Computer security Lecture 3. Access control
|
|
- Henry Reeves
- 8 years ago
- Views:
Transcription
1 Computer security Lecture 3 Access control
2 Access control, the basic problem: Efficient representation of access rights Simply listing, per subject and object, what access is allowed and/or denied is very inefficient We need a structured approach The approach needs to be efficient flexible testable
3 Access control concepts Principals and subjects (users, processes etc.) Active, access something Objects (files, devices, storage areas, services, etc.) Passive, are accessed Operations (what subjects do) Observe, alter, use Read, write, append, execute principal do operation reference monitor object Source Request Guard Resource
4 Terminology Permission is usually used for direct access rights to objects Privilege is sometimes used for more basic rights to system resources There is no fixed, correct terminology (got root?)
5 Principals and subjects A principal is an entity that has an authenticated identity A subject is an entity that acts on behalf of a principal, within a computer system Example of principal: a user identity Example of subject: a process running under a user identity principal do operation reference monitor object Source Request Guard Resource
6 Subjects and objects A subject is an entity that acts on behalf of a principal, within a computer system An object is an entity that is acted upon Example of subject: a process running under a user identity Example of object: a text file principal do operation reference monitor object Source Request Guard Resource
7 Observe/alter/use To observe is simply to look at the contents of an object To alter is to change the contents of an object, alternatively to add contents to an object It is also possible to use functionality of an object without extracting its contents (example: smart card signatures) principal do operation reference monitor object Source Request Guard Resource
8 More on subjects I To simplify access control handling, the special subject group is often used I A system often has a special group, administrators, that can access all (or many) resources of the system The special subject owner In computers, the owner can grant access or revoke it, and decide what type of access I This is called discretionary access control I The opposite, mandatory access control mostly occurs in the defence sector, that handles classified data
9 More on operations Usually read, write and execute are used (and not append ) Does write imply read permissions? Or does it not? Does write mean alter contents, add contents, delete? If not all, what are the others called? What does execute mean for non-code objects? There can also be special arrangements for the create and delete operations
10 More on objects Subjects are active parties, such as users, processes etc; they access Objects are passive entities, resources such as data, equipment etc; they are accessed When checking if access is allowed, both subject and object must be identified Identities must be unique within their domain
11 Access control matrix Lists what users are allowed to do with resources like files Has one row (or column) per user Has one column (or row) per resource An abstract concept, not something used in actual storage, because that would be extremely inefficient Data 1 Data 2 Prog 1 Prog 2 Alice RW X Bob R RW RWX Carol R X David RW R X RWX Eve R RX
12 Representing the Access Matrix Mechanisms Access Control Lists: Per object what rights the listed subjects have to the object (a simple version is permission bits) Capability Lists: Per subject what rights the subject has to the listed objects Data 1 Data 2 Prog 1 Prog 2 Alice RW X Bob R RW RWX Carol R X David RW R X RWX Eve R RX
13 Representing the Access Matrix Mechanisms Access Control Lists: Per object what rights the listed subjects have to the object (a simple version is permission bits) Capability Lists: Per subject what rights the subject has to the listed objects Data 1 Data 2 Prog 1 Prog 2 Alice RW X Bob R RW RWX Carol R X David RW R X RWX Eve R RX
14 ACLs in simple form: Permission Bits Very simple Fixed set of rights, fixed set of subjects Very inflexible Efficient to determine permission for a given object No lists to search, registered directly with the objects Three subject types per object: Owner Group Others Three types of rights per subject type: Read Write execute
15 In UNIX these have different meaning for different objects Files Read: read from a file Write: write to a file execute: execute a (program) file Directories Read: list directory contents Write: create, rename, or delete files execute: access file contents and metadata (but not name)
16 ACLs in simple form: Unix permissions /.../html/: -rw-rw-r-- harna icgwww aktuellt.html drwxrwxr-x root root mall -rw-rw-r-- jalar icgwww index.html /home/jalar/: -rw-r--r-- jalar users cseclecture02.pdf drwx jalar users mysecretmaterial drwxrwx--- jalar icg ourproject Permissions are listed in the order: user (owner), group, others
17 Directory access in UNIX and general ACLs In UNIX, rwx have special meaning for directories General ACL Access permissions for a directory can mean accessaccess to the directory itself to see what the next level contains and to add or delete files and sub-directories Or, access permissions may also mean access to the files in that directory Other systems list this as specific named permissions
18 Access Control Lists (ACLs) in general More general ACLs do list per object what rights the listed subjects have to the object Easy answer to the question who has what kind of access to this object bill.doc edit.exe tetris.exe Bill:rw Alice:rx, Bill:rx Alice:rx, Bill:rwx May be inefficient, since determining rights for one user may require searching a long list Revoking permissions for one user needs searching through the whole set of ACLs Doesn t always work well in distributed systems, since permissions are stored together with objects
19 Access Control Lists (ACLs) in general More general ACLs do list per object what rights the listed subjects have to the object Easy answer to the question who has what kind of access to this object bill.doc edit.exe tetris.exe Bill:rw Alice:rx, Bill:rx Alice:rx, Bill:rwx Popular despite its shortcomings Simple to implement Natural in systems with discretionary access control Unix-based systems and Windows (although the later is more complicated)
20 Intermediate levels in ACLs u 1 u 2 u 3 u 4 u 5 g 1 g 2 o 1 o 2 o 3 o 4 o 5 o 6 Use groups to shorten lists
21 Intermediate levels in ACLs u 1 u 2 u 3 u 4 u 5 g 1 g 2 o 1 o 2 o 3 o 4 o 5 o 6 Use groups to shorten lists Individual permissions can still be used
22 Intermediate levels in ACLs u 1 u 2 u 3 u 4 u 5 x g 1 g 2 o 1 o 2 o 3 o 4 o 5 o 6 Use groups to shorten lists Individual permissions can still be used Negative permissions can be used to create a smaller group out of an existing large one
23 Intermediate levels in ACLs u 1 u 2 u 3 u 4 u 5 x g 1 g 2 o 1 o 2 o 3 o 4 o 5 o 6 Use groups to shorten lists Individual permissions can still be used Negative permissions can be used to create a smaller group out of an existing large one But now you need a rule for the case when someone (through groups) appears twice with different rights
24 Intermediate levels in ACLs u 1 u 2 u 3 u 4 u 5 g 1 g 2 o 1 o 2 o 3 o 4 o 5 o 6 g 1 u 1, u 2, u 3 g 2 u 3, u 4, u 5 o 3 g 1 :r g 2 :rw. Two possible rules to resolve conflicts: First match Any match If u 3 wants to write to o 3, the first match rule denies this, the any match rule allows this
25 Intermediate levels in ACLs: any match u 1 u 2 u 3 u 4 u 5 g 1 g 2 o 1 o 2 o 3 o 4 o 5 o 6 g 1 u 1, u 2, u 3 g 2 u 3, u 4 o 3 g 1 :r g 2 :r... u 4 :rw. If the list for o 3 is long, then it takes a long time to check if u 4 has write access Efficiency depends on ACL order For o 3, removal of g 2 :r does not change anything
26 Intermediate levels in ACLs: first match u 1 u 2 u 3 u 4 u 5 g 1 g 2 o 1 o 2 o 3 o 4 o 5 o 6 g 1 u 1, u 2, u 3 g 2 u 3, u 4 o 3 g 1 :r g 2 :r... u 4 :rw. Finding u 4 s access rights is fast even though the list is long But here, u 4 doesn t have write access to o 3 Placing u 4 first slows down the search for other users For o 3, removal of g 2 :r gives u 4 write access
27 Negative permissions in ACLs u 1 u 2 u 3 u 4 u 5 x g 1 g 2 o 1 o 2 o 3 o 4 o 5 o 6 g 1 u 1, u 2, u 3, u 4, u 5 o 1 u 1 :None g 1 :r. Negative access rights can be used for the exceptional case This makes the ACL structure much more efficient First match: Negative must be first Any match: Negative wins
28 Owners in ACLs Usually the creator of an object has default maximum privileges for the object Granting access to others is one of those privileges Sometimes only the owner and system manager can ever change the ACL Some systems allow ACLs to have ACLs
29 System manager Usually the system manager, root in UNIX, has default maximum privileges Often processes that check access restrictions are not even invoked for the system manager Sometimes specific rights are given for the system manager in the ACL System managers can normally give themselves any privilege they don t already have, but that event is (should be) logged in non-erasable form
30 Program or user permission? You cannot always allow users direct access to files Solution is to allow the program the access, and allow the user to execute the program Basically, access control is delegated to the program This is used for specialized data handling tasks (databases/accounting/drm), or system tasks -rwsr-xr-x root root /bin/mount You cannot always register programs as subjects Solution in UNIX etc. is to use SUID
31 Program or user permission? You cannot always allow users direct access to files Solution is to allow the program the access, and allow the user to execute the program Basically, access control is delegated to the program This is used for specialized data handling tasks (databases/accounting/drm), or system tasks -rw-r----- acct acct accounting.dat -rwsr-xr-x acct acct accounting acct:x:1001:...
32 Capability lists Lists per subject what rights the subject has to what objects Easy answer the question what kind of access does this subject have to what objects Alice Bill edit.exe:rx, tetris.exe:rx bill.doc:rw, edit.exe:rx, tetris.exe:rwx May also be inefficient, since determining who has what rights for one object will require searching all users Here, principals will pass on rights to subjects; to be able to revoke permissions a principal needs to keep track of this Works better in distributed systems, since roaming users have their permissions close at hand (but you need to implement this securely)
33 Capability lists Lists per subject what rights the subject has to what objects Easy answer the question what kind of access does this subject have to what objects Alice Bill edit.exe:rx, tetris.exe:rx bill.doc:rw, edit.exe:rx, tetris.exe:rwx Experimental implementations in the -70 s, a bit like file passwords A system that used capability lists is IBM AS/400 Have made a limited comeback in the form of public key certificates These are often considered crypto rather than access control, but should sometimes be thought of as the second
34 Capability lists Lists per subject what rights the subject has to what objects Easy answer the question what kind of access does this subject have to what objects Ticket: The user holding this ticket can change contents in ICG web A common concept is Tickets A capability list is of course just the contents of a row (subject dimension) of the access control matrix Tickets and attribute certificates are subsets of this. Tickets etc. do not reveal the subjects full permissions to the checking party
35 Grant/revoke access In ACLs, usually only the owner or the system manager can grant and revoke access to an object In some systems, subjects with directory write permissions can grant/revoke access to library objects ACLs for ACLs (as objects) enables more complicated behaviour With capability lists, subjects can grant and revoke access If you can grant permission to grant access, the situation can become very complex The problem is keeping track of who has been granted access
36 Role-Based Access Control (RBAC) A Role is a collection of procedures, that users that have a role can execute A procedure is a more complicated operation (not merely read or write), for example a fund transfer between bank accounts A data type is associated to the objects, and to each data type, only specific procedures apply Frequently a user needs to take an explicit action to activate a desired role Roles often have a hierarchial structure Example: itslearning has Course head, Teacher, Student, Guest This is not always the hierarchy of the organization
37 NIST classification of RBAC levels Flat RBAC: As on last slide, adding user-role reviews, which would tell a user if her role has changed Hierachial RBAC: adds role hierarchies, with more senior (or powerful) roles Constrained RBAC: adds separation-of-duties, so that users cannot have two roles that are unsuitable to share Symmetric RBAC: adds permission-role reviews, in more complicated situations, to find roles with specific permissions Unfortunately, RBAC does not have a generally accepted meaning
38 More on hierarchial structure Course head Teacher Teacher Teacher Student Student Student Guest Guest Guest Guests are lower in the hierarchy than students Guests do not have a natural relation to students (unless it s your mum)
39 More on hierarchial structure Dept head Group head Group head Group head Employee Employee Employee Employee Employee Employee Employees can work in several departments
40 Security level partial order Top Secret,{Army,Navy} Secret,{Army,Navy} Secret,{Army} Top Secret,{Army} Confidential,{} Unclassified,{} Top Secret,{} A higher level dominates a lower one A set of categories dominates a subset When none of two sets is a subset of the other, there is no dominance relation between them So Top Secret,{Army} dominates Secret,{Army} and Top Secret,{} There is no such relation between Top Secret,{} and Secret,{A,N}, or Top Secret,{} and Secret,{A}
41 Access control, the basic problem: Efficient representation of access rights Simply listing, per subject and object, what access is allowed and/or denied is very inefficient We need a structured approach The approach needs to be efficient flexible testable
42 The tool to use is a formal model In order to describe and evaluate system security, we must define What is a breach of confidentiality? What is a breach of data integrity? Checks/evaluations can not be made per single items Information flow must be taken into account The relations are important, or really, the pattern of relations Hierarchies and partial order can be used to describe this pattern
43 Hierarchial structures are ubiqutous A common structure for allowed/forbidden flow is that higher authorities are allowed what their subordinates are forbidden, but not the other way around Examples are that generals are allowed to see more sensitive information than colonels, and doctors are allowed to prescribe more sensitive things than nurses By placing users on levels in such a hierarchy, and assigning data to the lowest level that may access them, we can check and control information flow
44 Hierarchies, example Dept head Group head Group head Group head Employee Employee Employee Employee Employee Employee Whatever is allowed for one level is also allowed for higher levels Thus the privileges on one level is the union of all privileges introduced at that level and all privileges on all lower levels
45 Hierarchies, example Dept head Group head Group head Group head Employee Employee Employee Employee Employee Employee Whatever is allowed for one level is also allowed for higher levels Thus the privileges on one level is the union of all privileges introduced at that level and all privileges on all lower levels However, employees can work in several departments
46 Extending from strict hierarchies: partial order Definition: A partial order on a set (of security levels) L is a relation on L L (pairs of security levels) which is reflexive for all a L, a a holds transitive for all a, b, c L, if a b and b c, then a c antisymmetric for all a, b L, if a b and b a, then a = b There may be a and b in L that don t have a relation, in which case we write a b
47 Examples: posets, and totally ordered sets The real numbers R ordered by the standard less-than-or-equal relation (this is a totally ordered set: all pairs are either,, or =) The complex numbers C ordered by on the real part (not a total order) The set of natural numbers equipped with the relation of divisibility (3 6, 5 10 but 7 25) The set of subsets of a given set (its power set) ordered by inclusion (see the figure on the right). {a,b,c} {a,b} {c,a} {b,c} {a} {b} {c} {}
48 Security level partial order Top Secret,{Army,Navy} Secret,{Army,Navy} Secret,{Army} Top Secret,{Army} Classified,{} Unclassified,{} Top Secret,{} A higher level dominates a lower one A set of categories dominates a subset When none of two sets is a subset of the other, there is no dominance relation between them So Top Secret,{Army} dominates Secret,{Army} and Top Secret,{} There is no such relation between Top Secret,{} and Secret,{A,N}, or Top Secret,{} and Secret,{A}
49 Security level lattice Top Secret,{Army,Navy} Secret,{Army,Navy} Top Secret,{Army} Top Secret,{} Given two objects at different security levels, what is the minimal security level a subject must have to be allowed to read both objects? Given two subjects at different Secret,{Army} security levels, what is the maximal security level an object Classified,{} can have while still being readable Unclassified,{} by both subjects? These questions can be answered if the structure is of a particular type: Definition: A lattice L is a partial order that for each pair of elements a and b has a least upper bound u L : a u and b u, and a greatest lower bound l L : l a and l b
50 Security level lattice Top Secret,{Army,Navy} Secret,{Army,Navy} Secret,{Army} Top Secret,{Army} Classified,{} Unclassified,{} Top Secret,{} It is not strictly necessary to use a lattice in security But it is convenient You do need to have a partial order Often (very often) the lattices used has a unique maximal element, that dominates all others and a unique minimal element that is dominated by all others These maximal and minimal security levels are called System High and System Low
51 Multi-Level Security Top Secret,{Army,Navy} Top Secret,{Army} Secret,{Army,Navy} Top Secret,{} Secret,{Army} Classified,{} Unclassified,{} In this example, we use clearance levels : Top Secret Secret Classified Unclassified and categories : Army Navy Air Force... A compartment is a set of categories The complete lattice uses (l 1, c 2 ) (l 2, c 2 ) if l 1 l 2 and c 1 c 2 This structure can describe complicated behaviour Some systems today have less of a hierarchal component
52 Example: a firewall in multi-level security System high Inside Outside System low A firewall has three levels in this description Normally, you only think of firewalls as Inside and Outside two levels of security
53 Example: a firewall in multi-level security Firewall Inside Outside DMZ A firewall has three levels in this description Normally, you only think of firewalls as Inside and Outside two levels of security In this case, you can think of the firewall itself as system high... and the DMZ as system low
54 Formal security model I: Bell-LaPadula This is the classic (always-mentioned) security policy model It is only concerned with Confidentiality It was proposed in 1973 in response to US Air Force concerns about time-sharing mainframe systems Identifies a set of core security properties that should be enforced before all others Using these core properties and some mathematical tools, it results in a security theorem
55 Mathematical model of Bell-LaPadula Top Secret,{Army,Navy} s 1 s 2 Secret,{Army,Navy} Top Secret,{Army} s 3 Subjects Secret,{Army} Classified,{} Top Secret,{} Unclassified,{} Security levels, {execute,append,read,write} Access operations o 1 o 2 o 3 Objects o 1 o 2 o 3... s 1 rw r s 2 rw s 3 rwx r : Access control matrix
56 Bell-LaPadula core property I: Simple security Simple security property (ss-property): Subject s may read object o only if f C (s) f O (o) In plain text: a subject may read an object only if the current security level of the subject is higher than or equal to the security level of the object Top Secret,{Army,Navy} Top Secret,{Army} Secret,{Army,Navy} Top Secret,{} Secret,{Army} Classified,{} Unclassified,{}
57 Simple security is not enough Simple security property (ss-property): Subject s may read object o only if f C (s) f O (o) What happens if a subject with high clearance decides to copy information from a high-level object into a low-level object? Top Secret,{Army,Navy} Top Secret,{Army} Secret,{Army,Navy} Top Secret,{} Secret,{Army} Classified,{} Unclassified,{}
58 Bell-LaPadula core property II: writing to lower levels -property ( star -property): Subject s may write to object o only if f C (s) f O (o) In plain text: a subject may write to an object only if the current security level of the subject is lower than or equal to the security level of the object Top Secret,{Army,Navy} Top Secret,{Army} Secret,{Army,Navy} Top Secret,{} Secret,{Army} X Classified,{} Unclassified,{}
59 Bell-LaPadula core properties Simple security property (ss-property): Subject s may read object o only if f C (s) f O (o) -property ( star -property): Subject s may write to object o only if f C (s) f O (o) The standard mnemonic for this is No read up No write down Top Secret,{Army,Navy} Top Secret,{Army} Secret,{Army,Navy} Top Secret,{} Secret,{Army} Classified,{} Unclassified,{}
60 Bell-LaPadula core property problem: communication between levels When the core properties are enforced, subjects with high clearance cannot communicate with lower-cleared subjects There are two possible solutions: Temporarily downgrade high-level subjects Identify a set of trusted subjects that can violate the -property Top Secret,{Army,Navy} Top Secret,{Army} Secret,{Army,Navy} Top Secret,{} Secret,{Army} Classified,{} Unclassified,{}
61 Bell-LaPadula core property problem: communication between levels When the core properties are enforced, subjects with high clearance cannot communicate with lower-cleared subjects There are two possible solutions: Temporarily downgrade high-level subjects This presupposes Identify a set that of the trusted subjects subjects have no memory, that that can they violate can only the copy -property from what they can read Not so natural with human subjects, more likely when modelling computers (that can forget on command) Top Secret,{Army,Navy} Secret,{Army,Navy} Secret,{Army} Top Secret,{Army} Classified,{} Unclassified,{} Top Secret,{}
62 Bell-LaPadula core property problem: communication between levels When the core properties are enforced, subjects with high clearance cannot communicate with lower-cleared subjects There are two possible solutions: Temporarily downgrade high-level subjects Identify a set of trusted subjects that can violate the -property Such a trusted user can, for example, declassify a secret document Top Secret,{Army,Navy} Secret,{Army,Navy} Secret,{Army} Top Secret,{Army} Classified,{} Unclassified,{} Top Secret,{}
63 Bell-LaPadula core property problem: communication between levels When the core properties are enforced, subjects with high clearance cannot communicate with lower-cleared subjects There are two possible solutions: Temporarily downgrade high-level subjects We now Identify need a way set of to trusted describe subjects temporary securitythat levels canfor violate the users the -property The current security level f C (s) handles this, and this is always less than or equal to the subject s maximal security level f S (s) Top Secret,{Army,Navy} Secret,{Army,Navy} Secret,{Army} Top Secret,{Army} Classified,{} Unclassified,{} Top Secret,{}
64 Discretionary access in Bell-LaPadula Discretionary security property (dsproperty): Subject s may access object o with operation a only if a M(s, o) In plain text: a subject may access an object only if the access is allowed by the discretionary access control matrix o 1 o 2 o 3... s 1 rw r s 2 rw s 3 rwx r : Access control matrix
65 Time in Bell-LaPadula Subjects access objects, and the accesses change over time At a given moment, a table can be written down, connecting subject s, object o, and operation a The discretionary access control matrix M is also allowed to change over time Finally, the current security levels f C and f O can also change All of this can be collected into the state of the system Bell-LaPadula becomes a finite state machine (model) start b a b b b d b e b f b c
66 Secure states in Bell-LaPadula A state is secure if all the accesses in the current access table are allowed by all three of ss-, - and ds-property This takes into account the security levels and the discretionary access control matrix M, checking against the current security level f C (s) of the state start b a b b b d b e b f b c
67 Secure transitions in Bell-LaPadula A state is secure if all the accesses in the current access table are allowed by all three of ss-, - and ds-property This takes into account the security levels and the discretionary access control matrix M, checking against the current security level f C (s) of the state start b a b b b d b e b f b c A transition is secure if it takes the model from one secure state to another
68 Secure transitions in Bell-LaPadula A state is secure if all the accesses in the current access table are allowed by all three of ss-, - and ds-property This takes into account the security levels and the discretionary access control matrix M, checking against the current security level f C (s) of the state start b a b b b d b e b f b c A transition is secure if it takes the model from one secure state to another
69 Basic security theorem of Bell-LaPadula Theorem: If all state transitions in a system are secure and if the initial state of the system is secure, then every subsequent state will be secure start b a b b b d b e b f b c The proof now is simple, the hard work is to identify (and formally define) the core properties: Simple security property (ss-property) (Subject s may read object o only if f C (s) f O (o)) -property ( star -property) (Subject s may write to object o only if f C (s) f O (o))
70 Benefits and limitations of Bell-LaPadula If a system can be described using BLP, security can be verified (formally) BLP only deals with Confidentiality There are problems when security levels change: the book speaks about tranquility and covert channels Top Secret,{Army,Navy} Top Secret,{Army} Secret,{Army,Navy} Top Secret,{} Secret,{Army} Classified,{} Unclassified,{}
71 Tranquility in Bell-LaPadula A paper from 1987 presents a BLP model where a secure state transition downgrades all objects and subjects to the lowest level enters all access rights in the ACM But the model is still secure, because of the theorem There are two opinions: Against BLP: this is obviously not what we mean with secure. Improve BLP! For BLP: this state transition is not secure from our viewpoint so it should not be allowed. Use BLP properly! No changes of security levels and access rights is called tranquility
72 Covert channels in Bell-LaPadula A covert channel is information flow outside the control of the security mechanisms In BLP, a low-level subject creates an object A high-level subject may, or may not, raise the security level of the object The low-level subject tries to read the object Failure or success tells the low-level subject if the security level changed This constitutes flow of information, and is known as a covert channel
73 Bell-LaPadula core properties Simple security property (ss-property): Subject s may read object o only if f C (s) f O (o) -property ( star -property): Subject s may write to object o only if f C (s) f O (o) The standard mnemonic for this is No read up No write down Top Secret,{Army,Navy} Top Secret,{Army} Secret,{Army,Navy} Top Secret,{} Secret,{Army} Classified,{} Unclassified,{}
Session objectives. Access control. Subjects and objects. The request. Information Security
The session Session objectives Access Control Information Security Dr Hans Georg Schaathun Introduce fundamental terminology of access control Understand principles of privilege management and identity
More informationAccess Control Basics. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Access Control Basics Murat Kantarcioglu Access Control - basic concepts An access control system regulates the operations that can be executed
More informationPart III. Access Control Fundamentals
Part III Access Control Fundamentals Sadeghi, Cubaleska @RUB, 2008-2009 Course Operating System Security Access Control Fundamentals 105 / 148 10 3.1 Authentication and Access Control 11 Examples for DAC
More informationAccess Control Matrix
Access Control Matrix List all proceses and files in a matrix Each row is a process ( subject ) Each column is a file ( object ) Each matrix entry is the access rights that subject has for that object
More informationDAC vs. MAC. Most people familiar with discretionary access control (DAC)
DAC vs. MAC Most people familiar with discretionary access control (DAC) - Example: Unix user-group-other permission bits - Might set a fileprivate so only groupfriends can read it Discretionary means
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationAccess Control Models Part I. Murat Kantarcioglu UT Dallas
UT DALLAS Erik Jonsson School of Engineering & Computer Science Access Control Models Part I Murat Kantarcioglu UT Dallas Introduction Two main categories: Discretionary Access Control Models (DAC) Definition:
More informationIntroduction to Computer Security
Introduction to Computer Security Access Control and Authorization Pavel Laskov Wilhelm Schickard Institute for Computer Science Resource access recapitulated 1. Identification Which object O requests
More information... Lecture 3 Access Control. Information & Communication Security (WS 14/15) Prof. Dr. Kai Rannenberg
Lecture 3 Access Control Information & Communication Security (WS 14/15) Prof. Dr. Kai Rannenberg Deutsche Telekom Chair of Mobile Business & Multilateral Security Goethe-University Frankfurt a. M. Introduction
More informationInformation Security Information & Network Security Lecture 2
1 Information Security Information & Network Security Lecture 2 David Weston Birkbeck, University of London Autumn Term 2 Security Policies 3 Introduction So you ve succeeded as SO in convincing people
More informationInformation Flows and Covert Channels
Information Flows and Covert Channels Attila Özgit METU, Dept. of Computer Engineering ozgit@metu.edu.tr Based on: Mike McNett s presentation slides CENG-599 Data Security and Protection Objectives Understand
More informationRole Based Access Control: Adoption and Implementation in the Developing World
Role Based Access Control: Adoption and Implementation in the Developing World By Loy A.K. Muhwezi Master s Thesis in Computer Science Thesis number: Supervised By Dr. Martijn Oostdijk Radboud University
More informationCIS 551 / TCOM 401 Computer and Network Security
CIS 551 / TCOM 401 Computer and Network Security Spring 2007 Lecture 3 1/18/07 CIS/TCOM 551 1 Announcements Email project groups to Jeff (vaughan2 AT seas.upenn.edu) by Jan. 25 Start your projects early!
More informationCSE543 - Introduction to Computer and Network Security. Module: Access Control
CSE543 - Introduction to Computer and Network Security Module: Access Control Professor Trent Jaeger 1 Policy A policy specifies the rules of security Some statement of secure procedure or configuration
More informationDatabase Security Part 7
Database Security Part 7 Discretionary Access Control vs Mandatory Access Control Elisa Bertino bertino@cs.purdue.edu Discretionary Access Control (DAC) No precise definition Widely used in modern operating
More informationCIS 551 / TCOM 401 Computer and Network Security. Spring 2005 Lecture 4
CIS 551 / TCOM 401 Computer and Network Security Spring 2005 Lecture 4 Access Control: The Big Picture Objects - resources being protected E.g. files, devices, etc. Subjects - active entities E.g. processes,
More informationRole Based Access Control (RBAC) Nicola Zannone
Role Based Access Control (RBAC) Nicola Zannone 1 DAC and MAC Discretionary Access Control (DAC) Access control determined by the owner of an object Oner can delegate access rights to other users Access
More informationAccess Control. ITS335: IT Security. Sirindhorn International Institute of Technology Thammasat University ITS335. Access Control.
ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 10 October 2013 its335y13s2l04, Steve/Courses/2013/s2/its335/lectures/access.tex,
More informationHow To Model Access Control Models In Cse543
CSE543 - Introduction to Computer and Network Security Module: Access Control Models Professor Patrick McDaniel Fall 2008 1 Access Control Models What language should I use to express policy? Access Control
More informationINFO/CS 330: Applied Database Systems
INFO/CS 330: Applied Database Systems Introduction to Database Security Johannes Gehrke johannes@cs.cornell.edu http://www.cs.cornell.edu/johannes Introduction to DB Security Secrecy:Users should not be
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationDatabase Security. Chapter 21
Database Security Chapter 21 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed to. E.g., A student can t see other students grades. Integrity: Users should
More informationBell & LaPadula Model Security Policy Bell & LaPadula Model Types of Access Permission Matrix
1 Security Policy A document that expresses clearly and concisely what the protection mechanisms are to achieve A statement of the security we expect the system to enforce Bell & LaPadula Model Formalization
More informationCS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University
CS377: Database Systems Data Security and Privacy Li Xiong Department of Mathematics and Computer Science Emory University 1 Principles of Data Security CIA Confidentiality Triad Prevent the disclosure
More informationSecurity and Authorization. Introduction to DB Security. Access Controls. Chapter 21
Security and Authorization Chapter 21 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke 1 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed
More informationAccess Control Intro, DAC and MAC. System Security
Access Control Intro, DAC and MAC System Security System Security It is concerned with regulating how entities use resources in a system It consists of two main phases: Authentication: uniquely identifying
More informationOutline. INF3510 Information Security University of Oslo Spring 2015. Lecture 9 Identity Management and Access Control. The concept of identity
INF50 Information Security University of Oslo Spring 05 Outline Identity and access management concepts Identity management models Access control models (security models) Lecture 9 Identity Management
More informationCSE331: Introduction to Networks and Security. Lecture 34 Fall 2006
CSE331: Introduction to Networks and Security Lecture 34 Fall 2006 Announcements Problem with Crypto.java Look for a new Crypto.java file later today Project 4 is due Dec. 8th at midnight. Homework 3 is
More informationIntroduction to Computer Security
Introduction to Computer Security Authentication and Access Control Pavel Laskov Wilhelm Schickard Institute for Computer Science Resource access: a big picture 1. Identification Which object O requests
More informationAccess Control Fundamentals
C H A P T E R 2 Access Control Fundamentals An access enforcement mechanism authorizes requests (e.g., system calls) from multiple subjects (e.g., users, processes, etc.) to perform operations (e.g., read,,
More informationCOSC344 Database Theory and Applications. Lecture 23 Security and Auditing. COSC344 Lecture 23 1
COSC344 Database Theory and Applications Lecture 23 Security and Auditing COSC344 Lecture 23 1 Overview Last Lecture Indexing This Lecture Database Security and Auditing Security Mandatory access control
More informationDocument Management System Security
Document Management System Security Jonas Birmé birme@cs.umu.se January 24, 2005 20 credits Umeå University Department of Computing Science SE-901 87 UMEÅ SWEDEN Abstract A common demand today is that
More informationCS 665: Computer System Security. Designing Trusted Operating Systems. Trusted? What Makes System Trusted. Information Assurance Module
CS 665: Computer System Security Designing Trusted Operating Systems Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Trusted? An operating system is
More informationLecture 14 Towards Trusted Systems Security Policies and Models
Lecture 14 Towards Trusted Systems Security Policies and Models Thierry Sans 15-349: Introduction to Computer and Network Security domains Definition of MAC MAC (Mandatory Access Control) A set of access
More informationTrusted RUBIX TM. Version 6. Multilevel Security in Trusted RUBIX White Paper. Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM TEL +1-202-412-0152
Trusted RUBIX TM Version 6 Multilevel Security in Trusted RUBIX White Paper Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM Infosystems Technology, Inc. 4 Professional Dr - Suite 118 Gaithersburg, MD
More informationSecurity and Cryptography 1. Stefan Köpsell, Thorsten Strufe. Module 8:Access Control and Authentication
Security and Cryptography 1 Stefan Köpsell, Thorsten Strufe Module 8:Access Control and Authentication Disclaimer: large parts from Stefan Katzenbeisser, Günter Schäfer Dresden, WS 14/15 Reprise from the
More informationDatabase Security. Soon M. Chung Department of Computer Science and Engineering Wright State University schung@cs.wright.
Database Security Soon M. Chung Department of Computer Science and Engineering Wright State University schung@cs.wright.edu 937-775-5119 Goals of DB Security Integrity: Only authorized users should be
More informationRole-based access control. RBAC: Motivations
Role-based access control 1 RBAC: Motivations Complexity of security administration For large number of subjects and objects, the number of authorizations can become extremely large For dynamic user population,
More informationINF3510 Information Security University of Oslo Spring 2016. Lecture 9 Identity Management and Access Control
INF3510 Information Security University of Oslo Spring 2016 Lecture 9 Identity Management and Access Control University of Oslo Spring 2016 Outline Identity and access management concepts Identity management
More informationLecture II : Communication Security Services
Lecture II : Communication Security Services Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University 2 What is Communication
More informationChapter 14: Access Control Mechanisms
Chapter 14: Access Control Mechanisms Access control lists Capabilities Locks and keys Ring-based access control Propagated access control lists Slide #14-1 Overview Access control lists Capability lists
More informationDistributed File Systems Part I. Issues in Centralized File Systems
Distributed File Systems Part I Daniel A. Menascé File Naming Issues in Centralized File Systems c:\courses\cs571\procs.ps (MS-DOS) /usr/menasce/courses/cs571/processes.ps (UNIX) File Structure bitstream
More informationMandatory Access Control Systems
CSE497b Introduction to Computer and Network Security - Spring 2007- Professor Jaeger Mandatory Access Control Systems CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger
More informationHow To Make A Trustless Certificate Authority Secure
Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security Slides adapted from Radia Perlman s slides Key Distribution - Secret Keys What if
More informationSECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E)
SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E) 2 LECTURE OUTLINE Threats and countermeasures Access control mechanisms SQL s grant and revoke Role of views 3 THREATS What are the threats? Loss of integrity
More informationAccess Control. Dr George Danezis (g.danezis@ucl.ac.uk)
Access Control Dr George Danezis (g.danezis@ucl.ac.uk) Resources Key paper: Carl E. Landwehr: Formal Models for Computer Security. ACM Comput. Surv. 13(3): 247-278 (1981) See references to other optional
More informationCS 4803 Computer and Network Security
Access to general objects CS 4803 Computer and Network Security Memory protection is only one example Need a way to protect more general objects Before we begin, some design principles Alexandra (Sasha)
More informationAccess Control: Policies, Models, and Mechanisms
Access Control: Policies, Models, and Mechanisms Pierangela Samarati 1 and Sabrina De Capitani di Vimercati 2 1 Dipartimento di Tecnologie dell Informazione Università di Milano Via Bramante 65 263 - Crema
More informationAccess Control: Policies, Models, and Mechanisms
Access Control: Policies, Models, and Mechanisms Pierangela Samarati and Sabrina de Capitani di Vimercati 2 Dipartimento di Tecnologie dell Informazione, Università di Milano Via Bramante 65, 263 Crema
More informationModule 7 Security CS655! 7-1!
Module 7 Security CS655! 7-1! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed
More informationDatabase Security and Authorization
Database Security and Authorization 1 Database Security and Authorization 1.1 Introduction to Database Security Issues 1.2 Types of Security 1.3 Database Security and DBA 1.4 Access Protection, User Accounts,
More informationExamples oflattices in Computer Security Models
~-~p~pr~o~v~ed~fo-r-r""'el""e-a-s e...,...by...,...n"""s,..."a-o-n... 1 2..._... 0..,.1...,-2... 0,...,1...,.1"""",T=r-a-n-sp-a-r-e-n-cy-C="""a-se""""#"""""63""'8~5:a Examples oflattices in Computer Security
More informationIdentity Management and Access Control
and Access Control Marek Rychly mrychly@strathmore.edu Strathmore University, @ilabafrica & Brno University of Technology, Faculty of Information Technology Enterprise Security 7 December 2015 Marek Rychly
More informationReference Guide for Security in Networks
Reference Guide for Security in Networks This reference guide is provided to aid in understanding security concepts and their application in various network architectures. It should not be used as a template
More informationADO and SQL Server Security
ADO and SQL Server Security Security is a growing concern in the Internet/intranet development community. It is a constant trade off between access to services and data, and protection of those services
More informationCIS433/533 - Computer and Network Security Operating System Security
CIS433/533 - Computer and Network Security Operating System Security Professor Kevin Butler Winter 2010 Computer and Information Science OS Security An secure OS should provide (at least) the following
More informationWhat is Auditing? Auditing. Problems. Uses. Audit System Structure. Logger. Reading: Chapter 24. Logging. Slides by M. Bishop are used.
Reading: Chapter 24 Auditing Slides by M. Bishop are used What is Auditing? Logging» Recording events or statistics to provide information about system use and performance Auditing» Analysis of log records
More informationCSE543 - Introduction to Computer and Network Security. Module: Reference Monitor
CSE543 - Introduction to Computer and Network Security Module: Reference Monitor Professor Trent Jaeger 1 Living with Vulnerabilities So, software is potentially vulnerable In a variety of ways So, how
More informationMandatory Access Control
CIS/CSE 643: Computer Security (Syracuse University) MAC: 1 1 Why need MAC DAC: Discretionary Access Control Mandatory Access Control Definition: An individual user can set an access control mechanism
More informationNetwork Security: Public Key Infrastructure
Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu CSG254: Network Security Slides adapted from Radia Perlman s slides Key Distribution - Secret Keys
More informationUniversity of Cambridge
University of Cambridge Computer Laboratory ESSAYS ABOUT COMPUTER SECURITY Prof. E. Stewart Lee Director Centre for Communications Systems Research Cambridge Cambridge, 1999 Preface The purpose of these
More informationDATABASE MANAGEMENT SYSTEM
REVIEW ARTICLE DATABASE MANAGEMENT SYSTEM Sweta Singh Assistant Professor, Faculty of Management Studies, BHU, Varanasi, India E-mail: sweta.v.singh27@gmail.com ABSTRACT Today, more than at any previous
More informationSecurity Models: Past, Present and Future
Security Models: Past, Present and Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio August 2010 ravi.sandhu@utsa.edu www.profsandhu.com
More informationCEN 559 Selected Topics in Computer Engineering. Dr. Mostafa H. Dahshan KSU CCIS mdahshan@ccis.ksu.edu.sa
CEN 559 Selected Topics in Computer Engineering Dr. Mostafa H. Dahshan KSU CCIS mdahshan@ccis.ksu.edu.sa Access Control Access Control Which principals have access to which resources files they can read
More informationAn Oracle White Paper March 2009. Oracle Label Security in Government and Defense Environments
An Oracle White Paper March 2009 Oracle Label Security in Government and Defense Environments Protecting Sensitive Information... 2 Oracle Label Security Overview... 2 Getting Started with Oracle Label
More informationITM661 Database Systems. Database Security and Administration
ITM661 Database Systems Database Security and Administration Outline Introduction to Database Security Issues Types of Security Threats to databases Database Security and DBA Access Protection, User Accounts,
More informationNew Security Options in DB2 for z/os Release 9 and 10
New Security Options in DB2 for z/os Release 9 and 10 IBM has added several security improvements for DB2 (IBM s mainframe strategic database software) in these releases. Both Data Security Officers and
More informationFilesystem Security. General Principles
Filesystem Security 1 General Principles Files and folders are managed by the operating system Applications, including shells, access files through an API Access control entry (ACE) Allow/deny a certain
More informationCryptography: RSA and Factoring; Digital Signatures; Ssh
Cryptography: RSA and Factoring; Digital Signatures; Ssh Greg Plaxton Theory in Programming Practice, Spring 2005 Department of Computer Science University of Texas at Austin The Hardness of Breaking RSA
More informationComputer Security. What is Auditing? Policies CIS 5370. Prevention Deterrence. Detection. Response Recovery 2. Auditing Chapter 24.
Computer Security CIS 5370 Auditing Chapter 24 1 A Comprehensive Security Program Prevention Deterrence Policies Detection monitoring Architectures auditing Tools Response Recovery 2 What is Auditing?
More informationWhat is Auditing? IT 4823 Information Security Administration. Problems. Uses. Logger. Audit System Structure. Logging. Auditing. Auditing November 7
IT 4823 Information Security Administration Auditing November 7 What is Auditing? Logging Recording events or statistics to provide information about system use and performance Auditing Analysis of log
More informationMCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory. Chapter 11: Active Directory Certificate Services
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 11: Active Directory Certificate Services Objectives Describe the components of a PKI system Deploy the Active Directory
More informationDocument Management Getting Started Guide
Document Management Getting Started Guide Version: 6.6.x Written by: Product Documentation, R&D Date: February 2011 ImageNow and CaptureNow are registered trademarks of Perceptive Software, Inc. All other
More informationFundamentals of Computer Security
Fundamentals of Computer Security Spring 2015 Radu Sion Access Control 2005-15 Portions copyright by Matt Bishop and Wikipedia. Used with permission Overview Access Control Matrix Model Protection State
More informationRaid storage. Raid 0: Striping. Raid 1: Mirrored
Raid storage Raid 0: Striping Good I/O performance if spread across disks (equivalent to n disk heads think of virtual disk RPM) Simple, easy to implement absolutely no resiliency failure of one disk is
More informationTELE 301 Lecture 7: Linux/Unix file
Overview Last Lecture Scripting This Lecture Linux/Unix file system Next Lecture System installation Sources Installation and Getting Started Guide Linux System Administrators Guide Chapter 6 in Principles
More informationAccess Control. 1 Overview of Access Control. Lecture Notes (Syracuse University) Access Control: 1. What is Access Control?
Lecture Notes (Syracuse University) Access Control: 1 Access Control 1 Overview of Access Control What is Access Control? The ability to allow only authorized users, programs or processes system or resource
More informationThe Asbestos Operating System
p. 1/26 The Asbestos Operating System Petros Efstathopoulos, Maxwell Krohn, Steve VanDeBogart, Cliff Frey, Martijn Stevenson, Nickolai Zeldovich, David Ziegler, Eddie Kohler, David Mazières, Frans Kaashoek,
More information? Resource. Access Control and Operating System Security. Access control matrix. Access control. Capabilities. Two implementation concepts.
Access Control and Operating System Security John Mitchell Outline Access Control Concepts Matrix, ACL, Capabilities Multilevel security (MLS) OS Mechanisms Multics Ring structure Amoeba Distributed, capabilities
More informationPASSWORD MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region
PASSWORD MANAGEMENT February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationConfining the Apache Web Server with Security-Enhanced Linux
Confining the Apache Web Server with Security-Enhanced Linux Michelle J. Gosselin, Jennifer Schommer mgoss@mitre.org, jschommer@mitre.org Keywords: Operating System Security, Web Server Security, Access
More informationUser Guide. You will be presented with a login screen which will ask you for your username and password.
User Guide Overview SurfProtect is a real-time web-site filtering system designed to adapt to your particular needs. The main advantage with SurfProtect over many rivals is its unique architecture that
More informationBest Practices, Procedures and Methods for Access Control Management. Michael Haythorn
Best Practices, Procedures and Methods for Access Control Management Michael Haythorn July 13, 2013 Table of Contents Abstract... 2 What is Access?... 3 Access Control... 3 Identification... 3 Authentication...
More informationJones & Bartlett Learning, LLC NOT FOR SALE OR DISTRIBUTION
Sharing Files Chapter 4 NOT ABOUT FOR SALE THIS OR CHAPTER DISTRIBUTION In this chapter, we work with the mechanisms provided by operating systems like Unix and Windows to protect files and folders. We
More informationRole-Based Access Control (RBAC)
CIS/CSE 785: Computer Security (Syracuse University) RBAC: 1 1 Motivation Role-Based Access Control (RBAC) With many capabilities and privileges in a system, it is difficult to manage them, such as assigning
More informationAlthough Mac OS X is primarily known for its GUI, the under pinnings are all Unix. This
BE Computing Web Tutorials: Server Commands Server Commands Indluded: 1. Basic Command Line Tutorial Although Mac OS X is primarily known for its GUI, the underpinnings are all Unix. This tutorial will
More informationProject 3.0 - Overview
COS 318: Operating Systems Security and Privacy Prof. Margaret Martonosi Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall11/cos318/ Announcements Precept
More informationAUTHENTICATION AND ACCESS CONTROL BEST PRACTICES FOR HEALTHCARE SYSTEMS
AUTHENTICATION AND ACCESS CONTROL BEST PRACTICES FOR HEALTHCARE SYSTEMS Lamaris Davis ICTN6865 East Carolina University Abstract Securing EHR s continue to be a huge problem for all health care organizations.
More information? Resource. Outline. Access Control and Operating System Security. Access control. Access control matrix. Capabilities. Two implementation concepts
Access Control and Operating System Security John Mitchell Outline Access Control Matrix, ACL, Capabilities Multilevel security (MLS) OS Policies Multics Ring structure Unix File system, Setuid Windows
More informationA Comparative Study of Security Features in FreeBSD and OpenBSD
Department of Computer Science Magnus Persson A Comparative Study of Security Features in FreeBSD and OpenBSD Master s Thesis 2006:02 A Comparative Study of Security Features in FreeBSD and OpenBSD Magnus
More informationIT Support Tracking with Request Tracker (RT)
IT Support Tracking with Request Tracker (RT) Archibald Steiner AfNOG 2013 LUSAKA Overview What is RT? A bit of terminology Demonstration of the RT web interface Behind the scenes configuration options
More informationSecurity IIS Service Lesson 6
Security IIS Service Lesson 6 Skills Matrix Technology Skill Objective Domain Objective # Configuring Certificates Configure SSL security 3.6 Assigning Standard and Special NTFS Permissions Enabling and
More informationSEER Enterprise Shared Database Administrator s Guide
SEER Enterprise Shared Database Administrator s Guide SEER for Software Release 8.2 SEER for IT Release 2.2 SEER for Hardware Release 7.3 March 2016 Galorath Incorporated Proprietary 1. INTRODUCTION...
More informationDIVISION OF INFORMATION SECURITY (DIS)
DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Information Systems Acquisitions, Development, and Maintenance v1.0 October 15, 2013 Revision History Update this table every time a new
More informationCryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur
Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Module No. # 01 Lecture No. # 05 Classic Cryptosystems (Refer Slide Time: 00:42)
More informationAccess control policy: Role-based access
Access control policy: Role-based access As subjects (a person or automated agent) often change roles within an organization, it is best to define an access control policy based on the roles they play.
More informationFormal Specification of an Access Control System
Formal Specification of an Access Control System Susan Stepney and Stephen P. Lord GEC-Marconi Research Centre, Chelmsford,UK. SUMMARY Computing facilities networked together but controlled by different
More informationSQL Server Hardening
Considerations, page 1 SQL Server 2008 R2 Security Considerations, page 4 Considerations Top SQL Hardening Considerations Top SQL Hardening considerations: 1 Do not install SQL Server on an Active Directory
More informationFirewalls CSCI 454/554
Firewalls CSCI 454/554 Why Firewall? 1 Why Firewall (cont d) w now everyone want to be on the Internet w and to interconnect networks w has persistent security concerns n can t easily secure every system
More information