U4. Harrison–Ruzzo–Ullman

Descripción

Masters Comp Sec Mapa Mental sobre U4. Harrison–Ruzzo–Ullman, creado por Craig Parker el 01/12/2013.
Craig Parker
Mapa Mental por Craig Parker, actualizado hace más de 1 año
Craig Parker
Creado por Craig Parker hace casi 11 años
41
0

Resumen del Recurso

U4. Harrison–Ruzzo–Ullman
  1. BLP - no policies for changing access rights or creation and deletion of subjects and objects
    1. HRU addresses these issues
      1. Not an alternative to BLP, it captures a different set of Policies
    2. HRU defines six primitive operations for manipulating subjects, objects and the access matrix
      1. enter access right into Matrix
        1. delete access right from Matrix
          1. create subject s
            1. delete subject s
              1. create object o
                1. delete object o
                  1. Using these primitive operations, you can build up more complex commands to allow a variety of functions to be carried out
                  2. Access rights
                    1. Read, Write, Own
                      1. Owners can manipulate their objects
                      2. access matrix describes the state of the system
                        1. commands effect changes in the access
                          1. HRU can model policies for allocating access rights
                          2. Leakage and Safety
                            1. Leakage
                              1. An access matrix M is said to leak the right a if there exists a command c that adds a into a position of the access matrix that previously did not contain a.
                              2. Safety
                                1. An access matrix M is said to be safe with respect to the right a if no sequence of commands can transform M into a state that leaks a.
                                  1. Difficult to decide if the model is safe
                                    1. This introduces the concept of Decidability
                                      1. A problem is called undecidable if there is no algorithm that can guarantee to provide a solution to every instance of the problem
                                        1. No algorithm can possibly exist to solve every instance of the problem
                                          1. Decidability relates to every instance of the problem.
                                            1. The more expressive the security model, the more difficult it is to verify security
                                              1. Linked to the 3rd Fundamental design decision - Complexity or Assurance
                                      2. the Concepts of 'leakage' and 'safety' are specifically concerned with whether existing rights can be used to add unsafe access rights to the matrix
                                        1. To verify compliance with policy
                                          1. check that no undesirable access rights can be granted
                                        Mostrar resumen completo Ocultar resumen completo

                                        Similar

                                        U2.1 Comp Sec: deals with prevention & detection of unauthorised actions by users of a comp system
                                        Craig Parker
                                        U3.2 Access Control Structures
                                        Craig Parker
                                        U3. Labels & Access Control
                                        Craig Parker
                                        U2.2 Fundamentals
                                        Craig Parker
                                        U3.1 Access Control
                                        Craig Parker
                                        U3.3 Administration
                                        Craig Parker
                                        U4. Security Models & Policy
                                        Craig Parker
                                        U4. Bell-LaPladula
                                        Craig Parker
                                        U4. Biba
                                        Craig Parker
                                        U4. Further Aspects of BLP
                                        Craig Parker
                                        U4. Chinese Wall
                                        Craig Parker