Sunday 5 June 2011

CISSP CBK 2 Access control

Access Control

Hi every one !!! Cramm sheet for Second domain as ready

A race condition is when processes carry out their tasks on a shared resource in an incorrect order like authorization is done before authentication.

When system rejects an authorized individual, it is called a Type I error (false rejection rate). When the system accepts impostors who should be rejected, it is called a Type II error (false acceptance rate).

CER (Cross Error Rate) where Type I and Type II matches and CER 3 is good then CER 4
Biometrics Process time 5 to 10 minutes

OTP asynchronous is based on challenge/response mechanisms, while synchronous is based on time- or counter-driven mechanisms

Rainbow table An attacker uses a table that contains all possible passwords already in a hash format.

A digital signature is a technology that uses a private key to encrypt a hash value (message digest). The act of encrypting this hash value with a private key is called digitally signing a message

A memory card holds information but cannot process information. A smart card holds information and has the necessary hardware and software to actually process that information.

Fault Generation attach attacker generate the fault and try to figure out how the system behave like in smart card they increase the input voltage

Side channel attack the attacker watches how something works and how it reacts in different situations instead of trying to “invade” it

Kerberose The authentication service is the part of the KDC that authenticates a principal, and the TGS is the part of the KDC that makes the tickets and hands them out to the principals.
TGTs are used so the user does not have to enter his password each time he needs
to communicate with another principal

Kerberos uses tickets to authenticate subjects to objects, whereas SESAME (it is used to address the weakness in Kerberose and uses symmetric and Asymmetric Encryption) uses Privileged Attribute Certificates (PACs),

Three main types of access control models:
discretionary, (Owner gives access to resource) identity based access control
mandatory, (owners dont have control every thing is based upon clerence levels
nondiscretionary (also called role based). (RBAC model is the best system for a company that has high employee turnover)

Controls are implemented to mitigate risk and reduce the potential for loss. Preventive controls are put in place to inhibit harmful occurrences; detective controls are established to discover harmful occurrences; corrective controls are used to restore systems that are victims of harmful attacks.

DAC Data owners decide who has access to resources, and ACLs are used to enforce the security policy.
MAC Operating systems enforce the system’s security policy through the use of security labels.
RBAC Access decisions are based on each subject’s role and/or functional position

Access control matrix Table of subjects and objects that outlines their access relationships
ACL Bound to an object and indicates what subjects can access it
Capability table Bound to a subject and indicates what objects that subject can access
Content-based access Bases access decisions on the sensitivity of the data, not solely on subject identity
Context-based access Bases access decisions on the state of the situation, not solely on identity or content sensitivity
Restricted interface Limits the user’s environment within the system,thus limiting access to objects
• Rule-based access Restricts subjects’ access attempts by predefined rules

Watchdog timers are commonly used to detect software faults, such as a process ending abnormally or hanging
Diameter is a peer-based protocol that allows either end to initiate cnnection.

Administrative Controls
• Policy and procedures
• Personnel controls
• Supervisory structure
• Security-awareness training
• Testing
Physical Controls
• Network segregation
• Perimeter security
• Computer controls
• Work area separation
• Data backups
• Cabling
• Control zone
Technical Controls
• System access
• Network architecture
• Network access
• Encryption and protocols
• Auditing

The seven different access control functionalities are asfollows:
Deterrent Intended to discourage a potential attacker
Preventive Intended to avoid an incident from occurring
Corrective Fixes components or systems after an incident has occurred
Recovery Intended to bring controls back to regular operations
Detective Helps identify an incident’s activities
Compensating Controls that provide for an alternative measure of control
Directive Mandatory controls that have been put in place due to regulations or environmental requirements
threshold = clipping Level
when hacker deletes the audit logs it is known as Scrubbing

Avoid Tempest two solution control Zone by having special material in the walls to contain electrical signals or White Noise uniform spectrum of random electrical signals.

entrapment is illegal where u trap the hacker
Entrancement when you leave a system as a honey pot
Pharming is the DNS poisoning

DAC is implemented and enforced through the use of access control lists (ACLs), which are held in a matrix (access control Matrix). MAC is implemented and enforced through the use of security labels.

In the lattice model, users are assigned security clearences and the data is classified. Access decisions are made based on the clearence of the user and the classification of the object.

Cognitive passwords are fact or opinion-based information used to verify an individuals identity
Due Diligance is for Compliance

A network-based IDS is passive while it acquires data.

Bell-LaPadula model Simple security rule: A subject cannot read data within an object that resides at a higher security level ("No read up" rule).*- property rule: A subject cannot write to an object at a lower security level ("No write down" rule).

Assurance procedures ensure that access control mechanisms correctly implement the security policy for the entire life cycle of an information system.

The position of a bank teller is a specific role within the bank, so you would implement a role-based policy

Kerberose is authentication NOTT authorization service

Soft Control is another way of referring to Administrative control

From most effective (lowest CER) to least effective (highest CER) are: Iris scan, fingerprint, voice verification, keystroke dynamics.

Emanation attacks are the act of intercepting electrical signals that radiate from computing equipment (TEMPEST)


SESAME uses Attribute Certificate (AC) that allows for granular access control . It supports authentication, confidentiality but also authorization. In environment with well defined roles and capability is an issue , SESAME and PERMIS are role based single sign on technologies

Capability is Row in Matrix and ACL is Column in Matrix.

Access control list (ACL) "It [ACL] specifies a list of users [subjects] who are allowed access to each object"
A capability table are used to track, manage and apply controls based on the object and rights, or capabilities of a subject
An access control matrix is a way of describing the rules for an access control strategy.

Discretionary access control is Identity based ACL (widely used in Commercial environment)
MAC is Lattice Based.

Systems accountability depends on the ability to ensure that senders cannot deny sending information and that receivers cannot deny receiving it. Because the mechanisms implemented in nonrepudiation prevent the ability to successfully repudiate an action, it can be considered as a preventive control.

A Subject could be a users, a programs, a print queue, and processes where Objects would be files, directories, devices, windows, and sockets
Padded cells are simulated environments to which IDSs seamlessly transfer detected attackers and are designed to convince an attacker that the attack is going according to the plan.

Principle P1 authenticates to the Key Distribution Center (KDC), principle P1 receives a Ticket Granting Ticket (TGT), and principle P1 requests a service ticket from the Ticket Granting Service (TGS) in order to access the application server P2

The Clark-Wilson model uses separation of duties, which divides an operation into different parts and requires different users to perform each part. This prevents authorized users from making unauthorized modifications to data, thereby protecting its integrity.

Each ticket in Kerberos has a timestamp and are subject to time expiration to help prevent replay attack

In 1973 Bell and LaPadula created the first mathematical model of a multi-level security system.

Biometric devices can be use for either IDENTIFICATION or AUTHENTICATION
ONE TO ONE is for AUTHENTICATION
ONE TO MANY is for IDENTIFICATION

Internal consistency of the information system. ensures that internal data is consistent, the subtotals match the total number of units in the data base. total number of Printers in LAN

External consistency of the information system. External consistency is were the data matches the real world. If you have an automated inventory system the numbers in the data must be consistent with what your stock actually is.

Rule based or role based = Non-Discretionary Access Control (NDAC)
Identity based = DAC

Computer Security Policy Model Orange Book is based is the Bell-LaPadula Model.
Bell LaPadula = Confidentiality , NO READ UP
* STAR (NO Write Down)

ClarkWilson = Program B/W subject and Object/ Separation of Duties


BIBA *STAR = NO Write UP

Twofish encryption to encrypt network traffic thereby evading IDS/IDP detection. Netcat is a utility that can be used to open ports on a compromised host.Cryptcat does this but supports twofish (Schneier) encryption which is not decryptable by an IDS in transit
Static Password token the owner identity is authenticated by the token. An example of this occurring is when an employee swipes his or her smart card over an electronic lock to gain access to a store room. (smart card is like users password something you have)

The hand geometry pattern can be stored in only 9 bytes. Retina pattern uses 96 bytes whereas the fingerprint uses between 0.5 and 1.5 kb and the voice pattern typically uses between 1 and 10 kb.

The principal decrypts the message containing the session key (Kc, tgs) with its secret key (Kc), and will now use this session key to communicate with the TGS principal (sometimes refer to as resource or server) he wishes to access.

The Operations Security domain is concerned with triples - threats, vulnerabilities and assets. (ATV)

The hand geometry pattern can be stored in only 9 bytes
Retina pattern uses 96 bytes whereas the fingerprint uses between 0.5 and 1.5 kb
voice pattern typically uses between 1 and 10 kb

The Take-Grant access control model uses a directed graph to specify the rights that a subject can transfer to an object, or that a subject can take from another subject. The Biba and Clark-Wilson models are integrity models and the Non-interference model is an information flow model.

1 comment:

  1. This is a great review before the exam. Obviously, reading the entire Shron Harris textbook, but brushing up with the key points of this post and practice exam would easy to understand the concept.

    ReplyDelete