© ravi sandhu hru and tam ravi sandhu laboratory for information security technology george mason...

Report

Tags:

Post on 26-Mar-2015

219 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

© Ravi Sandhuwww.list.gmu.edu

HRU and TAM

Ravi SandhuLaboratory for Information Security Technology

George Mason Universitywww.list.gmu.edusandhu@gmu.edu

2

© 2004 Ravi Sandhuwww.list.gmu.edu

The Access Matrix Model, Lampson 1971

3

© 2004 Ravi Sandhuwww.list.gmu.edu

The HRU (Harrison-Ruzzo-Ullman) Model, 1976

U r w

V

F

r w

G

r

4

© 2004 Ravi Sandhuwww.list.gmu.edu

The HRU (Harrison-Ruzzo-Ullman) Model, 1976

U r w

V

F

r w own

G

r

5

© 2004 Ravi Sandhuwww.list.gmu.edu

The HRU (Harrison-Ruzzo-Ullman) Model, 1976

U r w

V

F

r w own

G

r

r

6

© 2004 Ravi Sandhuwww.list.gmu.edu

HRU Commands and Operations

• command α(X1, X2 , . . ., Xk)if rl in (Xs1, Xo1) and r2 in (Xs2, Xo2) and ri in (Xsi, Xoi)

thenop1; op2; … opn

end• enter r into (Xs, Xo)

delete r from (Xs, Xo)create subject Xscreate object Xodestroy subject Xsdestroy object Xo

7

© 2004 Ravi Sandhuwww.list.gmu.edu

HRU Examples

8

© 2004 Ravi Sandhuwww.list.gmu.edu

HRU Examples

9

© 2004 Ravi Sandhuwww.list.gmu.edu

HRU Examples

10

© 2004 Ravi Sandhuwww.list.gmu.edu

HRU Examples

11

© 2004 Ravi Sandhuwww.list.gmu.edu

The Safety Problem

Given• initial state• protection scheme (HRU commands)

Can r appear in a cell that exists in the initial state and does not contain r in the initial state?

More specific question might be:can r appear in a specific cell [s,o]

12

© 2004 Ravi Sandhuwww.list.gmu.edu

The Safety Problem

Initial state: r’ in (o,o) and nowhere else

13

© 2004 Ravi Sandhuwww.list.gmu.edu

Safety is Undecidable in HRU

14

© 2004 Ravi Sandhuwww.list.gmu.edu

TAM adds types to HRU

15

© 2004 Ravi Sandhuwww.list.gmu.edu

TAM adds types to HRU

16

© 2004 Ravi Sandhuwww.list.gmu.edu

TAM commands

17

© 2004 Ravi Sandhuwww.list.gmu.edu

TAM primitive operations

18

© 2004 Ravi Sandhuwww.list.gmu.edu

TAM operations: enter and delete

19

© 2004 Ravi Sandhuwww.list.gmu.edu

TAM operations: create and destroy

20

© 2004 Ravi Sandhuwww.list.gmu.edu

TAM operations: create and destroy

21

© 2004 Ravi Sandhuwww.list.gmu.edu

The Safety Problem

• TAM has much stronger safety properties than HRU

top related

© 2004 ravi sandhu cyber-identity, authority and trust in...
Documents
1 virtualization prof. ravi sandhu executive director and...
Documents
isa 662 internet security protocols kerberos prof. ravi...
Documents
1 cloud computing prof. ravi sandhu executive director and...
Documents
access control and semantic web technologies ravi sandhu...
Documents
© 2004 ravi sandhu role-based access control prof. ravi...
Documents
© 2005 ravi sandhu access control hierarchies (best viewed...
Documents
© 2004 ravi sandhu a perspective on graphs and access...
Documents
isa 662 rbac-mac-dac prof. ravi sandhu. 2 © ravi sandhu...
Documents
© 2004-5 ravi sandhu security issues in p2p systems prof....
Documents
rethinking password strategies ravi sandhu chief scientist...
Documents
© 2005 ravi sandhu permissions and inheritance (best...
Documents
isa 662 ike key management for ipsec prof. ravi sandhu
Documents
ssl prof. ravi sandhu. 2 © ravi sandhu 2002 secure sockets...
Documents
security cloud: cloud trust brokers · security and the...
Documents
nist sp 800-144, guidelines on security and - prof. ravi...
Documents
1 rethinking password strategies ravi sandhu chief scientist...
Documents
© 2004-5 ravi sandhu cyber-identity, authority and trust...
Documents
© 2005 ravi sandhu administrative scope (continued) (best...
Documents
1 the future of cyber security prof. ravi sandhu executive...
Documents