11 terms

Chapter 4


Terms in this set (...)

Briefly define the difference between DAC and MAC.
Discretionary access control: Controls access based on the identity of the requestor and on access rules stating what requestors are or are not allowed to do. Mandatory access control: Controls access based on comparing security labels with security clearances.
How does RBAC relate to DAC and MAC?
Role-based access control: Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.
List and define the three classes of subject in an access control system.
*Owner: This may be the creator of a resource, such as a file.
*Group: In addition to the privileges assigned to an owner, a named group of users may also be the granted access rights.
* World: The latest amount of access is granted to users who are able to access the system but are not included in the categories owner and group of this resource.
In the context of access control, what is the difference between a subject and an object?
A subject is an entity capable of accessing objects (eg. user, application, process).
An object is resource to which access is controlled. An object is an entity used to contain information (eg. records, files, directories, processors, communication ports)
What is an access right?
An access right describes the way in which a subject may access an object. Eg. read, write, execute, delete.
What is the difference between an access control list and a capability ticket?
In practice, an access matrix is usually sparse and is implemented by decomposition in one of two ways.
The matrix may be decomposed by columns, yielding access control lists.
For each object, an ACL lists users and their permitted access rights.
Decomposition by row yields capability tickets. A capability ticket specifies authorized objects and operations for a particular user.
What is a protection domain?
A protection domain is a set of objects together with access rights to those objects. In terms of the access matrix, a row defines a protection domain. Although, in the protection domain model a user can spawn processes with a subset of access rights of the user. This is useful for servers to spawn processes for different classes of users and for not fully trusted processes to reduce their access rights to a safe subset.
Briefly define the four RBAC models of Figure 4.9a.
*RBAC0: contains the minimum functionality for an RBAC system.
*RBAC1: includes the RBAC0 functionality and adds role hierarchies, which enable one role to inherit permissions from another role.
*RBAC2: includes RBAC0 and adds constraints, which restrict the ways in which the components of a RBAC system may be configured.
*RBAC3: contains the functionality of all the other three models.
List and define the four types of entities in a base model RBAC system.
*User: An individual that has access to this computer system. Each individual has an associated user ID.
*Role: A named job function within the organization that controls this computer system.
*Permission: An approval of a particular mode of access to one or more objects.
*Session: A mapping between a user and an activated subset of the set of roles to which the user is assigned.
Describe three types of role hierarchy constraints.
*mutually exclusive roles: These are roles such that a user can be assigned to only one role in the set.
*cardinality: This refers to a maximum number with respect to roles. One such constraint is to set a maximum number of users that can be assigned to a given role.
*prerequisite roles: May dictate that a user can only be assigned to a particular role if it is already assigned to some other specified role.
In the NIST RBAC model, what is the difference between SSD and DSD?
Static Separation of Duty Relations: SSD enables the definition of a set of mutually exclusive roles. SSD can place a cardinality constraint on a set of roles.
Dynamic Separation of Duty Relations: DSD limit the availability of the permissions by placing constraints on the roles that can be activated within or across a user's session.