Question A •There are several different type of access mechanisms, they include

Question

Question A •There are several different type of access mechanisms, they include (MAC, DAC and RBAC). Describe and give an example of each of these. Please include pro’s and con’s as well. •Do we need more laws or are existing laws sufficient for IT security? Who should have jurisdiction? What about in international cases? (justify your position)

Question B research a unique news story or article related to Information Technology. Post a summary of what you learned to the discussion thread, please also provide a link to the original article. Source is your choice; however please fully cite your source.

Explanation / Answer

Access Control is the process or mechanism for giving the authority to access the specific resources, applications and system. Access control defines a set of conditions or criteria to access the system and its resources.

There are three main accesses Control model first is Mandatory access control model(MAC), second is Discretionary access control model(DAC) and third is Role based access control models(RBAC).

(A). Mandatory access control (MAC), in this model users do not have the authority to override the policies and it totally controlled centrally by the security policy administrator. The security policy administrator defines the usage of resources and their access policy, which cannot be overridden by the end users, and the policy, will decide who has authority to access the particular programs and files. MAC is mostly used in a system where priority is based on confidentiality. It is useful in a highly secured environment.

According to law, court can access driving records without the owners’ permission. MAC mechanisms have been tightly coupled to a few security models and it is mostly used in a system where priority is based on confidentiality. For example Trusted Solaris, TrustedBSD , SELinux etc.)

MAC can be classified in to following types.
1. Multilevel Security
2. Multilateral Security

In this, information and users are classified into different levels according to their sensitivity and trust. It will be classified into Confidential, Secret and Top Secret. This defines different levels such as clearance level, classification level and security level.

In government and military facilities, MAC performs classification and then assigns a label to each file system object. According to the level of security it include confidential, secret and top secret. When a user or device tries to access particular files or resources, the OS or security kernel determine whether access will be granted or not. MAC requires continuous monitoring and careful planning to keep all resource objects' and users' classifications up to date.

Examples:- The Bell-LaPadula Security Policy Model

It is proposed by David Bell and Len Lapadula in 1973, to provide security for time-sharing mainframe systems. This model also called as MLS model.This model dealt with confidentiality. In this model, two types of security label are assigned to subjects and objects based on the simple security property and *-property to verifiably ensure military classification policies that restrict information flow from more secure classification levels to less secure levels. Also referred as No read up and No write down.

Simple security property: It states that process labeled with higher classification cannot access or read information or resources.
That is, Subject A is allowed to read object O only if class (O) class (A).
*-property: It does not allow processes from writing to a lower classification. That is, Subject A is allowed to write object O only if class (A) class (O).

As we know that, mandatory policies provide better security than discretionary policies, therefore it could be used to control indirect information flows. Different policies are proposed as a mixture of mandatory flow control and discretionary authorizations.

Examples:- The Chinese wall policy

The Chinese Wall policy was proposed by Brewer and Nash to define access rules in a consultancy business where business analysts have to ensure that no conflicts will be occurred in the interest of clients while dealing with multiple clients .The main goal is to control the information flows, due to which conflict will be occurred in a interest of individual consultants (e.g., an individual consultant does not have the information of two companies). In the proposed model, the data objects are organized hierarchically as follows:

Advantages of MAC:

Disadvantages of MAC:

(B). Discretionary access control(DAC) model, the end users have complete authority to assign any rights to objects. Discretionary policies defines access control based on the identity of the requestors and explicit access rules that determines who can, or cannot, execute particular actions on particular resources. In DAC users can be given the authority to other users to access the resources, where assigning and granting the privileges is done by an administrative policy.

Instead of a security label in the case of MAC, each resource object on a DAC based system has an Access Control List (ACL) associated with it. An ACL contains a list of users and groups to which the user has permitted access together with the level of access for each user or group.Discretionary Access Control provides a much more flexible environment than Mandatory Access Control but also increases the risk that data will be made accessible to users that should not necessarily be given access.

Example: The access matrix model

It provides a simple framework for implementing the discretionary access control. It is proposed by Lampson for providing protection against the unauthorized access to the resources within the operating systems and later it is refined by Graham and Denning, the model was developed by Harrison, Ruzzo, and Ullmann (HRU model), to minimize the complexity of access control policy. This model is called as access matrix. Access matrix holds the authorization state at a given time in the system. It provides the abstract representation of protection systems.

To design an access control system a first step is the identification of the objects which we have to be protected and the executing access request and different activities to objects, and the actions that can be executed on the objects and that must be controlled. For example, in the operating systems, objects can be any programs, directories or files.

The authorization state in the access matrix model is defined by a triple (S, O, A), where S is the set of subjects, who can have access liberties; O is the set of objects, on which access rights can be exercised (subjects may be considered as objects, in which case O); and A is the access matrix, In this rows represents the subjects, columns represents the objects, and entry A[s, o] reports the access rights of s on o.The access control model simply provides a framework where authorizations can be specified, the model can contain different access rights or privileges.

Advantages of DAC:

Disadvantages of DAC:

(C). Role based access control models(RBAC):-For providing access rights to user it is important to know the user’s responsibilities assigned by the organization. But in the DAC user rights of data plays an important part, are not a good and in MAC, users have to take security clearances and objects need security classifications. RBAC try to reduce the gap by combining the forced organizational constraints with flexibility of explicit authorizations.

RBAC mostly used for controlling the access to computer resources. RBAC is very useful method for controlling what type of information users can utilize on the computer, the programs that the users execute, and the changes that the users can make. In RBAC roles for users are assigned statically, which is not used in dynamic environment. It is more difficult to change the access rights of the user without changing the specified roles of the user. RBAC is mostly preferable access control model for the local domain. Due to the static role assignment it does not have complexity. Therefore it needs the low attention for maintenance.

Role is nothing but the abstractions of the user behavior and their assigned duties. These are used to assign system resources to the departments and their respective members. To provide the accessing control with security in the particular software systems it will be the beneficial to use role concept. It also reduces the cost of authority management.

Advantages of RBAC:

Role-based policies provide logical independence in specifying user authorizations. The user authorizations task can be broken down in to two parts: i) assigning roles to the particular users, and ii) assigning objects to roles. This make simpler to manage the security policy.

In many applications or organizations have hierarchy of roles, it is based on the principles of generalization and specialization.The role hierarchy can be used to describe the authorization.Authorization implication can be compulsory on role assignments, by allowing users to use generalizations(e.g., If a user has rights to activate secretary will also be have rights to activate role adm-staff).

Roles defines the least privilege that user required to perform the particular task. Those Users are authorized to powerful roles do not need to use them until those rights are actually needed. This minimizes the damage happens due to the unintended errors.

This principle describe that no user should have more rights so he can misuse it. For instance, the person who authorized a paycheck and who can prepare them should not be the same person. Separation of duties can be done either statically or dynamically. In statically, it can be done by defining conflicting roles. In dynamically, it can be done by providing the control at the access time.

Disadvantages of RBAC:

In RBAC model, there is still some work to be done to cover up all the requirements which may represent the real world scenario.
Defining the roles in a different context is difficult and it may result into large role definition. Sometimes it produces more roles than users.
Now days, require fine grained results but RBAC not gives fine grained results.
RBAC assigns the roles statically to its user, which is not preferred in dynamic environment. It is difficult to implement when the environment is dynamic and distributed. Due to this it is more difficult to change the access rights of the user without changing the role of that user. Therefore RBAC not provide support for dynamic attributes such as time of the day on which the user permission is determined.
It maintains the relation between users and its roles. It also maintains the relation between permissions and roles. Therefore to implement the RBAC model roles must be assigned in advance and it is not possible to change access rights without altering the roles.

Here I have described MAC, DAC and RBAC access control models and there different implementations. Also we have listed the advantages and disadvantages of these models. Still some work needs to be done on interpreting policies into acceptable model to provide efficient and accurate management of these models. Developing a new model such as, Dynamic Typed Access Control (DTAC) and Attribute-Based Access Control (ABAC) to overcome the problem of RBAC. Operating systems are also likely to expand support for additional access control models both internally and with Pluggable Policy Modules to allow users and administrators more comprehensive and user-friendly ways to secure systems.
In future we will integrate the two models RBAC & ABAC in such a way that can overcome the existing problems with RBAC & ABAC and can get a fine grained access control model which is highly demandable in shareable, open and changing environment.
Future work in this area is likely to be focused on the production of Role-Based Access Control models for community cyber security. Oracle also supports RBAC as part of their database management access controls to support role based access control.

Do we need more laws or are existing laws sufficient for IT security? Who should have jurisdiction? What about in international cases? (justify your position)

One of the advantages of the Internet over other methods of communication and commerce is that it enables access to a much wider, even a worldwide, audience. Spatial distance and national borders are irrelevant to the creation of an Internet business, many of which are conceived for the express purpose of expanding sales horizons across borders.   In a sense, a person can be everywhere in the world, all at once. This ease of communication raises a vital legal question, however: when a person puts up a website on his home server and allows access to it from all points on the globe, does he subject himself to the governance of every law- and rule-maker in the world? Under the current system, in order to decide what state's or nation's laws govern disputes that arise over Internet issues, a court first must decide "where" Internet conduct takes place, and what it means for Internet activity to have an "effect" within a state or nation.

Even apart from the Internet, this border-centric view of the law creates certain difficulties in an economy moving toward globalization. Entire bodies of law have been developed by every nation to deal with the resolution of international conflicts of law, conflicts that arise when geography and citizenship would allow a dispute to be decided by the laws of more than one country, and the laws of those countries are not consistent with each other. Conflicts of law are particularly likely to arise in cyberspace, where the location of an occurrence is never certain, where ideological differences are likely to create conflicting laws, and where rules are made not only by nations and their representatives, but also by sub-national and transnational institutions.

A court does not have power over every person in the world. Before a court may decide a case, the court must determine whether it has "personal jurisdiction" over the parties.   A plaintiff may not sue a defendant in a jurisdiction foreign to the defendant, unless that defendant has established some relationship with that forum that would lead him to reasonably anticipate being sued there.

In the U.S., the Due Process clause of the Constitution's Fourteenth Amendment sets the outermost limits of personal jurisdiction. If a party has substantial systematic and continuous contacts with the forum, a court may exercise jurisdiction over a party for any dispute, even one arising out of conduct unrelated to the forum.   This is known as general jurisdiction. For example, a corporation or person can always be sued in its state of residence or citizenship or its principal place of business, regardless of whether or not the claim arose there.
If a party is not present in the state or does not have systematic and continuous contacts with the state, courts may exercise jurisdiction over a party for causes of action arising out of his contacts with the state, or arising out of activities taking place outside the state expressly intended to cause an effect within the state.

Internationally:

There is little dispute that nation-states can prosecute Internet users (or anyone else, for that matter), whatever their location, for revealing national secrets, falsifying official documents, or inciting war. These activities threaten national security, wherever they are committed, and therefore fall under international standards for jurisdiction. Similarly, it is a universal crime to publicly incite torture or genocide. These universal offenses may be prosecuted extraterritorially by any nation, regardless of the citizenship or location of the user.

Although each country's laws are different, most rely on some sort of "effects" test resembling the U.S. test, whereby a party is subject to jurisdiction in a place where his conduct has an effect.   This jurisdiction traditionally is subject to a "reasonableness" test. According to section 421 of the Restatement (Third) of the Foreign Relations Law of the U.S., exercise of jurisdiction is generally reasonable if the party is a citizen, resident, or domiciliary of the state, or if:

(a) the person, whether natural or personal, has consented to the exercise of jurisdiction;

(b) the person, whether natural or juridical, regularly carries on business in the state;

(c) the person, whether natural or juridical, had carried on activity in the state, but only in respect of such activity;

(d) the person, whether natural or juridical, had carried on outside the state an activity having a substantial, direct, and foreseeable effect within the state, but only in respect of such activity; or

(e) the thing that is the subject of adjudication is owned, possessed, or used in the state, but only in respect of a claim reasonably connected with that thing.

Related Questions

Navigate

• Browse (All)
• Browse Q
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.