access control 2

Question 1

remind me what’s the goal of an access control mechanism , and er also can I have 2 examples

Answer 1

Access control mechanisms of a system enforce security policies by ensuring the system stays within
authorized states.
• If the mechanisms fail, the system may enter into an unauthorized state.

In Unix/Linux, a user may be granted access to raw read/write to a disk. This will bypass the protection imposed by the file system access control mechanism.
• Shared memory: some systems do not clear shared memory between use, so data may be exposed to unauthorized subjects.

Question 2

what is SPR

Answer 2

S is the set of all possible states
P is the subset of S authorised by the policies
R is the subset of S that is reachable with the security mechanism

Question 3

under SPR, when is the system secure. and when is it precise.

Answer 3

the system is secure if R is a subset of P
the system is precise (not overprotective) if R = P
also dude just take a screenshot of the diagram.

Question 4

what are the different levels of sharing

Answer 4

1. angry kid who keeps wig
2. happy kid creates copies his wig on pieces of paper and gives it out
3. happy kid gives out original versions of his wig
4. happy kid goes into strangers car

No sharing (complete isolation)
 Sharing copies of data objects.
 Sharing originals of data objects.
 Sharing untrusted programs.

each level of sharing has different security problems

Question 5

why do sharing problems not fall under the scope of an access control policy

Answer 5

it transfers information, not rights to
access objects.
• It is an information flow problem.

Question 6

TROJAN HORSE. what is a horsehair wig

Answer 6

a wig that’s scratchy and made out of horsehair. if bucktha puts it on, it is now able to do what bucktha can do. it can destroy zhonghua. Like spyware and viruses

 A Trojan Horse performs functions not described in its
(advertised) specifications.
 If a Trojan Horse is executed by a principal, it will take on the privileges associated with that principal.
 This is the case in Unix and Windows systems.
 A Trojan Horse can misuse the rights belonging to the calling principals to copy, misuse or destroy data.
 Examples: malwares, viruses, spyware, etc.

Question 7

what is confinement

Answer 7

Even if a “borrowed” program is confined (e.g., the sandboxing mechanism in Java) so it only has limited access to objects, it can still transmit data that it receives from the calling principal.
A user downloads and executes a software for filing tax return. Suppose the software is executed in a confined environment (e.g., virtual machine in Java), with limited access to the general system.
The user still needs to provide confidential financial data for the software to process. A malicious software may leak this confidential data.

Question 8

what is mutual suspicion. it’s like the piracy problem when I legally download a game but can make a pirated copy of it lol.

Answer 8

The borrower of the program may be worried that the program steals data.
But the owner of the program may also be worried that the program can be copied without permission.

Question 9

what are the general mechanisms for access control problems

Answer 9

1. brent gets more rights than simone
2. if you buy a wig, as a thinning brent, even, you get a receipt that says you OWN it
3. there’s a list of the brents who own shit

Access Hierarchies: Automatically give privileged subjects a superset of the rights of less privileged subjects
Capabilities: “Tickets” for objects; possession of a capability unconditionally
authorizes the holder access to the
object.
Access control list: Lists of subjects having access rights
to some particular objects.

Question 10

what is the revocation of rights problem

Answer 10

Subjects may grant rights (capabilities) to other subjects; subjects may grant the right to grant rights.
In systems where rights can be transferred, revocation of rights can trigger cascading revocation

Question 11

In Unix, each file has an ACL with three entries corresponding to:

Answer 11

1. The owner’s access right
2. The access rights of all users in the owner’s group
3. The access rights of all others.
   it’s that -rwxr-xr-r shit
   okay look just look at the tutorial okay

Question 12

who grants the security policies that specify how buckthas are granted access to wigs

Answer 12

whoever the fuck owns zhonghua, discretionary
or whoever owns all the schools bruh, like er MOE

 The owner of a resource, who may decree who is allowed access; such policies are called
discretionary as access control is at the owner’s discretion.
 A system-wide policy decreeing who is allowed access; such policies are called mandatory.

Question 13

what is discretionary access control.

Answer 13

access control based on policies that refer to user identities. this is sometimes called identity based access control (IBAC)

Question 14

what is mandatory access control

Answer 14

Access control based on policies that refer to security labels (confidential, top secret)

Question 15

when are direct mappings between subjects/principals and objects impractical

Answer 15

In large organisations, with large number of users and objects to control

Question 16

what are some intermediate layers between subjects and objects. okay, I guess picture a circle of a large number of buckthas and wigs in an organisation. the air smells of neroli lemongrass. it’s dim and candlelit.

Answer 16

1. groups and negative permissions
2. roles
3. protection rings

in the middle of the circle there is a man with a caved in head. He rolls on the floor in pain. pain, bread. french bread. he’s rolling out some french bread on the floor. hear his screams. on the floor there is also a glittering object. pick it up, wipe the blood off and see that some blood can’t come out of the grooves.
it was supposed to protect me, he says, writhing on the floor, the baguette becoming more french by the minute

Question 17

what is indirect mappings between subjects and objects in access control

Answer 17

principals of different primary schools will be grouped by district or by importance of primary school.

wigs will be grouped by colour and fullness.

the groups containing principals and the groups containing wigs are linked by procedures.

Question 18

Talk about scaling up IBAC

Answer 18

IBAC does not scale well and will incur an “identity management” overhead

Alice and Bob are students in a large class; teacher wants to give students access to some documents.
 Putting all names into several ACLs is tedious so the teacher defines a group, declares the students to be members of group, and puts group into the ACLs.
 Access rights are often defined for groups:
 Unix: owner, group, others

Question 19

what are negative permissions

Answer 19

to handle exceptions, negative permissions withdraw rights.

Question 20

what is a role

Answer 20

a role is a collection of procedures assigned to users, a user can have more than one role and more than one user can have the same role. Bucktha’s can have the role “cool bucktha” and get a cool leather jacket and a the procedure to sell meth

Question 21

what is role based access control

Answer 21

‘High level’ access operations with a more complex semantic than read or write;
procedures can only be applied to objects of certain data types.
• Example: Funds transfer between bank accounts.
• Roles are a good match for typical access control requirements in business.
• RBAC typically found at the application level.

e.g. if I’m a software developer in a large bank. i don’t have access to the database where upper management interferes with the political regime in developing countries

Question 22

what is the difference between group and role

Answer 22

group is a set of users, and they’re less stable (like the good place dorks, we call em not stable cos people resign very fast).

role is a set of procedures, tends to be more stable, this defins the necessary functions in the organisation rather than the organisation structures.
The french bread creates a structured bagettte empire where all french breads have parts to play and not play. Rise, like the yeast that made you made you.

Question 23

What is privileged mode

Answer 23

Gives a supervisor an access to every object in the system “root” in UNIX, “admin” in windows

also look at the image of the rings.

Question 24

how did windows get fucked by french count dooku

Answer 24

• In Windows, rendering of TrueType font is done in the kernel space (ring 0).
• The font is basically an executable script
• Specially crafted documents (Word file for example) can embed malicious codes in fonts,
which would then be executed in the kernel protection ring.
• Bug exploited by the ‘Duqu’ malware in 2011