security models and policies-信息安全概论-课件-02
合集下载
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Send
Alice Execute Receive
Bob
Own
Disable
Register
Read Write
Process Own
Read
ExecFra Baidu bibliotekte
Reset
Stop Resume
Write
Hold
Mary Create
Read
Update Create Destroy
November 25, 2008
A secure system is a system that starts in a secure state and can never enter into an insecure state
A breach of security occurs when a system enters into an insecure state from a secure state
November 25, 2008
Copyright © 2008 by Jingsha He
‹#8›
Types of Security
Confidentiality
Subject S can never obtain information I → Information I possesses the property of confidentiality to subject S
State transitions
X ├* Y
Operations
Create subject, create object Enter right, delete right Destroy subject, destroy object
November 25, 2008
Copyright © 2008 by Jingsha He
‹#1›
Fact of the Lecture
Much of bank security relies on the existence of “temper-proof” technologies, either by relying on physical isolation of systems or by building a system that would self-destruct if tempered with. However, temper resistance is almost impossible to achieve in a public environment.
November 25, 2008
Copyright © 2008 by Jingsha He
‹#4›
Access Control Matrix Model
Model components
An access control matrix M A set of subjects: S
Active entities: users, processes, threads, etc.
A set of objects: O
Protected entities: registers, files, devices, processes, etc.
Access rights
read, write, execute, own send, receive increment, decrement, etc.
State
The collection of the current values of all the cells of temporary and permanent storages in a system
Formal description
P: all possible states Q: a subset of secure states Security policy
November 25, 2008
Copyright © 2008 by Jingsha He
‹#2›
Fundamentals
Security Models and Policies
November 25, 2008
Copyright © 2008 by Jingsha He
‹#3›
Protection State
‹#7›
Security Policies
Definitions
A security policy is a statement that partitions the states of a system into a set of secure states and a set of insecure states.
Protection state
(S, O, M)
November 25, 2008
Copyright © 2008 by Jingsha He
‹#5›
An Example of Access Control Matrix
File
Device
John
Read
Control
Henry
Write
Copyright © 2008 by Jingsha He
‹#6›
Dynamics of Protection States
State transition
Initial state: X0 = (S0, O0, M0) Operations: Π1, Π2, … Xi ├πi+1 Xi+1
Introduction to Information Security
Prof. Jingsha He School of Software Engineering Beijing University of Technology
November 25, 2008
Copyright © 2008 by Jingsha He
For describing the security states in Q
Security mechanism
For enforcing a stated policy to prevent a system from entering a state outside of Q, i.e., into P-Q