Access Control and the Bell‐LaPadula Model CS 4235
Access Control and the Bell‐LaPadula Model
CS 4235
Historical BackgroundHistorical Background
• Physical Access ControlPhysical Access Control• No mixing of data (sensitive vs not)
d i d i l• Hardwired terminal access• No multiplexing of users and data• What happens when all the data is stored in the same place and users with different trust plevels are allowed to access?
• Multi‐level security problemMulti level security problem
Documents vs PeopleDocuments vs People
• Documents have classifications– Top Secret– SecretC fid ti l– Confidential
– Unclassified• Sensitive• Non sensitive
• People have ClearancesTop Secret– Top Secret
– Secret– Q
There are also code words that are not l fclassifications
• ULTRA identified information encrypted with Enigma machines• Categories – now material is handled
– Sensitive compartmented information (SCI) ‐ Intelligence• Operations and methods• Nuclear secrets• Nuclear secrets• Stealth
– Special Access Programs (SAP) ‐‐ Defense• Acknowledged• Unacknowledged• Waived
– Solves two logistical problems• Collateral clearances for everyone would be expensiveCollateral clearances for everyone would be expensive• Need to limit information to those with need to know
– SIGMA (Department of Energy)– SAP/SCI requires Secure Compartmented Information Facility (SCIF)
Caveats and Other CodesCaveats and Other Codes
• NOFORNO O• RESTRICTED• NO CONTRACTORNO CONTRACTOR• REL TO <Country Code>• ORCONORCON• FOUO• PROPINPROPIN• SECRET//<compartment name>//NOFORN//ORCON//25X1name //NOFORN//ORCON//25X1
People are cleared toPeople are cleared to
• Classification levelsClassification levels• CategoriesO h b l• Other Labels
Discretionary Access ControlDiscretionary Access Control
• E g Unix permissionsE.g., Unix permissions• Set access conditions on a file so that only a group of your choosing can read itgroup of your choosing can read it
• Anyone with access can propagate the i f i b i i iinformation by resetting permissions
Mandatory Access ControlMandatory Access Control
• Security authority sets permissionsSecurity authority sets permissions• Only security authority can propagate informationinformation
• Violations are very serious
OrderingsOrderings
• TS > S > C• How about
(S//NUC//NOFORN) vs TS?– (S//NUC//NOFORN) vs TS?– (TS//EUR/25x1) vs (TS//CRYPTO//PROPIN)?
Access Control ModelsAccess Control Models
(S O R) YES/NO
O1 O2 O3 O4
(S,O,R) YES/NO
O1 O2 O3 O4
S1
S2 operation
S3
S4
Read (observe)Write (observe, alter)
Execute (no observe no alter)Execute (no observe, no alter)Append (alter, no observe)
Accesses take system from state to state
σAll accesses(T,b, append)
σ2All accesses must be ll d ballowed by
MAC rules(S,a, read)
σ1σ3
1
If you start in a secure state do you end up in a secure state?
Granting Access Should Not Violate MAC
Object High Level
Subject
? READ
Flow of information
Object LowLevel
WRITE
Simple Security PropertySimple Security Property
• The current level of a subject dominates theThe current level of a subject dominates the level of every object that it observes
• Like paper systems• Like paper systems• “No read up”
*‐PropertyProperty
• If S can observe a and alter b then a ≤ bIf S can observe a and alter b, then a ≤ b• “No write down”
Partial OrdersPartial Orders• S = {a1,a2,…,an}1 2 n• P = (S, ≤) is a PO iff
– If a ≤ b and b ≤ a, then a = b (anti‐symmetric)If a ≤ b and b ≤ c then a ≤ c (transitive)– If a ≤ b and b ≤ c, then a ≤ c (transitive)
– a ≤ a (reflexive)• Examples
– Natural numbers under ≤– Subsets under
• How aboutHow about– Choices on a ballot under “is preferred to”?– People under “trusts”?
LatticesLattices
• A POSET SA POSET S• Every subset of S has a greatest lower bound
b f S h l b d• Every subset of S has a least upper bound
x1 x2
x3 x4 x5
SLUB
These are all upper bounds
xSSubset of S
Security LevelsSecurity Levels
• A security level is a pair (c s) whereA security level is a pair (c,s) where– c is a classification from a POSET of classifications (e g U S TS but the exact classfications don’t(e.g., U,S,TS but the exact classfications don t matter)
– s is a set of categories (e.g., NUC,CRYPTO,… buts is a set of categories (e.g., NUC,CRYPTO,… but the exact categories don’t matter)
• (c1,s1) ≥ (c2,s2) iff c1 ≥ c2 and s2s1(c1,s1) ≥ (c2,s2) iff c1 ≥ c2 and s2s1• Levels form a lattice
Assigning Security Levels to Subjects d band Objects
• level(S) level(O) = security level of S Olevel(S), level(O) = security level of S,O• current‐level(S) = levels at which S can operate
l l(S) l l(S)• current‐level(S) ≤ level(S)• level(S) = max(current‐level(S)) is called S’s clearance
Security PropertiesSecurity Properties
• SS‐property:SS property:For any (S,O,A) if A includes observation thenlevel(S) ≥ level(O)level(S) ≥ level(O)
• *‐property( )For any (S,O,A)
r A implies current‐level(S) ≥ level(O) A i li t l l(S)≤l l(O)
No read up
a A implies current‐level(S)≤level(O)w A implies current‐level(S) = level(O)
No write down
If a subject can observe O1 and modify O2 the level(O2)≥level(O1)
Lattice ModelInformation only flows up the latticeSystem enforces SS and * properties
A MAC ImplementationA MAC Implementation
• Unix file systemU e syste• Label all files and directory with levels• Assign level(u) to each user uAssign level(u) to each user u• u is initially assigned the lowest current‐level• Allow current‐level(u) to float as higher level filesAllow current level(u) to float as higher level files are observed
• If level(u) < current‐level(u) issue kill(u)( ) ( ) ( )• If level(f) < level(u) and u writes to f issue kill(u)• Is this secure?Is this secure?
Covert ChannelsCovert Channels• Low bandwidth• Outside the models
– Channel not designed for communication– Shared resource
ll f b d f h (*– Allows information to be transmitted from High to Low (*‐property violation)
• Semantics
Scotland Yard Detective Gregory : "Is there any other point to which you would wish to draw my attention?“
Holmes "To the c rio s incident of the dog in the night time “Holmes: "To the curious incident of the dog in the night-time.“
Gregory: "The dog did nothing in the night-time.“
Holmes: "That was the curious incident
ExampleExample
• High Process: If bit i of protected file is 1 thenHigh Process: If bit i of protected file is 1 then position disk head at time t = i outside the current volumecurrent volume
• Low Process: detect position of head at time t=it=i
Types of ChannelsTypes of Channels
• Storage channelStorage channel• Timing channelS i l id• Sequential process ids
• Shared file locks• File access times• Application channelsApplication channels• IRC Signalling
Other Access Control ModelsOther Access Control Models
• Biba Integrity ModelBiba Integrity Model• Lampson‐Graham‐Denning
i ll• Harrison‐Ruzzo‐Ullman• Take‐Grant
Trusted SystemsTrusted Systems
• Orange BookOrange Book• Trusted Network InterpretationC C i i• Common Criteria
• European and Candadian Criteria
Trust LevelsTrust Levels
• D – no requirementsD no requirements• C1/C2/B1 – commercial strength security featuresfeatures
• B2 – rigorous demonstration of security by h i l l i (“ f”)mathematical analysis (“proof”)
• B3/A1 – formal designs and mathematical proof
Commercial ProtectionCommercial Protection• C1
– Discretionary security protection– Cooperating users– All data at same senistivity level
T i t t– Tamper‐resistant• C2
– Controlled access protectionFiner grained than C1– Finer grained than C1
– Audit trails• B1
– Labeled security protection– Labeled security protection– Each subject and object assigned its own level– Bell‐Lapadula– DAC to provide further controlsDAC to provide further controls
Structured Protection and Security Domains
• B2 = B1 + Design Requirement– Verifiable Top Level Design– Testing to verify that implementation satisfies design– Design consisting of well‐defined independent modules
P i i l f L t P i il f d– Principle of Least Privilege enforced• B3 = B2 + Testing Requirements
– Small, tamperproof security functionsAudit functions required– Audit functions required
– High level design that is complete and conceptually simple– Convincing argument that system implements design– Exhibits good design practiceExhibits good design practice
• Layering• Abstraction• Information hiding
A1 = Formally Verified = B3 + the f llfollowing
• Formal model of the protection systems and a p ymathematical proof of its consistency and adequacy
• Formal top level specification of the protection• Formal top‐level specification of the protection system
• Demonstration that the specification conforms toDemonstration that the specification conforms to the model
• Implementation informally shown to be i i h h ifi iconsistent with the specifications
• Formal analysis of covert channels
Question about LatticesQuestion about Lattices
In the rationals [0,1), if xy = least z such thatIn the rationals [0,1), if xy least z such thatx ≤ z and y≤ z thenz = max(x,y) since either x ≤ y or y≤ xz max(x,y) since either x ≤ y or y≤ x
How aboutS where S is any set of rationals inHow about S where S is any set of rationals in [0,1)
What about S = [0,1) itself?[ , )z = S ≠ 1z<(1‐z/2)+ z < 1z (1 z/2) z 1
Not a Lattice under vNot a Lattice under v
What is b v c?
Modern Trust ModelsModern Trust Models
• Capability‐basedCapability based • MAC and DAC Implemented using same mechanismsmechanisms
• Heavy reliance on application trust features• Hardware enforced separation• Virtualization and Hypervisorsyp
Designing Protection MechanismsDesigning Protection Mechanisms• Least privilege
– Assign least access rights possible• Economy of mechanisms
– Small f bl– Verifiable
• Complete Mediation– Every access must be check for rights enforcementO d i• Open design– No “security through obscurity”
• Separation of privilegeA t bj t h ld d d th diti– Access to objects should depend on more than one condition
• Least common mechanisms– Sharing minimized (or physical isolation)
• Usability• Usability
Access MechanismsAccess Mechanisms
• Access HierarchiesAccess Hierarchies– Privileged subject S gets a superset of the rights of all T < S
– Privileged modes– Nested program units
• Authorization Lists– List of subjects having access rights to an object
• Capabilities– A ticket that authorizes holder to access an object.
Privileged Modes
• Also called supervisor statesh ll b– Supervisor programs have access to to all objects
– Process can run in privileged mode or user mode
0/1
Flag to indicate mode
0/1Stateword of a running process
– If flag =1, process can • Create and destroy objects• Initiate and terminate processes
A t i t d i f
Flag to indicate mode
• Access restricted regions of memory• Execute restricted instructions not available to user processes
– I/O operations– Changing process statewords
ExamplesExamples
• Unix super user (su)Unix super user (su)– Usually called root with root password and UID = 0
– All security restrictions bypassed for programs that root runs
– Most checks and warnings turned off– Any username can be su (look at the following /etc/passwd file/etc/passwd file
root:zPDeHbougaPpA:0:1:Operator:/:/bin/kshbeth:58FJ32JK.fj3j:0:101:BethSmith:/u/beth:/bin/kshMike:eH5/.mj7NB3dx:181:100:Mike Smith:/u/rachel:/bin/ksh
MULTICS Protection Rings
• Each process stateword specifies a number –Each process stateword specifies a number the ring number
• Each ring defines an access domain so that the• Each ring defines an access domain so that the rights of r+1 are a subset of all rights 0,..rS i h 2• Supervisor state has r = 2
0 1 r‐1
decreasing privilege
Attacks on SupervisorsAttacks on Supervisors
• Rings violate the principle of least privilegeRings violate the principle of least privilege• Trojan Horse in Ring 0 and everything is toast!
dd fl d i i ll• Address overflow during a supervisor call causes privilege flag to be turned on
• Trap doors• Rootkits
RootkitsRootkits
• Small “kit” of programs that allow an attackerSmall kit of programs that allow an attacker to maintain access to the root– Permanent– Consistent– Undetectable
• Only useful if you want to maintain access to a system– Remote command and control– Eavesdropping
Example of a rootkit command menuExample of a rootkit command menu
Win2K Rootkit by rootkit comWin2K Rootkit by rootkit.comVersion xyz-------------------------------Command Descriptionps show process listhelp this databuffertest debug outputhidedr hide root prefixed file or directoryhidedr hide _root_ prefixed file or directoryhideproc hide _root_ prefixed processesdebugint (BSOD) fire int3sniffkeys toggle keyboard snifferh < t i > h th < t i >echo<string> echo the <string>
Rootkits modify dataRootkits modify data• Patching binaries
– Remove protections– Give one player unlimited gold on a video game
• Easter eggs– Undocumented featureUndocumented feature– Programmer leaves something behind as a present
• Spyware– Track websites– Place links on desktops
• Source code modification– Malicious code insertion– Back doorsBack doors– Open source risk
• Rootkit + virus = real danger!– E.g., a hacker finds an exploitable bug in Windows that affects the default
i ll i f llinstallation of all computers
Offensive techniquesOffensive techniques
• Bypass Intrusion detectionBypass Intrusion detection– Active: disable IDSPassive: obfuscation in data storage– Passive: obfuscation in data storage
• Bypass forensic tools(– No identifiable patters left behind (e.g.,
steganography)Hid i i– Hide in noise
– Use only volatile storage
Trusted computer platform h ( )architecture (TCPA)
• Trusted Computer Group in January 1999• IBM first to market with TCPA embedded chipp
• Was used Microsoft’s Palladium secure operating systemoperating system
• Controller produced by Broadcom, Toshiba and othersand others
Architecture of Trusted Computer l f ( )Platform (TCPA)
Trusted PlatformModule (TPM)
Core TrustRoot (CRTM)
Module (TPM)
System ServicesAPI
CRTM Loads before any other boot component
First trusted componentp
Bootstraps measurement of next component in chain
R d l i TPM• integrity and measurement
Records value in TPM• trusted identities
• protected storage
Architecture of TCPAArchitecture of TCPA
Random Number Generator
Non‐volatile Memory Platform Configuration Registers
Core TrustRoot (CRTM)Trusted Platform
Module (TPM)
Processor Memory
System ServicesAPI
Module (TPM)
Hash
HMAC
Asymmetric Key
Generation
Signing and Encrypting
HMAC
Clock Power Detection
I/O
Remember the boot sequence?Remember the boot sequence?• test processor
I l bli h h i l d f• verify BIOS integrity• initialize chipset• test RAM• initialize video device
Intel publishes technical data for defeating boot block protection
• initialize video device• init. plug & play devices• ROM scan• load from boot device
the OS will cheerfully run code that meets trivial security criteria
• load from boot device• run bootstrap loader• find and load OS loader• run OS loader
favorite haunt of virus writers!
Windows Power on
• load and run OSwriters!
Windows Power‐on Self Test
of course, the OS might not be on your system if your hard drive was stolen and installed on another system
Secure Boot – A trusted serviceSecure Boot A trusted service
• TPM and CRTM cooperate for authenticatedTPM and CRTM cooperate for authenticated boot– Record values– Record values– System can end up in any state
S b t i ti h th• Secure boot raises an exception when the boot state diverges from the expected state
How about building virtual machines hon the protection rings?
• HypervisorsVi t l hi it (VMM)• Virtual machine monitors (VMM)
– Hosts an operating system– Each virtual machine is isolated from all the others
• NativeR di l h d– Runs directly on hardware
– Operating system runs on top– Examples
• VMWare ESX Server• IBM Power Hypervisoryp
• Hosted– Applications running in a conventional operating system– Guest operating system run a layer 3 or higher– Examplesp
• Parallels Worstation for Macs• VMWare Workstation• Microsoft Virtual PC
An Native Hypervisor for ItaniumAn Native Hypervisor for Itanium
TCPA
It i ®P (IA 64)Itanium® Processor (IA‐64) Architecture
• High performance on encryption protocols
• Fine‐grained memory protection
• Two additional levels of privilege protection
IA‐64 Privilege Level 0IA 64 Privilege Level 0
• Access toAccess to– Privileged system registersPrivileged instructions– Privileged instructions
• Page creation• Direct access to physical memoryDirect access to physical memory
• Invoking PL‐0 from PL‐1 to PL‐3Interrupts– Interrupts
– Explicit PL‐0 request “epc”
Secure platform architecture
• Root of trust in protected memory of trusted platform• Secure Platform Kernel (SPK) loaded by secure boot
• Operating systems are ported to the SPA
Structure of Secure PlatformStructure of Secure Platform
• Abstracts ABI, physical resources and interruptsPL 0 d f SPK i i l• PL‐0 reserved for SPK: minimal certified code (known to CRTM)
• PL‐1 hosts global services for I/O notification– I/O notification
– Multiple OS images– Protection domains– Non‐OS applicationsNon OS applications
• PL‐2 hosts OS images• Applications reside in PL‐3
SP Characteristics
• Secure paging• Operating systems and device• Operating systems and device drivers run as unprivileged tasks
• Privileged operations are authenticated and performed by aut e t cated a d pe o ed bysecure platform kernel
• Self‐healing data structures• “Baileys” separate SPK, SPGS and OSy p ,
“How does it work?”
• multiple containment rings inherently limit intrusion
• operating systems and device drivers run as unprivileged tasks
• privileged operations are authenticated and performed by secure platform kernelperformed by secure platform kernel
• code and data are protected from inadvertent and malicious execution or modification
• multiple OS images run securely on the same system
SP Virtual AddressingSP Virtual Addressing
• Region ID’s provide– Memory isolation– Protection keys– Fine‐grain permission controlFine grain permission control
• Upper half of Region 7 reserved for SPK/SPGS
• Operating Systems run virtual in lower half of Region 7lower half of Region 7
• Regions 0‐6 available for OS assignment
• SPK manages region ID assignments– manages region ID assignments
– Allocates pages for mapping virtual addresses
Privileged OperationsPrivileged Operations
• OS executes as unprivileged task at PL‐2
• Privileged functions invoked by epc call
• Lightweight paths are l d fimplemented for
simple operations
Unprivileged CallbacksUnprivileged Callbacks
• Similar to Unix signals• Interrupts handled by SPK
UPC h i bl• UPC mechanism enables asynchronous notification to a less privileged level
• Exceptions and faults that cannot be handled by SPK are passed to the SPGS
Secure pagingSecure paging
• Protection for data on paging device– Device theftDevice theft– Raw device access
• Requires pre‐allocated shadow page poolshadow page pool
• Penaly: 1 cycle per bit using 128 bit key
• Keys are hidden in SPK, accessed through handles
Denial of Service AttacksDenial of Service Attacks
• SPK signals PL‐2 which never returnsSPK signals PL 2 which never returns• Attacker repeats instruction path• Context stack grows until SPK faultContext stack grows until SPK fault• Asynchronous UPC thwarts attack
– SPK executes single threadSPK executes single thread– Eventually fails to allocate space for UPC list entry– PL‐2 process failsp– SPK never has to unwind context stack
ServicesServices• Data protection• Client integrity• Authorized network connection• Remote attestation• Web administration• Web administration• Connected laptop• Mobile services• Virus definition reportingVirus definition reporting• Remote management• Smart card function (eg two factor authorization)• Public hot deskingg• Trusted kiosk• First responder Services