Muhammad Rizwan Asghar September 4, 2020 ACCESS CONTROL Lecture 18b COMPSCI 316 Cyber Security
Slide title
In CAPITALS
50 pt
Slide subtitle
32 pt
Muhammad Rizwan Asghar
September 4, 2020
ACCESS CONTROL
Lecture 18b
COMPSCI 316
Cyber Security
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
2
FOCUS OF THIS LECTURE
Identify access control requirements
Know access control elements
Understand access control systems
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
3
AUTHORISATION
A process of granting rights or permissions to a
system entity to provide access to a given
resource
Also known as Access Control
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
4
ACCESS CONTROL REQUIREMENTS
Reliable inputs
– Authenticated entities
E.g., using UPI and password
– Genuine information
E.g., a student or staff member
Least privilege
– Principle of least privileges deals with granting the minimum
set of access rights to do a job
– For instance, accessing a single course vs all courses
Administrative duties– Only a special entity should be able to manage access
rights
– For instance, granting, revoking, or updating access rights
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
5
ACCESS CONTROL ELEMENTS
Subject– An entity that can access objects
– It could be a user or process representing a
user/application
Object– An entity that needs to be protected
– E.g., files, directories, or other resources
Access right– An access right r ∈ R describes how a subject s ∈ S can
access an object o ∈ O
– E.g., read, write, execute, create, delete, and search
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
6
ACCESS CONTROL SYSTEM
Access control function f(s, o, r)– It looks up access right r for the combination (s, o)
– On a successful match, it grants access, otherwise not
Security administrator– An entity that manages access rights
Auditor– An entity that inspects the whole authorisation system
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
7
A TYPICAL ACCESS CONTROL SYSTEM
Auditor
User
Access
control
functionResources
Security
Administrator
Access Rights
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
8
ACCESS CONTROL MODELS
Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
Usage Control (UCON)
Policy-Based Access Control (PBAC)
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
9
DISCRETIONARY ACCESS CONTROL
Users can protect what they own
The owner may grant access to subjects
Access is granted based on identity of the
requester
These mechanisms are adequate for honest
users
Vulnerable to Trojan horses
DAC is used in operating systems
– E.g., Linux file permissions: rwxr-x--x
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
10
ACCESS CONTROL MATRIX
Own
Read
Write
Own
Read
Write
Read
Own
Read
Write
Write Read
Read
WriteRead
Own
Read
Write
Alice
Bob
Charlie
File 1 File 2 File 3 File 4
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
11
ACCESS CONTROL LIST
Own
Read
Write
Own
Read
Write
Read
Own
Read
Write
Write Read
Read
WriteRead
Own
Read
Write
File 1 File 2 File 3 File 4
Alice
Bob
Charlie
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
12
CAPABITILITY LIST
Own
Read
Write
Own
Read
Write
Read
Own
Read
Write
Write Read
Read
WriteRead
Own
Read
Write
File 1 File 2 File 3 File 4
Alice
Bob
Charlie
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
13
ROLE-BASED ACCESS CONTROL
RBAC maps roles to access rights
Supports complex access control
Reduces errors in administration
Ease of administration– Move users in and out of roles
– Move permissions in and out of roles
– Very flexible
Least privilege– Restricts access according to needs
– Separation of duties through constraints
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
14
RBAC MODEL
User– Typically a human being
Permissions– Approval of a mode of access to some object
Roles– Job title
Assignments– User-role and role-perm
Session– Mapping of users to roles
Constraints– Sessions, assignments, and roles
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
15
CORE RBAC
Permissions represent what operations can be performed on
objects
Roles are assigned permissions: Permission Assignment (PA)
Users are assigned roles: User Assignment (UA)
Session is a mapping between a user and an activated subset of
assigned roles
Users Roles Operations Objects
Permissions
User Assignment
(UA)
Permission Assignment (PA)
Sessions
Revised image, originally from: Secure Systems Research Group at the Florida Atlantic University
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
16
RBAC EXAMPLE
ClerkIssue
ManagerApprove
Purchase
Order (PO)
Bob
Alice
Bob, Clerk
Alice, Manager
Session
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
17
SAMPLE QUESTION
Which one of the following statements is TRUE?
a) Access Control Lists (ACLs) cannot be derived
from an access control matrix
b) Capability list cannot be derived from an
access control matrix
c) Both ACLs and capability lists can be derived
from an access control matrix
d) None of the above
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
18
SAMPLE QUESTION: ANSWER
Which one of the following statements is TRUE?
a) Access Control Lists (ACLs) cannot be derived
from an access control matrix
b) Capability list cannot be derived from an
access control matrix
c) Both ACLs and capability lists can be derived
from an access control matrix
d) None of the above
Answer) c
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
19
SUMMARY
Access control models should follow the
principle of least privileges
DAC is vulnerable to Trojan horses
RBAC model is widely used
– E.g., Canvas
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
20
RESOURCES
Read Chapter 4 of
Computer Security: Principles and Practice
Fourth Edition
William Stallings and Lawrie Brown
Pearson Higher Ed USA
ISBN 1292220635
Sandhu, Ravi S., Edward J. Coyne, Hal L. Feinstein,
and Charles E. Youman, Role-Based Access Control
Models, Computer 2 (1996): 38-47 [Download link]
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
21
Questions?
Thanks for your attention!