Access Control Models
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> Now, one of the ways we also can
00:00
control access to what subjects can do to
00:00
objects is our operating systems or our applications
00:00
use various access control models
00:00
to determine the degree of access.
00:00
For instance, we have three models called DAC,
00:00
MAC and RBAC that are our main models,
00:00
and then we'll see some sub-models as well.
00:00
We're going to talk about why we have
00:00
those models and what they do,
00:00
and how they enforce access control.
00:00
Your access control models, as I mentioned before,
00:00
these are usually built into your operating systems,
00:00
or into your applications,
00:00
or perhaps just into your environment, in your structure.
00:00
But the goal ultimately,
00:00
again, limit what subjects can do to objects.
00:00
Now, the first access control model is one called DAC,
00:00
and then we'll look at MAC.
00:00
Now these two stand above all the others.
00:00
These are two access control models
00:00
that were specifically
00:00
referenced in that book we talked about in Chapter 3,
00:00
the TCSEC, which was also known as the Orange Book.
00:00
That was our security evaluation criteria for systems.
00:00
The lower-level systems use discretionary access control,
00:00
while the more secure systems
00:00
use mandatory access control.
00:00
You can tell that just by the names.
00:00
Discretionary access control doesn't
00:00
sound nearly as secure as mandatory.
00:00
Now we also have other ways that access is controlled.
00:00
Some systems use role-based access control,
00:00
sometimes access control is
00:00
granted based on certain attributes,
00:00
and then we also might see
00:00
access control granted based on rules.
00:00
The first access control model we'll look at is
00:00
DAC, discretionary access control.
00:00
This is generally identity based.
00:00
A Windows system is primarily a DAC system.
00:00
You go in and create an accounts,
00:00
they're based on your identity.
00:00
I get an account called Kelly H. Now again,
00:00
you can modify that,
00:00
but that's natively the premise.
00:00
But the big thing that makes
00:00
it discretionary access control
00:00
is the use access control lists, ACLs.
00:00
Your access control lists,
00:00
if you create a resource and go to the properties,
00:00
you'll see, because I'm the owner,
00:00
Kelly Handerhan has full access.
00:00
I can read, I can write,
00:00
I can delete,
00:00
I can also grant access to
00:00
other entities to access
00:00
my folder and give them rights and permissions.
00:00
That access control list is what DAC systems
00:00
use to determine the degree of access to the resource.
00:00
Now the problem with this is if I create a folder,
00:00
I'm the creator, owner of that folder,
00:00
and the security of that folder is at my discretion.
00:00
For instance, I create a folder called Mine. Who owns it?
00:00
Me. If I want to grant access,
00:00
maybe I want to put something sensitive in
00:00
that folder that I shouldn't,
00:00
but Windows doesn't know I shouldn't,
00:00
and Windows is not going to have
00:00
any knowledge or understanding
00:00
of clearance and classification
00:00
so let's say I put something top secret in that folder.
00:00
Well, I can grant
00:00
access to that folder to anybody I want.
00:00
Doesn't mean I should,
00:00
doesn't mean policy says, that's okay,
00:00
but I can do it because I control who has
00:00
access to the folder and
00:00
the degree of security on that folder.
00:00
DAC environments are set up
00:00
to create an ease of use and an ease of sharing.
00:00
They're not designed to be
00:00
the most top-notch security on the planet,
00:00
not designed to be used in
00:00
a government or military environment.
00:00
If you're going to be in that environment,
00:00
then you're going to want to use MAC.
00:00
If you're thinking about clearance and classification,
00:00
you're going to be on the MAC system.
00:00
A lot of people haven't had experience on MAC systems.
00:00
This would be something like secure Linux
00:00
or Trusted Solaris,
00:00
that's what it used to called, now it's called
00:00
Solaris with Trusted Extensions,
00:00
but ultimately, a higher trust operating system.
00:00
MAC systems are configured with labels.
00:00
A user account gets created,
00:00
it gets a label.
00:00
Maybe it's the label of secret.
00:00
A folder or a file gets created, it gets a label.
00:00
Maybe that label is top secret.
00:00
When a user goes to access a resource,
00:00
that user's label is
00:00
compared up against the resources label,
00:00
and they're either allowed or denied access.
00:00
But the user can't change their label,
00:00
they can't change the label of the folder,
00:00
of the share, it's
00:00
the operating system that's in charge in this case,
00:00
and it makes its decision based on labels.
00:00
We have a much more secure in
00:00
a much more rigid environment than we did with DAC.
00:00
Now, the reason I say DAC and
00:00
MAC are heads above the others,
00:00
is that DAC and MAC are really designed,
00:00
they're a structure on which operating systems are built.
00:00
Windows writes their application for
00:00
the operating system and it's set up
00:00
to use access control list to provide access.
00:00
That's just how it is, Windows as a DAC system.
00:00
Trusted Solaris creates an environment
00:00
where labels are used.
00:00
It's just how the OS is built.
00:00
But I could create
00:00
in a Windows environment role-based access control.
00:00
This is really more of an implementation.
00:00
What I mean by that is even
00:00
though Windows is a DAC system,
00:00
I could create accounts and name the accounts based on
00:00
their role within the organization
00:00
as opposed to their identity.
00:00
I get a lot more security with role-based access control.
00:00
If all the accounts are tied to identities of users,
00:00
then I've got a user that's been with the company for
00:00
years and years and they can tend to
00:00
accumulate permissions over time.
00:00
I'm database administrator 1,
00:00
I get a certain amount of control and permissions.
00:00
Then I moved to database 2,
00:00
I get a different set of controls and permissions.
00:00
Then I go to database 3,
00:00
I get even more permissions.
00:00
What sometimes happens is we forget to
00:00
revoke those permissions and credentials.
00:00
Whereas with role-based access control,
00:00
you go to database 2,
00:00
you have a new account, DB2 admin.
00:00
Role-based access control is a good way
00:00
of implementing access control,
00:00
but it's not necessarily on
00:00
the same level as MAC and DAC.
00:00
Now we also can make decisions based on
00:00
attributes of a user account or of a resource account.
00:00
For instance, when I create a printer,
00:00
that printer has a location attribute of building 2.
00:00
When I create a user,
00:00
they have the location attribute of building 2.
00:00
When that user goes to print to a printer,
00:00
the print job is sent to
00:00
a printer that's also in building 2.
00:00
That's control based on an attribute.
00:00
A professor could be granted
00:00
attribute to resources based on their tenure,
00:00
we could do this based on location.
00:00
Attribute-based access control is very common today.
00:00
We talked about the main forms of access control, DAC,
00:00
MAC, RBAC, RBAC and ABAC.
00:00
Let me tell you there's also another RBAC
00:00
called rule-based access control.
00:00
Firewalls use rule-based access control.
00:00
Anything using rule-based access control
00:00
uses if-then logic.
00:00
If traffic is from the 10 network then allow it.
00:00
That's rule-based access control as well.
00:00
We talked about these different access control models
00:00
and I would expect that you would need
00:00
to know these for the exam.
Up Next
Instructed By
Similar Content
