Chinese wall model in the internet Environment 1

  • Slides: 18
Download presentation
Chinese wall model in the internet Environment 1

Chinese wall model in the internet Environment 1

Agenda Introduction ¡ Chinese wall Model Policy ¡ Simple security rule ¡ Chinese wall

Agenda Introduction ¡ Chinese wall Model Policy ¡ Simple security rule ¡ Chinese wall in www. ¡ l l Authentication. Authorization. 2

introduction ¡ The goals most often specified in a security policy are : l

introduction ¡ The goals most often specified in a security policy are : l l l confidentiality - prevention of unauthorized access and theft of information. integrity - prevention of unauthorized modification of information. availability - prevention of denial of service. 3

introduction ¡ ¡ Chinese Wall security describe how to reach these goals. It’s a

introduction ¡ ¡ Chinese Wall security describe how to reach these goals. It’s a commercial security policy. The Chinese Wall security policy focuses more on confidentiality. The Chinese Wall security policy is perhaps as significant to some parts of the commercial world as Bell and La. Padula’s policies are to the military. 4

introduction It can be distinguished from Bell-La. Padula policies by the way that a

introduction It can be distinguished from Bell-La. Padula policies by the way that a user’s permitted accesses are constrained by the history of his previous accesses. • The Chinese Wall security policy was identified by Brewer and Nash. It is a real commercial policy which can be formally modelled. Its basic idea is to keep company information confidential and prevent it from unauthorized access of consulting services. l 5

Chinese wall Model Policy ¡ All corporate information is stored in hierarchically arranged filling

Chinese wall Model Policy ¡ All corporate information is stored in hierarchically arranged filling system. It consist of three levels : l At the lowest level , individual items of information (objects) is considered, each concerning a single corporation. l At the intermediate level , all objects which concern the same corporation are grouped into a company dataset. l At the highest level , all company datasets whose corporations are in competition are grouped together. Each group is referred as a conflict of interest class. 6

7

7

Chinese wall Model Policy ¡ Associated with each object is the name of the

Chinese wall Model Policy ¡ Associated with each object is the name of the company dataset to which it belongs and the name of the conflict of interest class to which that company dataset belongs. 8

Chinese wall Model Policy ¡ If the system maintained information on Bank-A , Oil

Chinese wall Model Policy ¡ If the system maintained information on Bank-A , Oil Company-A and Oil Company-B : l All objects would belong to one of three company dataset ( “bank-A” “oil company-A” or “oil company-B” ) , l There would be two conflict of interest classes , one for banks ( containing Bank-A’s dataset ) and one for petroleum companies ( containing Oil company-A’s and Oil company-B’s dataset. 9

10

10

Chinese wall Model Policy ¡ The basis of the Chinese Wall policy is that

Chinese wall Model Policy ¡ The basis of the Chinese Wall policy is that people are only allowed access to information which is not held to conflict with any other information that they already possess. 11

Chinese wall Model Policy ¡ Thus , in consideration of the Bank-A , Oil

Chinese wall Model Policy ¡ Thus , in consideration of the Bank-A , Oil Company-A and Oil Company-B datasets , a new user may freely choose to access whatever datasets he likes ; as far as the computer is concerned a new user does not possess any information and therefore no conflict can exist. 12

Chinese wall Model Policy ¡ ¡ ¡ Suppose the user accesses the Oil Company-A

Chinese wall Model Policy ¡ ¡ ¡ Suppose the user accesses the Oil Company-A dataset first. The user now possess information concerning the oil company-A dataset. Later , he requests access to the Bank-A dataset This is quite permissible since the Bank-A and Oil company-A datasets belong to different conflict of interest classes and therefore no conflict exists. 13

14

14

Chinese wall Model Policy l However, if he requests access to the oil company-B

Chinese wall Model Policy l However, if he requests access to the oil company-B dataset the request must be denied since a conflict does exist between the requested dataset ( Oil Company-B) and one already possessed (Oil Company-A). 15

16

16

Chinese wall Model Policy ¡ ¡ ¡ It does not matter whether the oil

Chinese wall Model Policy ¡ ¡ ¡ It does not matter whether the oil company-A dataset was accessed before or after the Bank-A dataset. However, were Oil Company-B to be accessed before the request to access the Oil Company-A dataset , the restrictions would be quite different. In this case access to the Oil Company-A dataset would be denied and the user would possess { “Oil Company-B“ , “Bank-A” } ( as opposed to the request to access the oil Company-B dataset being denied and the user possessing { “Oil Company-A” , “Bank-A” } ). 17

Chinese Wall Model In www ¡ To realize the Chinese Wall security policy we

Chinese Wall Model In www ¡ To realize the Chinese Wall security policy we need user labels that contain information about the user’s identity and objects already accessed by him. We require mechanisms that reliably provide authentication and authorization by user profiles that support an interface to software run in the world wide web. 18

Chinese Papercut Chinese Papercut Chinese Papercut Chinese PapercutChinese Papercut Chinese Papercut Chinese Papercut Chinese Papercut
ENVIRONMENT ENVIRONMENT Define environment ENVIRONMENT Environment the socialENVIRONMENT ENVIRONMENT Define environment ENVIRONMENT Environment the social
WALL STREET AYAKLANMALARI OCCUPY WALL STREET OCCUPY WALLWALL STREET AYAKLANMALARI OCCUPY WALL STREET OCCUPY WALL
Folk Customs Traditional Chinese Festivals Chinese Names ChineseFolk Customs Traditional Chinese Festivals Chinese Names Chinese
Chinese Traditional Wedding Chinese Traditional Wedding Summary ChineseChinese Traditional Wedding Chinese Traditional Wedding Summary Chinese
CHINESE MASSAGE 1 Chinese Massage Chinese massage isCHINESE MASSAGE 1 Chinese Massage Chinese massage is
China DAVID Chinese Cuisine Chinese Cuisine Chinese FoodChina DAVID Chinese Cuisine Chinese Cuisine Chinese Food
Chinese Inventions Chinese Inventions The ancient Chinese inventedChinese Inventions Chinese Inventions The ancient Chinese invented
Traditional Chinese Festival Traditional Chinese Festival Chinese traditionalTraditional Chinese Festival Traditional Chinese Festival Chinese traditional
Basic Chinese History of Chinese language Old ChineseBasic Chinese History of Chinese language Old Chinese
LOGO Chinese Character and Calligraphy Chinese Character ChineseLOGO Chinese Character and Calligraphy Chinese Character Chinese
Chinese Zodiac 101 The Chinese Zodiac The ChineseChinese Zodiac 101 The Chinese Zodiac The Chinese
Chinese New Year Chinese New Year n ChineseChinese New Year Chinese New Year n Chinese
BUSINESS ENVIRONMENT BUSINESS ENVIRONMENT What is Environment EnvironmentBUSINESS ENVIRONMENT BUSINESS ENVIRONMENT What is Environment Environment
Analyzing Marketing Environment ENVIRONMENT Macro Environment Micro EnvironmentAnalyzing Marketing Environment ENVIRONMENT Macro Environment Micro Environment
Chapter 7 Hybrid Policies Overview Chinese Wall ModelChapter 7 Hybrid Policies Overview Chinese Wall Model
Chapter 7 Hybrid Policies Overview Chinese Wall ModelChapter 7 Hybrid Policies Overview Chinese Wall Model