Notes 20110228 CIS 6650 Computer Security
From SnOwy - Ed's Wiki Notebook
This is the first class after the break.
Contents |
DB Security Mechanisms
Last class ...
- access control
- MAC -- mandatory access control
- DAC -- descretionary ...
- role-based access control
- flow control
- inference control
- encryption
Levels of MAC
Bell-LaPadula Model: You can read down and you can write up
- top secret
- secret
- classified
- unclassified
Polyinstantiation
Multilevel Relation and Polyinstantiation
- in databases, a record can appear twice -- fields are obscured based on the security clearance
- example: in our department, the chair's secretary actually has the highest security clearance
Multilevel Data Bases
- what about making a backup under the Bell-LaPadula model?
- the *-property poses a problem -- must be able to read and write all records
- two choices:
- process cleared at high level, cannot write to lower level
- can only write up however
- OR the process must be a trusted process (this is an exception to the Bell-LaPadula model)
- different users with different clearances will not see the same data
DB Security Mechanisms
- access control
- MAC/DAC etc.
- flow control
- knowing when data will be transferred
- inference control
- protect the data when it is being queried
- must prevent a query from defeating encryption -- accessing more data than is allowed
- encryption
Flow Control
- checks information -- should not flow into less protected objects
- covert channel -- allows information to pass from higher to lower classification level
- forces driving database compliance efforts -- requirements ...
- data lives in Db apps (90%+)
- privacy, confidentiality
- integrity
- increasingly focused attacks
- directly in applications (75%)
- including insiders (80% +)
- financially motivated
- demand for pervasive access
- by anyone
- to any application
- increasingly direct
dBs are under attack
- Jan 2005 ~ March 2008
- affected records 223 million
- financial, governmental, universities etc.
- losses are rising
Combining compliance and dB security
- address risk from inside and outside
- outsourcing is dangerous if we don't check what we get back
- risk mitigation ...
- key benefits: successful, predictable audit performance
- document known vulnerabilities, known risks
- well-defined roles, responsibilities for IT personnel
- regular review of user activity
- audit -- if the attacks are originating from insiders
- alerting of suspicious activity
- policies should be up to date -- everyone must understand technology
Inference Control
- can queries reveal more data than they are supposed to?
- example: if the president's salary were not published, how can we get this number?
- statistical function -- MAX(salary)
- consider -- permitting user 'x' to access data 'y'
- availability of data
- acceptability of access
- assurance of authenticity of user
- types of disclosure of sensitive data ...
- inference problem
- infer, derive sensitive data from non-sensitive (seemingly) unrelated data
- direct attack -- a query with additional garbage "|" conditions that are always false
- indirect attack -- you know some other values and SUM() is used to find the remainder
- indirect attack -- you know there to be only one person matching some criterion -- the AVERAGE(salary) is their salary
- solution
- no statistical queries permitted if number of tuples smaller than certain number
- prohibit sequence of queries referring to same tuples repeatedly
- partition database into groups of certain size ...
Role-Based Access Control
- mandatory access control rigid -- security class assigned to each subject and data object
- real world
- access privileges associated with role of person in organization
- e.g. bank teller
- role is created -- grant/revoke privileges
- users granted/revoked roles
Identity Theft
from RCMP website
- recent law -- January 8, 2010 (Senate Bill S-4)
- illegal to possess another person's identity information for criminal purposes
- identify theft techniques
- dumpster diving
- mail theft
- more elaborate schemes
- technology -- mainly internet
- keyloggers
