Chapter 8 Principles of Security Models Design and
- Slides: 28
Chapter 8: Principles of Security Models, Design, and Capabilities
Implement and Manage Engineering Processes Using Secure Design Principles • Objects and subjects • Closed and open systems • Techniques for ensuring confidentiality, integrity, and availability • Controls • Trust and assurance
Objects and Subjects • Subject (often a user) • Object (a resource) • Managing relationship between subject and object is access control • Transitive trust
Closed and Open Systems • Closed system – Proprietary standards – Hard to integrate – Possibly more secure • Open system – Open or industry standards – Easier to integrate • Open source vs. closed source
Techniques for Ensuring Confidentiality, Integrity, and Availability • Confinement – Sandboxing • Bounds • Isolation
Controls • Discretionary access control • Mandatory access control • Rule-based access control
Trust and Assurance • Integrated before and during design • Security must be: – Engineered, implemented, tested, audited, evaluated, certified, and accredited • Trusted system – Security mechanisms work together to provide a secure computing environment • Assurance – Degree of confidence in satisfaction of security needs
Understand the Fundamental Concepts of Security Models • • • • Trusted Computing Base State Machine Model Information Flow Model Noninterference Model Take-Grant Model Access Control Matrix Bell-La. Padula Model Biba Model Clark-Wilson Model Brewer and Nash Model (aka Chinese Wall) Goguen-Meseguer Model Sutherland Model Graham-Denning Model
Trusted Computing Base • Defined in Do. D 5200. 28 Orange Book • Security perimeter • Trusted paths • Reference monitor • Security kernel
State Machine Model • Always secure no matter what state it is in • Finite state machine (FSM) • State transition • Secure state machine • The basis for most other security models
Information Flow Model • Based on the state machine model • Prevent unauthorized, insecure, or restricted information flow • Controls flow between security levels • Can be used to manage state transitions
Noninterference Model • Based on information flow model • Separates actions of subjects at different security levels • Composition theories – Cascading – Feedback – Hookup
Take-Grant Model • Dictates how rights can be passed between subjects • Take rule • Grant rule • Create rule • Remove rule
Access Control Matrix • A table of subjects, objects, and access • Columns are ACLs • Rows are capability lists • Can be used in DAC, MAC, or RBAC
Bell-La. Padula Model • Based on Do. D multilevel security policy • Focuses only on confidentiality • Lattice-based access control • Simple security property • * (star) security property • Discretionary security property
Biba Model • Based on the inverse of Bell. La. Padula • Focuses only on integrity • Simple integrity property • * (star) integrity property
Clark-Wilson Model • Focuses on integrity • Access control triplet • Controls access through an intermediary program or restricted interface • Well-formed transactions • Separation of duties
Brewer and Nash Model (aka Chinese Wall) • Prevents conflicts of interest • Based on dynamic access changes based on user activity • Access to conflicting data is temporarily blocked
Goguen-Meseguer Model • Focuses on integrity • The basis of the noninterference model • Based on a predetermined set/domain of objects a subject can access • Based on automation theory and domain separation
Sutherland Model • Focuses on integrity • Prevent interference in support of integrity • Defines a set of system states, initial states, and state transitions • Commonly used to prevent covert channels from influencing processes
Graham-Denning Model • • Securely manage objects and subjects Securely create object/subject Securely delete object/subject Securely provide read access right Securely provide grant access right Securely provide delete access right Securely provide transfer access right
Select Controls and Countermeasures Based on Systems Security Evaluation Models • Rainbow Series • ITSEC Classes and Required Assurance and Functionality • Common Criteria • Industry and International Security Implementation Guidelines • Certification and Accreditation
Rainbow Series • TCSEC – Orange Book – Confidentiality – D, C 1, C 2, B 1, B 2, B 3, A 1 • Red Book – Trusted Network Interpretation of TCSEC – Confidentiality and integrity – None, C 1, C 2, B 2 • Green Book – Password management guidelines
ITSEC Classes and Required Assurance and Functionality • Rates functionality (F) and assurance (E) • F-D through F-B 3 • E 0 through E 6 • Confidentiality, integrity, and availability
Common Criteria • • • Designed to replace prior systems ISO 15408 Protection profiles Security targets Evaluation Assurance Level (EAL)
Industry and International Security Implementation Guidelines • Payment Card Industry – Data Security Standards (PCI-DSS) • International Organization for Standardization (ISO)
Certification and Accreditation • Certification – Comprehensive evaluation of security against security requirements • Accreditation – Formal designation by DAA that system meets organizational security needs • Risk Management Framework (RMF) • Committee on National Security Systems Policy (CNSSP) – Definition, verification, validation, postaccreditation
Understand Security Capabilities of Information Systems • Memory protection • Virtualization • Trusted Platform Module – Hardware security module (HSM) • Interfaces • Fault tolerance
- Security architecture model
- Security security security
- What is the difference between semi modals and modals?
- Security design principles examples
- Firewall design principles in network security
- Sdlc principles and practices
- Security program and policies principles and practices
- Security program and policies principles and practices
- Security program and policies principles and practices
- Security program and policies principles and practices
- Security management model
- What are multilevel security models?
- Database security models
- Infosec management models
- Elements and principles of design ppt
- Wireless security in cryptography and network security
- Integrity in e commerce
- The engineering design of systems: models and methods
- Computer security principles and practice 4th edition
- Computer security principles and practice solutions
- Computer security principles and practice 4th edition
- Computer security principles and practice
- Chapter 14 milady
- Chapter 14 principles of hair design review questions
- Osi security model
- Security guide to network security fundamentals
- Visa international security model in information security
- Electronic mail security in network security
- Cnss security model คือ