SECURITY MODELS AND ARCHITECTURES

  1. The Trusted Computing Base (TCB) is the total combination of protection mechanisms, including hardware, software, and firmware within a computer system that maintain security.

  2. The reference monitor is an access-control concept referring to an abstract machine that mediates all accesses to objects by subjects.

  3. The security kernel implements the reference monitor concept. The reference monitor concept has the following properties:

    Provides isolation

    Is invoked for every access attempt

    Is impossible to circumvent and be foolproof

    Is complete, verified, and tested

  4. Resource isolation is the process of segmentation so that memory is separated physically, not just logically.

  5. Rings of protection are used to isolate processes. The closer to the center, the more protected the resource. Lower numbers have higher levels of privileges.

  6. Security models define the structure by which data structures and systems are designed to enforce security policy. Common security models include

    Bell-LaPadula Enforces confidentiality and uses three rules: the simple security rule, the * property, and the strong star rule.

    Biba Integrity model that has two basic rules: "no write up" and "no read down."

    Clark-Wilson Integrity model with three goals: maintaining consistency, preventing unauthorized access, and preventing improper modification. Makes use of an access triple through a restricted interface.

    Noninterference Prevents a subject or process from one sensitivity level from affecting subjects or process at other sensitivity levels.

  7. State machineSystems that operate in this mode are in a secure state upon bootup, during operation, and for each operation performed.

Related

Категории