Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Lecture 14 of CS 5323: Principles of Information Security by Prof. Winsborough - Prof. Wil, Study notes of Computer Science

University of Texas - San AntonioComputer Science
Prof. William Winsborough

The 14th lecture notes from a university course named principles of information security, taught by prof. William winsborough at cs 5323 during the fall semester of 2007. The lecture covers topics such as security models, state machines, and the bell-lapadula model (blp). Students are expected to have read gollman chapter 8 before the guest lectures by prof. Hugh maynard about intrusion attacks and their detection.

Typology: Study notes

Pre 2010

Uploaded on 08/19/2009

koofers-user-71p-2
koofers-user-71p-2 🇺🇸

10 documents

1 / 2

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
Principles of Information Security
CS 5323 Lecture 14
Prof. William Winsborough
October 23, 2007
23 October 2007 Winsborough CS 5323 Lecture 14 2
Business
For Tuesday 10/23, read Gollman Chapter 8
Tuesday 10/30 and Thursday 11/1 you will have
guest lectures by Prof. Hugh Maynard about
intrusion attacks and their detection
23 October 2007 Winsborough CS 5323 Lecture 14 3
Security Models
A security model is a formal specification
of a system for expressing and enforcing a
security policy
23 October 2007 Winsborough CS 5323 Lecture 14 4
State Machines
Transition systems
A set of states
A set of inputs Σ
Optionally, a set of outputs
A transition function S x Σ→S
23 October 2007 Winsborough CS 5323 Lecture 14 5
State Machines
Transition systems
A set of stat es, S
A set of in puts, Σ
Optiona lly, a set of outputs, Γ
A transiti on function δ: S x Σ→S x Γ
Security properties can be modeled as sets of
states that are deemed secure
If the transition function can be shown to
preserve the security property, then when the
system is started in a secure state, all reachable
states will also be secure
23 October 2007 Winsborough CS 5323 Lecture 14 6
Bell-LaPadula Model (BLP)
Enforces the multilevel security (MLS) policy
State machine model
Confidentiality
Uses an access control matrix and security levels
Components
S, set of subjects
O, set of objects
A = {execute, read, append, write}, access operations
–(L, ), security levels
Access matrix
B = ℘(S x O x A), set of all access matrix tables
b ∈ B, an individual access matrix table
pf2

Partial preview of the text

Download Lecture 14 of CS 5323: Principles of Information Security by Prof. Winsborough - Prof. Wil and more Study notes Computer Science in PDF only on Docsity!

Principles of Information Security

CS 5323 Lecture 14

Prof. William Winsborough

October 23, 2007

23 October 2007 Winsborough CS 5323 Lecture 14 2

Business

  • For Tuesday 10/23, read Gollman Chapter 8
  • Tuesday 10/30 and Thursday 11/1 you will have guest lectures by Prof. Hugh Maynard about intrusion attacks and their detection

23 October 2007 Winsborough CS 5323 Lecture 14 3

Security Models

  • A security model is a formal specification

of a system for expressing and enforcing a

security policy

23 October 2007 Winsborough CS 5323 Lecture 14 4

State Machines

  • Transition systems
    • A set of states
    • A set of inputs Σ
    • Optionally, a set of outputs
    • A transition function S x Σ → S

23 October 2007 Winsborough CS 5323 Lecture 14 5

State Machines

  • Transition systems
    • A set of states, S
    • A set of inputs, Σ
    • Optionally, a set of outputs, Γ
    • A transition function δ: S x Σ → S x Γ
  • Security properties can be modeled as sets of states that are deemed secure
  • If the transition function can be shown to preserve the security property, then when the system is started in a secure state, all reachable states will also be secure

23 October 2007 Winsborough CS 5323 Lecture 14 6

Bell-LaPadula Model (BLP)

  • Enforces the multilevel security (MLS) policy
  • State machine model
    • Confidentiality
    • Uses an access control matrix and security levels
  • Components
    • S, set of subjects
    • O, set of objects
    • A = {execute, read, append, write}, access operations
    • (L, ≤), security levels
  • Access matrix
    • B = ℘(S x O x A), set of all access matrix tables
    • b ∈ B, an individual access matrix table

23 October 2007 Winsborough CS 5323 Lecture 14 7

BLP State Set

  • A state is given by (b, M, f) where
    • b is as above
    • M=(M (^) so ) (^) s∈S,o∈O is an access permission matrix
    • f = (fS, fC, fO) in which
      • fS : S → L gives the subject’s max security level
      • fC : S → L gives the subject’s current security level
      • fO : O → L gives the object’s classification

23 October 2007 Winsborough CS 5323 Lecture 14 8

Security Policies

  • Simple security property
    • No read up
    • State (b, M, f) satisfies simple security if for each (s,o,a) ∈ b in which a is read or write, f (^) O(o) ≤ f (^) S(s)
  • Star property
    • No write down
    • For all (s,o,a) ∈ b, if a is append or write, then f (^) C (s) ≤ f (^) O(o) and f (^) O(o’) ≤ f (^) O(o) for all o’ ∈ O such that (s, o’, a’) ∈ b and a’ is read or write

23 October 2007 Winsborough CS 5323 Lecture 14 9

Discretionary Security Property

  • (b,M,f) satisfies the ds-property if for each

element (s,o,a) ∈ b we have a ∈ M so

23 October 2007 Winsborough CS 5323 Lecture 14 10

Basic Security Theorem

  • A state is secure if the ss-, *-, and ds-

properties are satisfied

  • A transition is secure if it starts and ends

at a secure state

  • Theorem: if all state transitions are secure

and if the initial state is secure, then every

reachable state will also be secure

  • McLean argued that this definition of

security for a transition is too permissive