Information Security

Access Control

1
 Compromise recording
• This principle states that sometimes it is more
desirable to record the details of an intrusion than
to adopt more sophisticated measures to prevent it.
– Internet-connected surveillance cameras are a typical
example of an effective compromise record system that
can be deployed to protect a building in lieu of
reinforcing doors and windows.
– The servers in an office network may maintain logs for
all accesses to files, all emails sent and received, and all
web browsing sessions.

2
 Topic: 2. Access Control
• Users and groups • Which users can
• Authentication read/write which files?
• Passwords • Are my files really safe?
• File protection • What does it mean to be
• Access control lists root?
• What do we really want
to control?

12/14/2020 Introduction 3
 Cont.
Access control
prevention of the unauthorized use of a
resource, that is this service controls
- who can have access to a resource
- under what condition access can occur
- and what those accessing are allowed to
do

4
 Access Control Matrices
• A table that defines permissions.
– Each row of this table is associated with a subject, which is
a user, group, or system that can perform actions.
– Each column of the table is associated with an object,
which is a file, directory, document, device, resource, or
any other entity for which we want to define access rights.
– Each cell of the table is then filled with the access rights for
the associated combination of subject and object.
– Access rights can include actions such as reading, writing,
copying, executing and deleting.
– An empty cell means that no access rights are granted.

5
 Example Access Control Matrix

• Adv:
– Fast and easy determination for access control rights
– Provide a simple visual way
• Disadv:
– What will happen when it grow
– n subject, m object then n.m cells
– Server have 1000 subjects (users) and 1,000,000 objects
(which are files and folders)
6
 Access Control Lists
• It defines, for each object, o, a list, L, called o’s access
control list, which enumerates(Computes) all the
subjects that have access rights for o and, for each
such subject, s, gives the access rights that s has for
object o.
/etc/passwd /usr/bin/ /u/roberto/ /admin/

root: r,w root: r,w,x root: r,w,x root: r,w,x

mike: r mike: r,x roberto: r,w,x backup: r,x
roberto: r roberto: r,x backup: r,x
backup: r backup: r,x

7
 Cont.
• Advantage:
– Less size as compare to access control matrices
• Size of ACL is proportional to No. of non empty cell in ACM
– ACL of the object is store as metadata with its object
• System only need to consult the ACL of that object
• Disadvantage:
– Do not provide the efficient way to see the access
control right of a given subject,
• Each object’s list must be accessed

8
 Capabilities
/etc/passwd: r,w,x; /usr/bin: r,w,x;
root /u/roberto: r,w,x; /admin/: r,w,x

• Takes a subject-centered
approach to access
control. mike /usr/passwd: r; /usr/bin: r,x

• It defines, for each

subject s, the list of the /usr/passwd: r; /usr/bin: r;
objects for which s has roberto /u/roberto: r,w,x

nonempty access control

rights with specific right
/etc/passwd: r,x; /usr/bin: r,x;
backup /u/roberto: r,x; /admin/: r,x

9
 Cont.
• Same advantage in space over access control
matrix as the access control list
• Easy for admin to quickly determine access
right for a give subject
• When s request for o, system need to read
only the capabilities of s
• The only way to determine the access right of
object o is to search all the capabilities

10
 Role-based Access Control
• Define roles and then specify access control
rights for these roles, rather than for subjects
directly.
Department
Chair

Administrative Lab System Undergraduate Graduate

Manager Manager Administrator TA TA

Lab Backup Undergraduate Graduate

Accountant Secretary Technician Agent Student Student

Administrative Technical
Personnel Personnel Faculty Student

Department
Member 11