Information Flows and Covert Channels

Size: px
Start display at page:

Download "Information Flows and Covert Channels"

Transcription

1 Information Flows and Covert Channels Attila Özgit METU, Dept. of Computer Engineering Based on: Mike McNett s presentation slides CENG-599 Data Security and Protection

2 Objectives Understand the purpose of modeling information access Understand information flow principles Understand how information flows can be identified Understand covert channels and how to prevent them CENG-599 Data Security and Protection AÖ - 2

3 Why Model? What is an Information Security Model? Why use one? A security policy is a statement that partitions the states of the system into a set of authorized, or secure,, states and a set of unauthorized,, or nonsecure,, states (Bishop) A security model is a model that represents a particular policy or set of policies. (Bishop) A security mechanism is an entity or procedure that enforces some part of the security policy. (Bishop) CENG-599 Data Security and Protection AÖ - 3

4 Examples Security Policy e.g. Those described for use in the military Security Model e.g. BLP Model Security Mechanism e.g. Fenton s Data Mark Machine CENG-599 Data Security and Protection AÖ - 4

5 Why Formal Models? Regulations are generally descriptive rather than prescriptive, so they don t tell you how to implement Systems must be secure security must be demonstrable --> proofs therefore, formal security models For real systems this is not easy to do so. CENG-599 Data Security and Protection AÖ - 5

6 Categories of InfoSec Models Two major categories of information security models: Access Control models: protect access to data* Integrity Control models: verify that data* is not changed * applies to data in storage or in transit CENG-599 Data Security and Protection AÖ - 6

7 Traditional Models Chinese Wall Prevent conflicts of interest Clark-Wilson (An( Informal Model) Commercial focus on data integrity Bell-LaPadula (BLP) Biba Addresses confidentiality Addresses integrity with static/dynamic levels Information flow Close some covert channels CENG-599 Data Security and Protection AÖ - 7

8 Bell-LaPadula Security Model The Bell-LaPadula (BLP) model is about information confidentiality,, and this model formally represents the long tradition of attitudes to the flow of information concerning national secrets. More information found in Bishop, Chapter 5. CENG-599 Data Security and Protection AÖ - 8

9 Bell LaPadula (BLP)... Earliest formal model (Lattice) Each user (subject) and information (object) has a fixed security class labels Use the notation to indicate dominance The model identifies paths that could lead to inappropriate disclosure of information. What about Integrity? Biba A model for preventing inappropriate modification of data CENG-599 Data Security and Protection AÖ - 9

10 Bell LaPadula (BLP)... Simple Security (ss) property: the no read-up property A subject has read access to an object iff the class of the subject C(s) is greater than or equal to the class of the object C(o) i.e. Subjects can read Objects iff C(o) C(s) Military interpretation: the security class (clearance) of someone receiving a piece of information must be at least as high as the class (classification) of the information. CENG-599 Data Security and Protection AÖ - 10

11 Access Control: Bell-LaPadula... Top Secret Read OK Top Secret Read OK Read Read OK OK Secret Secret Unclassified Unclassified CENG-599 Data Security and Protection AÖ - 11

12 Access Control: Bell-LaPadula... Top Secret Secret Read Forbidden Read OK Top Secret Secret Read OK Unclassified Unclassified CENG-599 Data Security and Protection AÖ - 12

13 Access Control: Bell-LaPadula... Top Secret Top Secret Secret Unclassified Read Read Forbidden Forbidden Read Forbidden Read OK Secret Unclassified CENG-599 Data Security and Protection AÖ - 13

14 Bell - LaPadula... *-property (star-property -property): the no write-down property While a subject has read access to an object O, the subject can only write to an object P if C(O) C (P) Military interpretation: The contents of a sensitive object can be written only to objects at least as high. Leads to concentration of irrelevant detail at upper levels Discretionary Security (ds) property If discretionary policies are in place, accesses are further limited to this access matrix Although all users in the personnel department can read all [personnel] documents, the personnel manager would expect to limit the readers of a document that dealt with redundancies in the personnel department! Fig 7.7 (Pfleeger) CENG-599 Data Security and Protection AÖ - 14

15 Access Control: Bell-LaPadula... Top Secret Write OK Top Secret Write Forbidden Write Write Forbidden Forbidden Secret Secret Unclassified Unclassified CENG-599 Data Security and Protection AÖ - 15

16 Access Control: Bell-LaPadula... Top Secret Top Secret Write OK Secret Write OK Secret Write Forbidden Unclassified Unclassified CENG-599 Data Security and Protection AÖ - 16

17 Access Control: Bell-LaPadula... Top Secret Top Secret Secret Unclassified Write Write OK OK Write OK Write OK Secret Unclassified CENG-599 Data Security and Protection AÖ - 17

18 Security Models - Biba Based on the Cold War experiences, information integrity is also important, and the Biba model, complementary to Bell-LaPadula, is based on the flow of information where preserving integrity is critical. A model for preventing inappropriate modification of data The dual of BLP CENG-599 Data Security and Protection AÖ - 18

19 Integrity Control: Biba Designed to preserve integrity, not to limit access Three fundamental concepts: Simple Integrity Property no read down Star Integrity Property (*) no write up No execute up Integrity classification scheme Integrity classification scheme I(s) and I(o) CENG-599 Data Security and Protection AÖ - 19

20 Integrity Control: Biba... Simple Integrity Property no read down Subject s can modify (have write access to) object o only if I(o) I(s) Star Integrity Property (*) no write up If subject s has read access to an object o with integrity level I(o), subject s can have write access to an object p only if I(p) I(o) No execute up CENG-599 Data Security and Protection AÖ - 20

21 Integrity Control: Biba... High Integrity Read OK High Integrity Read Forbidden Read Read Forbidden Forbidden Medium Integrity Medium Integrity Low Integrity Low Integrity CENG-599 Data Security and Protection AÖ - 21

22 Integrity Control: Biba... High Integrity High Integrity Medium Integrity Low Integrity Write Write Forbidden Forbidden Write Forbidden Write OK Medium Integrity Low Integrity CENG-599 Data Security and Protection AÖ - 22

23 Integrity Control: Biba... Untrustworthy subjects An untrusted subject who has write access to an object reduces the integrity of that object. CENG-599 Data Security and Protection AÖ - 23

24 Basic Security Theorem A state transition is secure if both the initial and the final states are secure, so... If all state transitions are secure and the initial system state is secure, then every subsequent state will also be secure, regardless of which inputs occur. This is information flow! CENG-599 Data Security and Protection AÖ - 24

Access Control Intro, DAC and MAC. System Security

Access Control Intro, DAC and MAC. System Security Access Control Intro, DAC and MAC System Security System Security It is concerned with regulating how entities use resources in a system It consists of two main phases: Authentication: uniquely identifying

More information

CS 665: Computer System Security. Designing Trusted Operating Systems. Trusted? What Makes System Trusted. Information Assurance Module

CS 665: Computer System Security. Designing Trusted Operating Systems. Trusted? What Makes System Trusted. Information Assurance Module CS 665: Computer System Security Designing Trusted Operating Systems Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Trusted? An operating system is

More information

Part III. Access Control Fundamentals

Part III. Access Control Fundamentals Part III Access Control Fundamentals Sadeghi, Cubaleska @RUB, 2008-2009 Course Operating System Security Access Control Fundamentals 105 / 148 10 3.1 Authentication and Access Control 11 Examples for DAC

More information

Security Architecture and Design

Security Architecture and Design IT Networks and Security & CERIAS CISSP Luncheon Series Security Architecture and Design Presented by Rob Stanfield Domain Overview Identify key principles and concepts critical to securing the infrastructure

More information

Access Control Models Part I. Murat Kantarcioglu UT Dallas

Access Control Models Part I. Murat Kantarcioglu UT Dallas UT DALLAS Erik Jonsson School of Engineering & Computer Science Access Control Models Part I Murat Kantarcioglu UT Dallas Introduction Two main categories: Discretionary Access Control Models (DAC) Definition:

More information

Mandatory Access Control

Mandatory Access Control CIS/CSE 643: Computer Security (Syracuse University) MAC: 1 1 Why need MAC DAC: Discretionary Access Control Mandatory Access Control Definition: An individual user can set an access control mechanism

More information

... Lecture 3 Access Control. Information & Communication Security (WS 14/15) Prof. Dr. Kai Rannenberg

... Lecture 3 Access Control. Information & Communication Security (WS 14/15) Prof. Dr. Kai Rannenberg Lecture 3 Access Control Information & Communication Security (WS 14/15) Prof. Dr. Kai Rannenberg Deutsche Telekom Chair of Mobile Business & Multilateral Security Goethe-University Frankfurt a. M. Introduction

More information

Information Security Information & Network Security Lecture 2

Information Security Information & Network Security Lecture 2 1 Information Security Information & Network Security Lecture 2 David Weston Birkbeck, University of London Autumn Term 2 Security Policies 3 Introduction So you ve succeeded as SO in convincing people

More information

Computer security Lecture 3. Access control

Computer security Lecture 3. Access control Computer security Lecture 3 Access control Access control, the basic problem: Efficient representation of access rights Simply listing, per subject and object, what access is allowed and/or denied is very

More information

Database Security Part 7

Database Security Part 7 Database Security Part 7 Discretionary Access Control vs Mandatory Access Control Elisa Bertino bertino@cs.purdue.edu Discretionary Access Control (DAC) No precise definition Widely used in modern operating

More information

Bell & LaPadula Model Security Policy Bell & LaPadula Model Types of Access Permission Matrix

Bell & LaPadula Model Security Policy Bell & LaPadula Model Types of Access Permission Matrix 1 Security Policy A document that expresses clearly and concisely what the protection mechanisms are to achieve A statement of the security we expect the system to enforce Bell & LaPadula Model Formalization

More information

CSE543 - Introduction to Computer and Network Security. Module: Access Control

CSE543 - Introduction to Computer and Network Security. Module: Access Control CSE543 - Introduction to Computer and Network Security Module: Access Control Professor Trent Jaeger 1 Policy A policy specifies the rules of security Some statement of secure procedure or configuration

More information

Lecture 14 Towards Trusted Systems Security Policies and Models

Lecture 14 Towards Trusted Systems Security Policies and Models Lecture 14 Towards Trusted Systems Security Policies and Models Thierry Sans 15-349: Introduction to Computer and Network Security domains Definition of MAC MAC (Mandatory Access Control) A set of access

More information

DAC vs. MAC. Most people familiar with discretionary access control (DAC)

DAC vs. MAC. Most people familiar with discretionary access control (DAC) DAC vs. MAC Most people familiar with discretionary access control (DAC) - Example: Unix user-group-other permission bits - Might set a fileprivate so only groupfriends can read it Discretionary means

More information

Access Control. ITS335: IT Security. Sirindhorn International Institute of Technology Thammasat University ITS335. Access Control.

Access Control. ITS335: IT Security. Sirindhorn International Institute of Technology Thammasat University ITS335. Access Control. ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 10 October 2013 its335y13s2l04, Steve/Courses/2013/s2/its335/lectures/access.tex,

More information

How To Model Access Control Models In Cse543

How To Model Access Control Models In Cse543 CSE543 - Introduction to Computer and Network Security Module: Access Control Models Professor Patrick McDaniel Fall 2008 1 Access Control Models What language should I use to express policy? Access Control

More information

Role Based Access Control: Adoption and Implementation in the Developing World

Role Based Access Control: Adoption and Implementation in the Developing World Role Based Access Control: Adoption and Implementation in the Developing World By Loy A.K. Muhwezi Master s Thesis in Computer Science Thesis number: Supervised By Dr. Martijn Oostdijk Radboud University

More information

Access Control Matrix

Access Control Matrix Access Control Matrix List all proceses and files in a matrix Each row is a process ( subject ) Each column is a file ( object ) Each matrix entry is the access rights that subject has for that object

More information

Security Models: Past, Present and Future

Security Models: Past, Present and Future Security Models: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio August 2010 ravi.sandhu@utsa.edu www.profsandhu.com

More information

Access Control: Policies, Models, and Mechanisms

Access Control: Policies, Models, and Mechanisms Access Control: Policies, Models, and Mechanisms Pierangela Samarati 1 and Sabrina De Capitani di Vimercati 2 1 Dipartimento di Tecnologie dell Informazione Università di Milano Via Bramante 65 263 - Crema

More information

Implementation of Mandatory Access Control in Role-based Security System with Oracle Snapshot Skill

Implementation of Mandatory Access Control in Role-based Security System with Oracle Snapshot Skill Implementation of Mandatory Access Control in Role-based Security System with Oracle Snapshot Skill CSE 367 Independent Study Final Project Report Prof. Steve Demurjian December, 13 2001 Hui Wang Lisa

More information

Reference Guide for Security in Networks

Reference Guide for Security in Networks Reference Guide for Security in Networks This reference guide is provided to aid in understanding security concepts and their application in various network architectures. It should not be used as a template

More information

Document Management System Security

Document Management System Security Document Management System Security Jonas Birmé birme@cs.umu.se January 24, 2005 20 credits Umeå University Department of Computing Science SE-901 87 UMEÅ SWEDEN Abstract A common demand today is that

More information

Security Model and Enforcement for Data-Centric Pub/Sub with High Information Assurance Requirements

Security Model and Enforcement for Data-Centric Pub/Sub with High Information Assurance Requirements Security Model and Enforcement for Data-Centric Pub/Sub with High Information Assurance Requirements Sebastian Staamann, Director Security Products, PrismTech OMG's Eighth Workshop on Distributed Object

More information

Firewalls. Mahalingam Ramkumar

Firewalls. Mahalingam Ramkumar Firewalls Mahalingam Ramkumar Evolution of Networks Centralized data processing LANs Premises network interconnection of LANs and mainframes Enterprise-wide network interconnection of LANs in a private

More information

A Security Model for Military Message Systems: Retrospective

A Security Model for Military Message Systems: Retrospective A Security Model for Military Message Systems: Retrospective Carl E. Landwehr Constance L. Heitmeyer John D. McLean Mitretek Systems, Inc. Naval Research Laboratory Naval Research Laboratory Carl.Landwehr@mitretek.org

More information

COSC344 Database Theory and Applications. Lecture 23 Security and Auditing. COSC344 Lecture 23 1

COSC344 Database Theory and Applications. Lecture 23 Security and Auditing. COSC344 Lecture 23 1 COSC344 Database Theory and Applications Lecture 23 Security and Auditing COSC344 Lecture 23 1 Overview Last Lecture Indexing This Lecture Database Security and Auditing Security Mandatory access control

More information

Access Control: Policies, Models, and Mechanisms

Access Control: Policies, Models, and Mechanisms Access Control: Policies, Models, and Mechanisms Pierangela Samarati and Sabrina de Capitani di Vimercati 2 Dipartimento di Tecnologie dell Informazione, Università di Milano Via Bramante 65, 263 Crema

More information

Database Security. Soon M. Chung Department of Computer Science and Engineering Wright State University schung@cs.wright.

Database Security. Soon M. Chung Department of Computer Science and Engineering Wright State University schung@cs.wright. Database Security Soon M. Chung Department of Computer Science and Engineering Wright State University schung@cs.wright.edu 937-775-5119 Goals of DB Security Integrity: Only authorized users should be

More information

ITM661 Database Systems. Database Security and Administration

ITM661 Database Systems. Database Security and Administration ITM661 Database Systems Database Security and Administration Outline Introduction to Database Security Issues Types of Security Threats to databases Database Security and DBA Access Protection, User Accounts,

More information

Verifying Security Policies using Host Attributes

Verifying Security Policies using Host Attributes Verifying Security Policies using Host Attributes 34 th IFIP International Conference on Formal Techniques for Distributed Objects, Components and Systems Cornelius Diekmann 1 Stephan-A. Posselt 1 Heiko

More information

Chapter 23. Database Security. Security Issues. Database Security

Chapter 23. Database Security. Security Issues. Database Security Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database

More information

Access Control Fundamentals

Access Control Fundamentals C H A P T E R 2 Access Control Fundamentals An access enforcement mechanism authorizes requests (e.g., system calls) from multiple subjects (e.g., users, processes, etc.) to perform operations (e.g., read,,

More information

SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E)

SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E) SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E) 2 LECTURE OUTLINE Threats and countermeasures Access control mechanisms SQL s grant and revoke Role of views 3 THREATS What are the threats? Loss of integrity

More information

VALLIAMMAI ENGINEERING COLLEGE

VALLIAMMAI ENGINEERING COLLEGE VALLIAMMAI ENGINEERING COLLEGE (A member of SRM Institution) SRM Nagar, Kattankulathur 603203. DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING Year and Semester : I / II Section : 1 Subject Code : NE7202

More information

MULTILATERAL SECURITY. Based on chapter 9 of Security Engineering by Ross Anderson

MULTILATERAL SECURITY. Based on chapter 9 of Security Engineering by Ross Anderson MULTILATERAL SECURITY Based on chapter 9 of Security Engineering by Ross Anderson עומר פפרו Paparo Presenter: Omer Outline Introduction Motivation Data flow models Compartmentation and the lattice model

More information

Security Enhanced Linux and the Path Forward

Security Enhanced Linux and the Path Forward Security Enhanced Linux and the Path Forward April 2006 Justin Nemmers Engineer, Red Hat Agenda System security in an insecure world Red Hat Enterprise Linux Security Features An overview of Discretionary

More information

REMOTE POLICY ENFORCEMENT USING JAVA VIRTUAL MACHINE SRIJITH K. NAIR

REMOTE POLICY ENFORCEMENT USING JAVA VIRTUAL MACHINE SRIJITH K. NAIR REMOTE POLICY ENFORCEMENT USING JAVA VIRTUAL MACHINE SRIJITH K. NAIR COPYRIGHT 2009 BY SRIJITH K. NAIR CONTENTS 1 INTRODUCTION 1 1.1 Trust Model......................... 2 1.2 Our Approach........................

More information

Domain 9 Security Architecture and Design

Domain 9 Security Architecture and Design Domain 9 Security Architecture and Design Common Architecture Frameworks An architecture framework is a structure that can be used to develop a broad range of architectures, which typically provides a

More information

83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff

83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff 83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff Computer security is a matter of controlling how data is shared for reading and modifying. Type enforcement is a new security

More information

SecTor 2009 October 6, 2009. Tracy Ann Kosa

SecTor 2009 October 6, 2009. Tracy Ann Kosa SecTor 2009 October 6, 2009 Tracy Ann Kosa Privacy versus Security Un enforced Privacy Privacy Requirements that Work People Process Technology Territorial Privacy Setting boundaries on intrusion into

More information

Security and Cryptography 1. Stefan Köpsell, Thorsten Strufe. Module 8:Access Control and Authentication

Security and Cryptography 1. Stefan Köpsell, Thorsten Strufe. Module 8:Access Control and Authentication Security and Cryptography 1 Stefan Köpsell, Thorsten Strufe Module 8:Access Control and Authentication Disclaimer: large parts from Stefan Katzenbeisser, Günter Schäfer Dresden, WS 14/15 Reprise from the

More information

University of Cambridge

University of Cambridge University of Cambridge Computer Laboratory ESSAYS ABOUT COMPUTER SECURITY Prof. E. Stewart Lee Director Centre for Communications Systems Research Cambridge Cambridge, 1999 Preface The purpose of these

More information

Weighted Total Mark. Weighted Exam Mark

Weighted Total Mark. Weighted Exam Mark CMP4103 Computer Systems and Network Security Period per Week Contact Hour per Semester Weighted Total Mark Weighted Exam Mark Weighted Continuous Assessment Mark Credit Units LH PH TH CH WTM WEM WCM CU

More information

Chapter 23. Database Security. Security Issues. Database Security

Chapter 23. Database Security. Security Issues. Database Security Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database

More information

INFO/CS 330: Applied Database Systems

INFO/CS 330: Applied Database Systems INFO/CS 330: Applied Database Systems Introduction to Database Security Johannes Gehrke johannes@cs.cornell.edu http://www.cs.cornell.edu/johannes Introduction to DB Security Secrecy:Users should not be

More information

CS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University

CS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University CS377: Database Systems Data Security and Privacy Li Xiong Department of Mathematics and Computer Science Emory University 1 Principles of Data Security CIA Confidentiality Triad Prevent the disclosure

More information

What is a secret? Ruth Nelson

What is a secret? Ruth Nelson What is a Secret - and - What does that have to do with Computer Security? Ruth Nelson Information System Security 48 Hardy Avenue, Watertown, MA 02172 Abstract This paper questions some of the basic assumptions

More information

Overview of Information Security. Murat Kantarcioglu

Overview of Information Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Information Security Murat Kantarcioglu Pag. 1 Purdue University Outline Information Security: basic concepts Privacy: basic

More information

The Specification and Modeling of Computer Security

The Specification and Modeling of Computer Security The Specification and Modeling of Computer Security John McLean Center for High Assurance Computer Systems Naval Research Laboratory Washington, D.C. 20375 Computer security models are specifications designed,

More information

What is Auditing? Auditing. Problems. Uses. Audit System Structure. Logger. Reading: Chapter 24. Logging. Slides by M. Bishop are used.

What is Auditing? Auditing. Problems. Uses. Audit System Structure. Logger. Reading: Chapter 24. Logging. Slides by M. Bishop are used. Reading: Chapter 24 Auditing Slides by M. Bishop are used What is Auditing? Logging» Recording events or statistics to provide information about system use and performance Auditing» Analysis of log records

More information

SELinux Policy Management Framework for HIS

SELinux Policy Management Framework for HIS SELinux Policy Management Framework for HIS by Luis Franco Marin (05592763) BSc., MIT This thesis is presented in fulfilment of the requirements of the degree of Master of Information Technology (Research)

More information

Best Practices, Procedures and Methods for Access Control Management. Michael Haythorn

Best Practices, Procedures and Methods for Access Control Management. Michael Haythorn Best Practices, Procedures and Methods for Access Control Management Michael Haythorn July 13, 2013 Table of Contents Abstract... 2 What is Access?... 3 Access Control... 3 Identification... 3 Authentication...

More information

Trusted RUBIX TM. Version 6. Multilevel Security in Trusted RUBIX White Paper. Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM TEL +1-202-412-0152

Trusted RUBIX TM. Version 6. Multilevel Security in Trusted RUBIX White Paper. Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM TEL +1-202-412-0152 Trusted RUBIX TM Version 6 Multilevel Security in Trusted RUBIX White Paper Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM Infosystems Technology, Inc. 4 Professional Dr - Suite 118 Gaithersburg, MD

More information

Protection and Security [supplemental] 1. Network Firewalls

Protection and Security [supplemental] 1. Network Firewalls Protection and Security [supplemental] 1 Network Firewalls How to connect a trusted computer system to an untrusted network? Put a firewall between the trusted (system or systems) and the untrusted. All

More information

Enhancing UML to Model Custom Security Aspects

Enhancing UML to Model Custom Security Aspects Enhancing UML to Model Custom Security Aspects [Position Paper] Jaime Pavlich-Mariscal, Laurent Michel, and Steven Demurjian Department of Computer Science & Engineering, The University of Connecticut,

More information

Security and Authorization. Introduction to DB Security. Access Controls. Chapter 21

Security and Authorization. Introduction to DB Security. Access Controls. Chapter 21 Security and Authorization Chapter 21 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke 1 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed

More information

SECURITY ARCHITECTURE

SECURITY ARCHITECTURE Chapter 9........................................ Shih planned to make a great wall by extending and enlarging preexisting walls made by previous rulers. This great wall would serve as a barricade to keep

More information

A Structured Approach to Computer Security *

A Structured Approach to Computer Security * 1 A Structured Approach to Computer Security * Tomas Olovsson Department of Computer Engineering Chalmers University of Technology S-412 96 Gothenburg SWEDEN Technical Report No 122, 1992 ABSTRACT Security

More information

Goal-Oriented Auditing and Logging

Goal-Oriented Auditing and Logging 1. Introduction Goal-Oriented Auditing and Logging Matt Bishop Christopher Wee Jeremy Frank Department of Computer Science University of California at Davis Davis, CA 95616-8562 This paper presents a technique

More information

Database security. André Zúquete Security 1. Advantages of using databases. Shared access Many users use one common, centralized data set

Database security. André Zúquete Security 1. Advantages of using databases. Shared access Many users use one common, centralized data set Database security André Zúquete Security 1 Advantages of using databases Shared access Many users use one common, centralized data set Minimal redundancy Individual users do not have to collect and maintain

More information

NAVAL POSTGRADUATE SCHOOL DISSERTATION

NAVAL POSTGRADUATE SCHOOL DISSERTATION NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA DISSERTATION AN APPLICATION OF ALLOY TO STATIC ANALYSIS FOR SECURE INFORMATION FLOW AND VERIFICATION OF SOFTWARE SYSTEMS by Alan B. Shaffer December 2008

More information

What is Auditing? IT 4823 Information Security Administration. Problems. Uses. Logger. Audit System Structure. Logging. Auditing. Auditing November 7

What is Auditing? IT 4823 Information Security Administration. Problems. Uses. Logger. Audit System Structure. Logging. Auditing. Auditing November 7 IT 4823 Information Security Administration Auditing November 7 What is Auditing? Logging Recording events or statistics to provide information about system use and performance Auditing Analysis of log

More information

Database Security. Chapter 21

Database Security. Chapter 21 Database Security Chapter 21 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed to. E.g., A student can t see other students grades. Integrity: Users should

More information

CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 6

CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 6 CIS 551 / TCOM 401 Computer and Network Security Spring 2007 Lecture 6 Announcements Reminder: Send in project groups TODAY If you don't have a group, let us know. If you haven't started on the project

More information

1 INTRODUCTION The need for information security was recognized with the advent of the rst multi-user computer systems. This need has become more and

1 INTRODUCTION The need for information security was recognized with the advent of the rst multi-user computer systems. This need has become more and IEEE Computer, Volume 26, Number 11, November 1993, pages 9-19 (Cover article). Lattice-Based Access Control Models 1 Ravi S. Sandhu Center for Secure Information Systems & Department of Information and

More information

USER ACCESS CONTROL AND SECURITY MODEL

USER ACCESS CONTROL AND SECURITY MODEL 102 USER ACCESS CONTROL AND SECURTY MODEL Cahyo Crysdian, Harihodin b. Selamat, Mohd. Noor b. Md. Sap (crysdian@yahoo.com, harihodn@itp.utm.my, mohdnoor@fsksm.utm.my) Faculty of Computer Science and nformation

More information

Implementation of Mandatory Access Control in Role-based Security System. CSE367 Final Project Report. Professor Steve Demurjian. Fall 2001.

Implementation of Mandatory Access Control in Role-based Security System. CSE367 Final Project Report. Professor Steve Demurjian. Fall 2001. Implementation of Mandatory Access Control in Role-based Security System CSE367 Final Project Report Professor Steve Demurjian Fall 2001 Jin Ma Computer Science & Engineering The University of Connecticut

More information

Secure Hypervisors. Sebastian Vogl. Fakultät für Informatik, Technische Universität München vogls@in.tum.de

Secure Hypervisors. Sebastian Vogl. Fakultät für Informatik, Technische Universität München vogls@in.tum.de Secure Hypervisors Sebastian Vogl Fakultät für Informatik, Technische Universität München vogls@in.tum.de Abstract. Nowadays, more and more companies tend to use virtual machines instead of physically

More information

Simulation of a Two-Category Secured Access Database

Simulation of a Two-Category Secured Access Database Communications of the IIMA Volume 9 Issue 3 Article 1 2009 Simulation of a Two-Category Secured Access Database Marn Ling Shing Taipei Municipal University of Education Chen-Chi Shing Radford University

More information

Identity Management and Access Control

Identity Management and Access Control and Access Control Marek Rychly mrychly@strathmore.edu Strathmore University, @ilabafrica & Brno University of Technology, Faculty of Information Technology Enterprise Security 7 December 2015 Marek Rychly

More information

Protecting Privacy & Security in the Health Care Setting

Protecting Privacy & Security in the Health Care Setting 2013 Compliance Training for Contractors and Vendors Module 3 Protecting Privacy & Security in the Health Care Setting For Internal Training Purposes Only. After completing this training, learners will

More information

CIS 551 / TCOM 401 Computer and Network Security. Spring 2006 Lecture 7

CIS 551 / TCOM 401 Computer and Network Security. Spring 2006 Lecture 7 CIS 551 / TCOM 401 Computer and Network Security Spring 2006 Lecture 7 Announcements Reminder: First Midterm is one week from today. (2/9/2006) In class, closed notes Example exam from last year will be

More information

THE PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT (PIPEDA) PERSONAL INFORMATION POLICY & PROCEDURE HANDBOOK

THE PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT (PIPEDA) PERSONAL INFORMATION POLICY & PROCEDURE HANDBOOK THE PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT (PIPEDA) PERSONAL INFORMATION POLICY & PROCEDURE HANDBOOK REVISED August 2004 PERSONAL INFORMATION POLICY & PROCEDURE HANDBOOK Introduction

More information

Firewalls CSCI 454/554

Firewalls CSCI 454/554 Firewalls CSCI 454/554 Why Firewall? 1 Why Firewall (cont d) w now everyone want to be on the Internet w and to interconnect networks w has persistent security concerns n can t easily secure every system

More information

Covert Channel Data Leakage Protection

Covert Channel Data Leakage Protection i Covert Channel Data Leakage Protection A model for detecting and preventing data leakage through covert channels. ADAM CORNELISSEN ii MASTER OF SCIENCE THESIS (647) Supervisors: prof. dr. B.P.F. Jacobs

More information

Chapter 8 A secure virtual web database environment

Chapter 8 A secure virtual web database environment Chapter 8 Information security with special reference to database interconnectivity Page 146 8.1 Introduction The previous three chapters investigated current state-of-the-art database security services

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure

More information

A Security Domain Model for Static Analysis and Verification of Software Programs

A Security Domain Model for Static Analysis and Verification of Software Programs A Security Domain Model for Static Analysis and Verification of Software Programs Alan B. Shaffer Naval Postgraduate School Computer Science Dept Monterey, CA, USA abshaffe@nps.edu Abstract- Unauthorized

More information

CMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis

CMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems

More information

Secure Networking Configuration

Secure Networking Configuration Secure Networking Configuration Release 6.x Contents 1 Preface 1 1.1 About The Secure Networking Configuration Guide........................ 1 1.2 Intended Audience..........................................

More information

Session objectives. Access control. Subjects and objects. The request. Information Security

Session objectives. Access control. Subjects and objects. The request. Information Security The session Session objectives Access Control Information Security Dr Hans Georg Schaathun Introduce fundamental terminology of access control Understand principles of privilege management and identity

More information

Securing Commercial Operating Systems

Securing Commercial Operating Systems C H A P T E R 7 Securing Commercial Operating Systems Since the discovery of the reference monitor concept during the development of Multics, there have been many projects to retrofit existing commercial

More information

Foundations of Computer Security

Foundations of Computer Security Foundations of Computer Security Lecture 19: Dr. Bill Young Department of Computer Sciences University of Texas at Austin Lecture 19: 1 Meaning of Computer Security Recall that computer security is described

More information

Examples oflattices in Computer Security Models

Examples oflattices in Computer Security Models ~-~p~pr~o~v~ed~fo-r-r""'el""e-a-s e...,...by...,...n"""s,..."a-o-n... 1 2..._... 0..,.1...,-2... 0,...,1...,.1"""",T=r-a-n-sp-a-r-e-n-cy-C="""a-se""""#"""""63""'8~5:a Examples oflattices in Computer Security

More information

Mathematical finance and linear programming (optimization)

Mathematical finance and linear programming (optimization) Mathematical finance and linear programming (optimization) Geir Dahl September 15, 2009 1 Introduction The purpose of this short note is to explain how linear programming (LP) (=linear optimization) may

More information

Atlas Capital Financial Services Limited. Conflicts of Interest

Atlas Capital Financial Services Limited. Conflicts of Interest Atlas Capital Financial Services Limited (Regulated by the Cyprus Securities & Exchange Commission) Conflicts of Interest 10th of February 2015 1 P a g e Contents 1. Introduction... 3 2. Scope of the policy...

More information

HIPAA Security. assistance with implementation of the. security standards. This series aims to

HIPAA Security. assistance with implementation of the. security standards. This series aims to HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical

More information

A Compositional Framework for the. Development of Secure Access Control. Systems

A Compositional Framework for the. Development of Secure Access Control. Systems A Compositional Framework for the Development of Secure Access Control Systems PhD Thesis François Siewe Software Technology Research Laboratory Faculty of Compting Sciences and Engineering De Montfort

More information

ALTERNATIVE JAVA SECURITY POLICY MODEL

ALTERNATIVE JAVA SECURITY POLICY MODEL FRÉDÉRIC SAMSON ALTERNATIVE JAVA SECURITY POLICY MODEL Mémoire présenté à la Faculté des études supérieures de l Université Laval dans le cadre du programme de maîtrise en informatique pour l obtention

More information

Titus and Cisco IronPort Integration Guide Improving Outbound and Inbound Email Security. Titus White Paper

Titus and Cisco IronPort Integration Guide Improving Outbound and Inbound Email Security. Titus White Paper Titus and Cisco IronPort Integration Guide Improving Outbound and Inbound Email Security Titus White Paper Information in this document is subject to change without notice. Complying with all applicable

More information

There are many examples of sensitive information falling into the wrong hands. What s the worst that can happen? The worst has already happened.

There are many examples of sensitive information falling into the wrong hands. What s the worst that can happen? The worst has already happened. Data Spills Short Introduction There are many examples of sensitive information falling into the wrong hands. What s the worst that can happen? The worst has already happened. When data spills occur, they

More information

Secure Virtual Machine Systems

Secure Virtual Machine Systems C H A P T E R 11 Secure Virtual Machine Systems A problem in building a new, secure operating system is that existing applications may not run on the new system. Operating systems define an application

More information

HIPAA Compliance for Students

HIPAA Compliance for Students HIPAA Compliance for Students The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996 by the United States Congress. It s intent was to help people obtain health insurance benefits

More information

A Presentation of Access Control Methods

A Presentation of Access Control Methods Chapter 2 A Presentation of Access Control Methods Those who are enamored of practice without theory are like a pilot who goes into a ship without rudder or compass and never has any certainty where he

More information

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One Information Security- Perspective for Management Information Security Management Program Concept

More information

KKIO2002 1 DRAFT. full paper published in: proc. of 4th National Conference on Software Engineering

KKIO2002 1 DRAFT. full paper published in: proc. of 4th National Conference on Software Engineering KKIO2002 1 DRAFT full paper published in: proc. of 4th National Conference on Software Engineering October 15-18, 2002 Poznań - Tarnowo Podgórne, Poland Paper published in the proceedings and presented

More information

Network Security Project Management: A Security Policy-based Approach

Network Security Project Management: A Security Policy-based Approach Network Security Project Management: A Security Policy-based Approach Jihene Krichene and Noureddine Boudriga Abstract Managing security projects is a delicate activity due to the evolution of attacks.

More information

Security Digital Certificate Manager

Security Digital Certificate Manager IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,

More information