1 / 12

OM-AM and PEI

OM-AM and PEI. Prof. Ravi Sandhu. THE OM-AM WAY. A s s u r a n c e. What?. Objectives Model Architecture Mechanism. How?. LAYERS AND LAYERS. Multics rings Layered abstractions Waterfall model Network protocol stacks Napolean layers RoFi layers OM-AM etcetera. What?.

early
Download Presentation

OM-AM and PEI

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. OM-AM and PEI Prof. Ravi Sandhu

  2. THE OM-AM WAY A s s u r a n c e What? Objectives Model Architecture Mechanism How?

  3. LAYERS AND LAYERS • Multics rings • Layered abstractions • Waterfall model • Network protocol stacks • Napolean layers • RoFi layers • OM-AM • etcetera

  4. What? How? OM-AM AND MANDATORY ACCESS CONTROL (MAC) A s s u r a n c e No information leakage Lattices (Bell-LaPadula) Security kernel Security labels

  5. What? How? OM-AM AND DISCRETIONARY ACCESS CONTROL (DAC) A s s u r a n c e Owner-based discretion numerous numerous ACLs, Capabilities, etc

  6. What? How? OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC) A s s u r a n c e Objective neutral RBAC96, ARBAC97, etc. user-pull, server-pull, etc. certificates, tickets, PACs, etc.

  7. SERVER MIRROR Client Server User-role Authorization Server

  8. SERVER-PULL Client Server User-role Authorization Server

  9. USER-PULL Client Server User-role Authorization Server

  10. PROXY-BASED Client Proxy Server Server User-role Authorization Server

  11. THE OM-AM WAY A s s u r a n c e What? Objectives Model Architecture Mechanism How?

  12. PEI Security and system goals (objectives/policy) • Necessarily informal • Specified using users, subjects, objects, admins, labels, roles, groups, etc. in an ideal setting. • Security analysis (objectives, properties, etc.). Policy models • Approximated policy realized using system architecture with trusted servers, protocols, etc. • Enforcement level security analysis (e.g. stale information due to network latency, protocol proofs, etc.). Enforcement models • Technologies such as Cloud Computing, Trusted Computing, etc. • Implementation level security analysis (e.g. vulnerability analysis, penetration testing, etc.) Implementation models Concrete System • Software and Hardware

More Related