Saturday, May 3, 2008

Security Models

The main security models are: lattice, state machine, research, Bell-Lapadula (BLP), Biba, Clark-Wilson, access control matrix, information flow models, Graham-Denning, Harrison-Ruzzo-Ullman and Brewer-Nash (chinese wall).

* Latice
- one way information flow
- confidentiality and integrity
- security labels to all objects
- this model is used by (Bell-lapadula, biba, chinese wall)

* State machine
- The policy define the points the secure state can change.
- Check if current state is secure state.
- check the state of the automated information system (AIS)
- Go the one secure state to other secure state.

* Non interference models
- is a research model
- the inputs (high-level actions) don't determine what outputs (low-level actions) can see.
- Restricted flows between inputs and outputs.
- Activities are separated in security levels to reduce leaks.
- Higher security level can not interfere in lowerlevel
- Lower level cannot get any information from higher level.

* Information flow models
- research model
- labeled with security classes
- it could flow upward or at the same level if allowed.
- similar than BLP

* Bell-LaPadula model (BLP)
- Confidentiality model
- Described in the orange book and TCSEC
- Is a state machine
- Mandatory access control
- The MAC is based on labeling both objects and (with classifications) and subjects (with their clearances)
- The system (Reference Monitor) only allows access if the clearance is equal to or higher than the classification.
- Uses latice and matrix.
- simple security -> read down -> subject of lower clearance cannot read an object of higher classification.
- *(star) property -> write/append up -> hight level subject cannot send missages to lower-level object.

* Biba
- Integrity model
- complement to BLP
- simple integrity -> subject read access to object only if subject level <= object level
(absurd but true)
- the integrity * property ->subject have write access to object only if subject level => object level
- no information from a subject can be passed on to an object in higher security level.

* Clark-Wilson
- Integrity by controlling changes
- Suitable for transaction systems
- CORBA is based on Clark-Wilson, it creates relations between objects.
- no changes by unauthorized subjects, no unauthorized changes by unauthorized subjects.
- subject-program-object binding.
- subject authentication and identification
- only a set of programs can access objects
- users can run only a set of programs
- External consistency -> The system is doing what is expected to do.
- Internal consistency -> The data being consistent and similar to real world.
- CDI -> Constrained data item -> integrity protected.
- UCDI -> Unconstrained data item -> data not controlled by Clark-Wilson.
- IVP -> Integrity verification procedure -> Procedure scanning, data and confirming its integrity.
- Transformation procedures -> Procedures allowed only to change a cconstrained data item.

* Access control matrix
- Users, groups and roles down the left hand side.
- All the resources a functions across the top.
- Subjects are listed in rows.
- Objects are listed in columns.

* Graham-Denning
- set of objects, set of subjects, set of rights.
- subjects have process and a domain
- Eight primitive protection:
1. Create object
2. Create subject
3. Delete object
4. Delete subject
5. Read access right
6. Grant access right
7. Delete access right
8. Transfer access right

* Brewer-Nash (chinese wall)
- Prevent conflict of interest.
- Access control rules change user behavior.

1 comment:

Nitesh Kumar said...

I really appreciate information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in CISSP, kindly contact us
MaxMunus Offer World Class Virtual Instructor led training on CISSP. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 100000+ trainings in India, USA, UK, Australlia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain and UAE etc.
For Demo Contact us.
Nitesh Kumar
Skype id: nitesh_maxmunus
Ph:(+91) 8553912023