catalogue record for this book is available from the Library of Congress Access Control Systems: Security, Identity Management and Trust Models
Security model: it provides a formal representation of the access control security pol- icy and its working The formalization allows the proof of properties on
To this purpose, every management system usually includes an access control service that establishes the kinds of regulations (policies) that can be stated,
Security in Network: Threats in Network, Network Security Controls, Firewalls, Intrusion Detection Systems,Secure E-Mail Module IV (10 LECTURES)
Given an object, which subjects can access it and how? User process ? Resource Subject Reference monitor Object Policy
ITL's responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security
– Used by most mainstream operating systems • Capability List – The row of access control matrix Page 3 Lecture Notes
Resource User process Decide whether user can apply operation to resource Reference monitor Access control matrix [Lampson]
Lecture Notes (Syracuse University) Access Control: 3 – A capability can be thought of as a pair (x, r) where x is the name of an object and r is a set of privileges or rights
and vehicle access control technologies, capabilities, and limitations This handbook provides introductory-level information on the technologies and components for physical access control, as well as an overview of operating principles and applications This handbook does not cover logical access control
• Access Control is expressed in terms of – Protection Systems • Protection Systems consist of – Protection State representation (e g , access matrix) – Enforcement Mechanisms (e g , reference monitor) • Protection States – Challenge to choose subjects (RBAC) – Must to ensure security goals in spite of state transitions
Access Control The monitoring or control of traffic through portals of a protected area by identifying the requestor and approving entrance or exit Access Control Portals Access control portals are doors, gates, turnstiles, and so forth Controls can be operational, technical, physical, or a combination thereof and can vary depending
Goal: distributed access control (no central arbitrator) Over a shared broadcast channel Aloha protocol in a nutshell: When you have data send it If data doesn’t get through (receiver sends acknowledgement) then retransmit after a random delay Why not a fixed delay? 9