NIST IR 7298, Glossary of Key Information Security Terms, defines _________ as the process of granting or denying specific requests to: [1] obtain and use information and related information processing services; and [2] enter specific physical facilities.
access control
Internet Security Glossary, defines __________ as a process by which use of system resources is regulated according to a security policy and is permitted only by authorized entities [users, programs, processes, or other systems] according to that policy.
access control
the central element of computer security.
Access control
[T/F] All of computer security is concerned with access control.
True
Measures that implement and assure security services in a computer system, particularly those that assure access control service.
Computer security
Access Control Context:
- Authentication
- Authorization
- Audit
Verification that the credentials of a user or other system entity are valid.
Authentication
The granting of a right or permission to a system entity to access a system resource. This function determines who is trusted for a given purpose.
Authorization
An independent review and examination of system records and activities in order to test for adequacy of system controls, to ensure compliance with established policy and operational procedures, to detect breaches in security, and to recommend any indicated changes in control, policy and procedures.
Audit
mediates between a user and system resources, such as applications, operating systems, firewalls, routers, files, and databases.
access control mechanism
maintains an authorization database that specifies what type of access to which resources is allowed for this user.
security administrator
Access Control Policies:
- Discretionary access control [DAC]
- Mandatory access control [MAC]
- Role-based access control [RBAC]
- Attribute-based access control [ABAC]
Controls access based on the identity of the requestor and on access rules [authorizations] stating what requestors are [or are not] allowed to do.
Discretionary access control [DAC]
The policy is termed ________ because an entity might have access rights that permit the entity, by its own volition, to enable another entity to access some resource.
discretionary
Controls access based on comparing security with security clearances.
Mandatory access control [MAC]
The policy is termed ________ because an entity that has clearance to access a resource may not, just by its own volition, enable another entity to access that resource.
mandatory
Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.
Role-based access control [RBAC]
Controls access based on attributes of the user, the resource to be accessed, and current environmental conditions.
Attribute-based access control [ABAC]
An ________, which can be embodied in an authorization database, dictates what types of access are permitted, under what circumstances, and by whom.
access control policy
_______ is the traditional method of implementing access control.
DAC
______ is a concept that evolved out of requirements for military information security and is best covered in the context of trusted systems.
MAC
The basic elements of access control are:
subject, object, and access right
A ________ is an entity capable of accessing objects. Generally, the concept of subject equates with that of process.
subject
This may be the creator of a resource, such as a file.
Owner
In addition to the privileges assigned to an owner, a named group of users may also be granted access rights, such that membership in the group is sufficient to exercise these access rights.
Group
The least amount of access is granted to users who are able to access the system but are not included in the categories owner and group for this resource.
World
An ________ is a resource to which access is controlled. In general, an object is an entity used to contain and/or receive information.
object
An _________ describes the way in which a subject may access an object.
access right
Access right includes:
Read, Write, Execute, Delete, Create, Search
A general approach to DAC, as exercised by an operating system or a database management system, is that of an _________.
access matrix
an _________ is usually sparse and is implemented by decomposition in one of two ways.
access matrix
_________ lists users and their permitted access rights.
access control lists [ACLs]
A _________ specifies authorized objects and operations for a particular user.
capability ticket
[T/F] It is easy to determine the set of access rights that a given user has, but more difficult to determine the list of users with specific access rights for a specific resource.
True
An ________ contains one row for one access right of one subject to one resource.
authorization table
Sorting or accessing the table by _______ is equivalent to a capability list. Sorting or accessing the table by ________ is equivalent to an ACL.
subject, object
assumes a set of subjects, a set of objects, and a set of rules that govern the access of subjects to objects.
Access Control Model
Access rights include the ability to delete a process, stop [block], and wake up a process.
Processes
Access rights include the ability to read/write the device, to control its operation [e.g., a disk seek], and to block/unblock the device for use.
Devices
Access rights include the ability to read/write certain regions of memory that are protected such that the default is to disallow access.
Memory locations or regions
Access rights with respect to a subject have to do with the ability to grant or delete access rights of that subject to other objects, as explained subsequently.
Subjects
A ________ could be defined, which results in the transferred right being added to the target subject and deleted from the transferring subject.
transfer-only right
The ability of one subject to create another subject and to have ______ access right to that subject can be used to define a hierarchy of subjects.
‘owner’
A _______ is a set of objects together with access rights to those objects.
protection domain
[T/F] A more general concept of protection domain provides more flexibility.
True
A user program executes in a _________, in which certain areas of memory are protected from the user’s use and in which certain instructions may not be executed.
user mode
When the user process calls a system routine, that routine executes in a system mode, or what has come to be called _______, in which privileged instructions may be executed and in which protected areas of memory may be accessed.
kernel mode
An _________ is a control structure that contains the key information needed by the operating system for a particular file.
inode [index node]
A directory that is inside another directory is referred to as a _________.
subdirectory
A _________ is simply a file that contains a list of file names plus pointers to associated inodes.
directory
The ________ is exempt from the usual file access control constraints and has systemwide access.
superuser
[T/F] A final point to note is that the traditional UNIX file access control scheme implements a simple protection domain structure. A domain is associated with the user, and switching the domain corresponds to changing the user ID temporarily.
True
________ allows the administrator to assign a list of UNIX user IDs and groups to a file by using the setfacl command.
FreeBSD
[T/F] Traditional DAC systems define the access rights of individual users and groups of users. In contrast, RBAC is based on the roles that users assume in a system rather than the user’s identity.
True
provide a means of reflecting the hierarchical structure of roles in an organization.
ROLE HIERARCHIES—RBAC1
make use of the concept of inheritance to enable one role to implicitly include access rights associated with a subordinate role.
Role hierarchies
provide a means of adapting RBAC to the specifics of administrative and security policies in an organization.
CONSTRAINTS—RBAC2
A ________ is a defined relationship among roles or a condition related to roles.
constraint
roles such that a user can be assigned to only one role in the set.
Mutually exclusive roles
refers to setting a maximum number with respect to roles.
Cardinality
A system might be able to specify a __________, which dictates that a user can only be assigned to a particular role if it is already assigned to some other specified role.
prerequisite role
An _________ can define authorizations that express conditions on properties of both the resource and the subject.
ABAC model
There are three key elements to an ABAC model: _______, which are defined for entities in a configuration; a _________ which defines the ABAC policies; and the ___________, which applies to policies that enforce access control.
attributes, policy model, architecture model
characteristics that define specific aspects of the subject, object, environment conditions, and/or requested operations that are predefined and preassigned by an authority.
Attributes
A subject is an active entity that causes information to flow among objects or changes the system state.
Subject attributes
An object, also referred to as a resource, is a passive information system-related entity containing or receiving information.
Object attributes
These attributes have so far been largely ignored in most access control policies.
Environment attributes
a logical access control model that is distinguishable because it controls access to objects by evaluating rules against the attributes of entities [subject and object], operations, and the environment relevant to a request.
ABAC
[T/F] ABAC enables fine-grained access control, which allows for a higher number of discrete inputs into an access control decision, providing a bigger set of possible combinations of those variables to reflect a larger and more definitive set of possible rules, policies, or restrictions on access. Thus, ABAC allows an unlimited number of attributes to be combined to satisfy any access control rule.
True
In ABAC, the _________ is derived from many sources of which the object owner has no control, such as Subject Attribute Authorities, Policy Developers, and Credential Issuers.
root of trust
A _______ is a set of rules and relationships that govern allowable behavior within an organization, based on the privileges of subjects and how resources or objects are to be protected under which environment conditions.
policy
represent the authorized behavior of a subject; they are defined by an authority and embodied in a policy.
Privileges
______ is a comprehensive approach to managing and implementing digital identities [and associated attributes], credentials, and access control. ICAM has been developed by the U.S. government, but is applicable not only to government agencies, but also may be deployed by enterprises looking for a unified approach to access control.
ICAM
___________ is concerned with assigning attributes to a digital identity and connecting that digital identity to an individual or NPE.
Identity management
A ____________ is often comprised of a set of attributes that when aggregated uniquely identify a user within a system or an enterprise.
digital identity
A ________ is an object or data structure that authoritatively binds an identity [and optionally, additional attributes] to a token possessed and controlled by a subscriber.
credential
___________ is the management of the life cycle of the credential.
Credential management
The ___________ deals with the management and control of the ways entities are granted access to resources. It covers both logical and physical access, and may be internal to a system or an external element.
access management component
This element is concerned with defining rules for a resource that requires access control.
Resource management
-
This element is concerned with establishing and maintaining the entitlement or privilege attributes that comprise an individual’s access profile.
Privilege management
This element governs what is allowable and unallowable in an access transaction.
Policy management
________ is a term used to describe the technology, standards, policies, and processes that allow an organization to trust digital identities, identity attributes, and credentials created and issued by another organization.
Identity federation
The _____________ involves users developing arrangements with an identity service provider to procure digital identity and credentials, and arrangements with parties that provide end-user services and applications and that are willing to rely on the identity and credential information generated by the identity service provider.
exchange of identity information
The _________ requires that the user has been authenticated to some degree of assurance, that the attributes imputed to the user by the identity service provider are accurate, and that the identity service provider is authoritative for those attributes.
relying party
This is an open standard that allows users to be authenticated by certain cooperating sites [known as Relying Parties] using a third party service, eliminating the need for Webmasters to provide their own ad hoc systems and allowing users to consolidate their digital identities.
OpenID
__________ is an international nonprofit organization of individuals and companies committed to enabling, promoting, and protecting OpenID technologies.
OIDF: The OpenID Foundation
________ is a nonprofit community of companies and individuals working together to evolve the Information Card ecosystem.
ICF: The Information Card Foundation
____________ is a standardized, open specification of a trust framework for identity and attribute exchange, developed jointly by OIDF and ICF.
OITF: The Open Identity Trust Framework
__________ is an independent, neutral, international provider of certification trust frameworks conforming to the Open Identity Trust Frameworks model.
OIX: The Open Identity Exchange Corporation
_________ is an online Internet-scale gateway for identity service providers and relying parties to efficiently access user asserted, permissioned, and verified online identity attributes in high volumes at affordable costs.
AXN: An Attribute Exchange Network [AXN]
__________ functions as a certification program which enables a party who accepts a digital identity credential to trust the identity, security, and privacy policies of the party who issues the credential and vice versa.
Trust framework
Also called service providers, these are entities delivering services to specific users.
Relying parties [RPs]
These are users of an RP’s services, including customers, employees, trading partners, and subscribers.
Subjects
__________ are entities acknowledged by the community of interest as being able to verify given attributes as presented by subjects and which are equipped through the AXN to create conformant attribute credentials according to the rules and agreements of the AXN.
Attribute providers [APs]
These are entities able to authenticate user credentials and to vouch for the names [or pseudonyms or handles] of subjects, and which are equipped through the AXN or some other compatible Identity and Access Management [IDAM] system to create digital identities that may be used to index user attributes.
Identity providers [IDPs]
Assessors evaluate identity service providers and RPs and certify that they are capable of following the OITF provider’s blueprint.
Assessors
These entities may be called on to check that parties’ practices have been in line with what was agreed for the OITF.
Auditors
These entities provide arbitration and dispute resolution under OIX guidelines.
Dispute resolvers
________ is an organization that translates the requirements of policymakers into an own blueprint for a trust framework that it then proceeds to build, doing so in a way that is consistent with the minimum requirements set out in the OITF specification.
Trust framework providers
Is the traditional method of implementing access control?
Traditional access control [AC] is the mechanism by which a system constrains the actions of a legitimate user and the programs operating on his behalf to only those that cannot compromise the security of the system. The term security, here, is meant to also cover confidentiality and integrity of information.
Access Control: Models and Methods.
This response leads to more frustration as the user needs to get on with their task and all they need is access to one folder. ... .
Mandatory Access Control [MAC].
Role-Based Access Control [RBAC].
Discretionary Access Control [DAC].
Rule-Based Access Control [RBAC or RB-RBAC].
The traditional access control models are discretionary access control [DAC], mandatory access control [MAC], role-based access control [RBAC], and attribute-based access control [ABAC].
Three main types of access control systems are: Discretionary Access Control [DAC], Role Based Access Control [RBAC], and Mandatory Access Control [MAC]. DAC is a type of access control system that assigns access rights based on rules specified by users.