程序代写CS代考 compiler Chapter 1: Introduction – cscodehelp代写

Chapter 1: Introduction

Fall 2020
Cp 633
Slide #4-*
Chapter 4: Security Policies
General Description
Covers sections 4.1,4.2, 4.3 and 4.4 from the textbook.

Overview
The nature of policies
What they cover
The nature of mechanisms
Underlying both
Trust

Cp 633
*

Fall 2020
Cp 633
Slide #4-*
Security Policy
What is a security policy?
Defines what it means for a system to be secure
Formally: Security policy partitions system into
Secure (authorized) states
Non-secure (unauthorized) states
A security breach occurs when system enters unauthorized state
Secure system:
Starts in authorized state
Can’t enter unauthorized state

Cp 633

Fall 2020
Cp 633
Slide #4-*
Secure System – Example
Is this Finite State Machine Secure?
A and B are authorized states
B is start state
C is start state
A, B, and C are authorized states
A PC is just a big Finite State Machine:
Is Microsoft Windows Secure?

A
B
C
D

Cp 633

Fall 2020
Cp 633
Slide #4-*
Additional Definitions:
Breach of security
Transition causing system to enter unauthorized state
Let X be a set of entities, and let I be information object.
I has confidentiality with respect to X if no member of X can obtain information on I
I has integrity with respect to X if all members of X trust I
I has availability with respect to X if all members of X can access I
Security Policy defines all of the above
Now just need to define words obtain, trust, access

Cp 633

Fall 2020
Cp 633
Slide #4-*
Military/Government security Policy
Primarily deals with confidentiality
It identifies states where information leaks to those not authorized to obtain it.
What does “obtain” information mean?
Formally: information flow and involves
Transfer of rights or
Transfer of information without transfer of rights
Model often depends on trust
It defines parts of system where information could flow
Trusted entity must participate to enable flow

Cp 633

Fall 2020
Cp 633
Slide #4-*
Commercial security Policy
Primarily deals with integrity.
Confidentiality is not the most important factor: E.g. the If someone discloses your bank account balance this is embarrassing but if someone changes your balance this is…
Defines how information can be altered in authorized way
Specifies entities authorized to alter data
Conditions under which data can be altered
Limits to change of data

Cp 633

Fall 2020
Cp 633
Slide #4-*
Integrity and Transactions
Examples:
Purchase over $1000 requires signature
Check over $10,000 must be signed by two officers
Separation of duties principle
Some integrity policies require notion of transaction:
E.g. Moving funds among accounts
Transactions begin in consistent state
“Consistent” defined by specification
Transaction involves a series of actions:
Actions cannot be interrupted (atomic)
If actions complete, system is in consistent state
If actions do not complete, system has to revert to beginning (consistent) state

Cp 633

Fall 2020
Cp 633
Slide #4-*
Availability Policy
Defines what it means for information to be accessible
Time limits (quality of service)
E.g server must provide authentication data within 1min.
Server with medical info. must respond with allergy data to an anesthetics within 2 minutes.
Access methods
On-line access vs. telephone vs. mail
Integrity and availability may interrelate
Fast old copy vs. slow current version

Cp 633

Fall 2020
Cp 633
Slide #4-*
Policy describes what is allowed
Mechanism enforces (part of) policy

The two need not be the same!
Example Policy: Students should not copy homework
Mechanism: Disallow access to files owned by other users
Does mechanism enforce policy?
Is mechanism too strict?

Cp 633

Fall 2020
Cp 633
Slide #4-*
Policy Models
Abstract description of a policy or class of policies
Focus on points of interest in policies:

Security levels in multilevel security models in Bell-LaPadula
Integrity levels in multilevel integrity model in Biba model.
Integrity levels must depend on trust.

Separation of duty in Clark-Wilson model
Conflict of interest in Chinese Wall model

Cp 633

Fall 2020
Cp 633
Slide #4-*
Types of Security Policies
Military (governmental) security policy
Policy primarily protecting confidentiality
Commercial security policy
Policy primarily protecting integrity
Confidentiality policy
Policy protecting only confidentiality
Integrity policy
Policy protecting only integrity

Cp 633

Fall 2020
Cp 633
Slide #4-*
Trust
Trusted Entity – whom and what we trust is essential assumption.
Entity that can violate security
What are typical Trusted Entities?
People with access to information (administrators).
System developers, do we trust compilers and libraries?
Hardware
?

Where does it end?

Cp 633

Fall 2020
Cp 633
Slide #4-*
Trust -example
Administrator receives the software patch and she assumes/trusts that:
Patch came from trusted vendor, not tampered with in transit
Trusts vendor tested patch thoroughly (did vendor test the patch against all known attacks?)
Trusts vendor’s test environment corresponds to local environment ( e.g patch resets ownership of executables to root, but in some installations ownership is set to user bin).
Trusts patch is installed correctly
(some installation procedures are complex requiring reconfiguration of the network, adding user, changing access rights to some users and system rebooting).

Cp 633

Fall 2020
Cp 633
Slide #4-*
Common Security Mechanisms:
Access Control
Discretionary Access Control (DAC)
Owner determines access rights
Typically this is the same as identity-based access control (IBAC): Owner specifies identity of other users who have access to his object.
Mandatory Access Control (MAC)
System specifies rules for granting of access – e.g operating system or court
Also called rule-based access control
Originator Controlled Access Control (ORCON)
Originator controls access
Originator need not be owner! (used in subcontracting since subcontractor may have the files but must not grant access to them).
Role Based Access Control (RBAC)
Identity governed by role user assumes (journal editor, reviewer, author)

Cp 633

Fall 2020
Cp 633
Slide #4-*
Question
Policy disallows cheating
Includes copying homework, with or without permission
CS class has students do homework on computer
Anne forgets to read-protect her homework file
Bill copies it
Who cheated?
Answer: didn’t protect her homework
Not required by security policy
She didn’t breach security
If policy said students had to read-protect homework files, then Anne did breach security.

Cp 633

Fall 2020
Cp 633
Slide #4-*
Key Points
Policies describe what is allowed
Mechanisms control how policies are enforced
Trust underlies everything

Cp 633
*