Q4 Access Control Models Flashcards
(6 cards)
Discuss the pros of DAC
▪ Flexibility: Users have significant control over the permissions of resources they own, making it easy for individuals or small groups to manage their own data sharing.
▪ Ease of Use: DAC models, like Unix permissions, are relatively simple to understand and manage at a basic level for resource owners.
Discuss the cons of DAC
▪ Less Secure: Users can grant excessive permissions, potentially accidentally or maliciously, leading to unauthorized access or propagation of malware (“Trojan Horse” problem). The security depends heavily on the vigilance and correctness of individual users.
▪ No Strict Information Flow Control: It’s difficult to guarantee strict policies about how information flows through the system based on sensitivity.
Discuss the pros of MAC
▪ Higher Security Assurance: Provides stronger guarantees about security policies and information flow because access is controlled by system-wide rules based on labels and clearances, not user discretion. This helps prevent unauthorized information disclosure or modification.
▪ Stronger Policy Enforcement: Policies are centrally defined and enforced by the system, preventing users from making mistakes or deliberately undermining security.
Discuss the cons of MAC
▪ Less Flexible: Can be very rigid and difficult to adapt to dynamic or varied access needs compared to DAC.
▪ Complexity: Implementing and managing MAC systems is significantly more complex, requiring careful labeling of all objects and subjects, and defining system-wide policies. This often requires expert administrators.
▪ User Burden: Users might find MAC systems cumbersome if their workflows are restricted by the strict policies, and they cannot easily share resources outside predefined rules.
What is Discretionary Access Control?
Access based on identity of user
Users can often pass permissions on to others.
Subject-centered.
Unix/Linux (Example).
What is Mandatory Access Control?
Access based on sensitivity labels assigned to objects
Formal auth assigned to subjects.
System enforces the policy, and users cannot override it or pass on access.
Object-centered.
SELinux (example).