1

ISA 562 Internet Security

Theory and Practice

Midterm Exam Review

2

          

Review for the Mid-term First five chapters + Cryptography The nature of the exam:

4-5 questions Similar to the homework May have some modeling, some policy,

some descriptions

3

          

Review Chapter 1 + Transparency

CIA of Information Security What they are Given a set of requirements, can we categorize them?

Access control matrix Safe state Safe state written as a (pre-condition, post

condition) pair of read, write and access operations

Add/delete rights Add/delete subjects, objects and operations

4

          

Review Chapter 1 Continued … Mono Operational Commands

Single operations like add “make P the owner of file Q”

Written formally as make.owner(p,q) Conditional commands

“If p owns f, then let p give r rights to q” How to write them formally

Multiple conditions…

5

          Review of Chapter 2: Foundations

ACM, ACL and capabilities Turing machines

Un-decidability HRU Result:

Is there an algorithm, that given an initially safe state halts and say yes/no to the safety after granting a generic right r ?

Method: Encode safety, granting rights etc as Turing machine instructions

Special cases are decidable: Take-grant model

6

          Review of Chapter 2: Foundations

Capability based systems Lock and key model

Lock=object, key=subject Object carries permissions = subject presents key to

unlock object

7

          

Review of Chapter 3: Policies Formalization of security policy using

precise policy languages DAC, MAC and RBAC Specification of DAC using subjects

objects and access rights

8

          

Review: MAC Review and background

Lattices Military systems and Denning’s Axioms

Bell-LaPadula (BLP) Policy Step 1 – clearance/classification Step 2 – categories Example System – DG/UX

Tranquility Controversy at a glance

9

          

Supremas and Infimas of POsets Definition: (A,<) is a POset and B A

Say that b0A is a Least upper bound (aka Supemum) of B iff (1) b0is an upper bound and (2) b0<b for all other upper bounds b of B

B1, B2,

B3 B4 B5 B6

b1,b2, b3b0Upper bounds

Lower boundsc0

c2, c3, c4

The set B

Say that c0A is a greatest lower bound (Infimum) iff (1) c0 is an upper bound (2)c0<b for all other lower bounds c of B

10

          Example Lattices – Power Set Lattice

S = {a,b,c} 2S = { ,{a},{b},{c},{a,b},{b,c},{a,c},

{a,b,c} } Arrows mean (informally, included by)

a,b,c

a,b

a

a,b,c

a,b

a

b,c

c

a,b,c

a,b

a

b,c

b

a,c

c

Special case: Total order

Partial order

Special case: Lattice

11

          

Example Product Lattice

2

1

ab

a

b

Lattice 1

(arrow means )

Lattice 2 Lattice 1

x,y x’,y’ means

y’ y and x x’

ab,2

a,2

,2

b,2

ab,1

a,1

,1

b,1

Lattice 2

(arrow means )

12

          

BLP Rules Simple Security Policy

No Read up * Security Property

No write down

13

          

Cryptography Major uses:

Confidentiality Nonrepudiation Authentication Access Control

The major types: Substitution Symmetric Asymmetric

RSA Diffie Hellman