CSIT-460 Computer Security Lecture 3

Flashcards for Computer Security Lecture 3

What is the Trusted Computing Base (TCB)?

The foundation of system security, including all critical hardware, software, and firmware. If compromised, the entire system's security is at risk. A smaller, simpler TCB is better.

What did Saltzer and Schroeder do in the 1970s?

They worked on Multics and realized the need for clear security principles to keep information safe when building computer systems.

Name the Ten Security Principles.

Economy of mechanism, Fail-safe defaults, Complete mediation, Open design, Separation of privilege, Least privilege, Least common mechanism, Psychological acceptability, Work factor, Compromise recording.

Explain the Economy of Mechanism principle.

Keep security mechanisms as simple and small as possible to reduce the risk of errors and vulnerabilities.

What are fail-safe defaults?

Access to a system or information is denied by default unless explicitly allowed. If something goes wrong, block access rather than allow it.

What does complete mediation entail?

Every access to every resource must be checked for proper permissions every time, without assuming prior access grants continued access.

Why is open design important for security?

Transparency, stronger security, and community trust. Security should not rely on keeping the design or implementation secret.

What does separation of privilege mean?

Security is stronger when access or actions require multiple, independent conditions to be met, not just one. Makes it harder for attackers to gain unauthorized access. Reduces single point of failure

Explain the principle of least privilege.

Grant each user or program only the minimum set of privileges needed to perform its task, nothing more. Limits damage and reduces the attack surface.

Why is psychological acceptability important in security?

Security features and user interfaces should be easy to understand and fit users’ expectations. If not, users will make mistakes or avoid security features.

What is the work factor principle?

The strength of a security measure should be judged by how much effort or resources an attacker must spend to bypass it, compared to what they gain.

Why is compromise recording & detection vital?

Prevention alone isn’t enough. Detecting and recording incidents is critical for strong security, defense in depth, intrusion detection, situational awareness and audit logs.

Describe the least common mechanism principle.

Minimize the sharing of mechanisms (resources, code, or data) between users or processes to reduce security risks.

What is Access Control in computer systems?

Ways to protect sensitive resources and information by deciding who can access what.

Name four tools for access control.

Access control matrices, access control lists (ACL), capabilities, and role-based access control.

Describe Access Control Matrices.

Tabular model that maps the relationships between subjects and objects, specifying permissions. Provides a comprehensive overview of a system's security state with, granular control, and easy auditing of access rights

What is an Access Control List (ACL)?

A security mechanism that specifies a list of subjects and defines what operations each subject is permitted to perform on an object.

What is the tool capabilities?

A capability system uses a subject-centered approach to access control.It maintains a list of objects that the subject can access, along with the specific rights for each resource.

Describe Role-Based Access Control

Assign permissions to roles, not individuals. Users are then assigned to roles, inheriting the permissions associated with those roles. This simplifies permission management

What are Access Control Policies?

Define how access rights are granted, managed, and enforced within an organization or system to protect sensitive resources.

Name four main types of Access Control.

Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), Rule-Based Access Control.

Describe Discretionary Access Control (DAC).

The owner of a file or resource decides who else can access it and what they can do. Most common in operating systems like Linux and Windows.

What is Mandatory Access Control (MAC)?

A central administrator sets all access rules, not the users themselves. Found in environments needing strict security, like military or government systems.

Describe Role-Based Access Control (RBAC).

Access is based on your role or job in an organization, not on individual permissions. Common in businesses, universities, and cloud services.

Describe Rule-Based Access Control (RuBAC).

Access to resources is determined by a set of rules defined by administrators, rather than by user identity or role.

What is s3:GetObject and s3:ListBucket?

s3:GetObject is downloading or reading files from the bucket and s3:ListBucket listing the files in the bucket

What are Unix file permissions?

Provide a foundational, simplified form of access control, specifying who can read, write, or execute each file or directory. Simplified version of Access Control List (ACL)

Name Three User Classes of Unix File Permissions.

Owner, Group, Others (All)

Name The Permission Types of Unix File Permissions.

Read (r), Write (w), Execute (x).

What happens when accessing a file in Unix?

The system checks if you are the owner (applies owner permissions). If not, checks if you belong to the group (applies group permissions). Otherwise, applies 'others' permissions. Only one class’s permissions apply per operation; the checks are mutually exclusive

Describe Windows File Permissions.

A robust permissions system to control access to files and folders. Allows administrators to specify exactly which users or groups can access an object, and what actions they can perform.

What are the standard permission types for files and folders in Windows?

Full Control, Modify, Read & Execute, List Folder Contents, Read, Write.