ACCESS CONTROL

Exam Information

• Exam Date: Upcoming exam covering material from lectures 10 through 18 will be scheduled after spring break.

• Spring Break: Starts on March 17, which is a Monday.

• Assessment Range: All materials related to the content from lecture 10 to lecture 18 are essential for preparation.

Access Control Overview

• Access Control in Daily Life:

  • Locks on cars and apartments represent practiced access control.

  • Sharing passwords involves access control principles.

Importance of Access Control

• Access control applies to various levels including software, network, and physical security.

• Significant infrastructure is needed to maintain effective access control.

Programming and Code Development

• Issues in programming include reliance on external resources and collaboration without proper consultation of documentation or manuals.

• Mention of adding ChatGPT guidelines into the programming assignments for support.

• Plagiarism Detection:

  • Student codes will be compared across courses for originality.

  • Examples are provided to note the consequences of collaboration on grades.

Access Control Definitions

• National Institute of Standards and Technology (NIST) Definition:

  • Attributed to NIST: It entails granting or denying access based on established policies, which encompasses both physical and digital realms.

Types of Access Control

1. Discretionary Access Control (DAC):

   • Users can grant access to others (e.g., guest accounts).

2. Role-Based Access Control (RBAC):

   • Access permissions based on user roles (e.g., who can change grades).

3. Attribute-Based Access Control (ABAC):

   • Resource management based on predefined attributes

   • Issues regarding public keys and identity must be addressed.

Access Control Elements

Subjects, Objects, Access Rights

• Subjects: Can be users or software running on behalf of users.

• Objects: Resources such as files or applications that need protection.

• Access Rights: Define actions permissible with objects (e.g., read, write, execute).

Authorization Tables

• Tracks who can access what resources. Organized for performance.

• Protection Domains: Set of objects accessible with specific rights.

Historical Context

• Unix Origin: Derived from the Multics project, aiming for a more accessible yet secure operating system.

  • UNIX allows user-level transactions and reinforces access controls.

Access Control Mechanisms

• Access Control Matrix: Used to define relations between subjects and objects, keeping track of access provision.

• Authorization Tables: Maintain detailed records of permissions.

• Access Control Lists (ACLs): Linked lists detailing who has access to what.

• Capabilities: Denote what actions users can take on resources.

Protection Domain in Detail

• Shows how user processes inherit permissions from parent processes.

• User access is governed by authorization levels and capabilities to prevent unauthorized access.

Frameworks for Trust and Security

Identity Credential Management

• Important for verifying users in relation to public key infrastructure to maintain secure communications.

Challenges in Large Organizations

• As user roles change frequently in large companies, access management becomes complex.

• The principle of leaving documentation for future reference is emphasized for personal efficiency.

Summary of Access Control Policies

• Role-Based: Tied to a hierarchy and specific permissions.

• Matrix Management: Involves complex management across different resources.

• Strength of Access Control: Flexibility and ability to adapt roles and permissions according to the environment needs.

Final Notes

• Access control extends into many aspects of computing—understanding its structure and implementation is vital for efficient management and security.