|
Security policy:
Is a set of rules, practices and procedures dictating how sensitive information is managed, protected and distributed.
Multilevel security policy - Security policies that prevent information from flowing from a high security level to a lower security level.
Least privilege:
Means that a resource, process has no more privileges than necessary to be able to fulfil its functions.
Layering:
A structured and hierarchical architecture that has the basic functionality taking place at lower layers and more complex functions at the higher layers.
Data hiding:
When it is required that processes in different layers do not communicate, therefore, they are not supplied with interfaces to interact with each other.
Abstraction:
When a class of objects is assigned specific permissions and acceptable activities are defined. This makes management of different objects easier because classes can be dealt with instead of each and every individual object.
Security Models
Maps the abstract goals of the policy to information systems terms by specifying explicit data structures and techniques necessary to enforce the security policy.
State machine model:
To verify the security of a system, the state is used, which means all current permissions and all current instances of subjects accessing objects must be captured.
State transitions - Activities that can alter a state.
A system that has employed a state machine model will be in a secure state in each and every instance of its existence. It will boot up into a secure state, execute commands and transactions securely, and will allow subjects to access resources only in secure states.
Bell-Lapuda model:
Address concerns about system security and leakage of classified information.
Multilevel security system - A system that employs the Bell-Lapuda model, where users with different clearances use the systems and the systems process data with different classifications.
The level at which information is classified determines the handling procedures that should be used -> forms a lattice.
Lattice - Is an upper bound and lower bound of authorized access.
Is a state machine model enforcing the confidentiality aspects of access control.
An access control matrix and security levels are used to determine if subjects can access different objects.
The model uses subjects, objects, access operations (read, write and read/write) and security levels.
|
|
