CYBR 7300: Ch 8
Trusted computer system evaluation criteria (TCSEC)
-A deprecated (no longer used) DoD system certification and accreditation standard that defined the criteria for assessing the access controls in a computer system. -also known as the rainbow series due to the color coding of the individual documents that make up the criteria
Describe the dominant InfoSec management models, including national and international standards-based models
-ISO 27000 -NIST SP 800 -COBIT 5 -COSO -ITIL -InfoSec Governance Framework
NIST SP 800
-Infosec management model that has been cited by the U.S. government -publicly available at no charge -have been available for some time; thus, they have been broadly reviewed by government and industry professionals
storage channels
-a covert channel that communicates by modifying a stored object -example: steganography
timing channels
-a covert channel that transmits information by managing relative timing of events -example; in a system that places a long pause between packets to signify a 1 and a short pause between packets to signify a 0
Brewer-Nash Model (Chinese Wall)
-access control model designed to prevent a conflict of interest between two parties -example: a law firm represents 2 clients who are involved in a car accident. one sues the other & the firm has to represent both. to prevent a conflict of interest, the individual attorneys should not be able to access the private information of both litigants.
Harrison- Ruzzo-Ullman model
-access control model that allows changes to access rights and the addition and removal of subjects and objects. the BLP process does not allow this. -based on an access control matrix and includes a set of generic rights and a specific set of commands which include: -Create subject/create object -Enter right X into -Delete right X from -Destroy subject/destroy object
Graham-Denning Access Control Model
-access control model with 3 parts 1. set of objects 2. set of subjects 3. set of rights -subjects are composed of 2 things: a process and a domain -has 8 primitive protection rights 1. Create object 2. Create subject 3. Delete object 4. Delete subject 5. Read access right 6. Grant access right 7. Delete access right 8. Transfer access right
ITIL
-an infosec management model -"Information technology infrastructure library" -a collection of methods and practices for managing the development and operation of IT infrastructures.
COSO
-an infosec management model -Committee of Sponsoring Organizations -security control based model with an objective to identify the factors that cause fraudulent financial reporting and to make recommendations to reduce its incidence.
COBIT 5
-an infosec management model -Control Objectives for Information and Related Technology -this framework is the only business framework for the governance and management of enterprise IT.
InfoSec Governance framework
-an infosec management model -provides guidance in the development and implementation of an organizational infosec governance structure and recommends the responsibilities that various members should have toward an organization
access control methodologies
-directive -deterrent -preventative -detective -corrective -recovery -compensating
Clark-Wilson Integrity Model
-model built upon principles of change control rather than integrity levels. -was designed for the commercial environment -principles: 1. no changes by unauthorized subjects 2. no unauthorized changes by authorized subjects 3. the maintenance of internal and external consistency -this model establishes a system of subject-program-object relationships such that the subject has no direct access to the object
Bell-LaPadula (BLP) confidentiality model
A confidentiality model or "state machine reference model" that ensures the confidentiality of the modeled system by using MACs, data classification, and security clearances. -a model of an automated system that is able to manipulate its state or status over time
security clearance
A personnel security structure in which each user of an information asset is assigned an authorization level that identifies the level of classified information he or she is "cleared" to access.
Biba integrity model
A state machine access control model that is similar to BLP and is based on the premise that higher levels of integrity are more worthy of trust than lower levels.
Lattice-based access control (LBAC)
A variation on the MAC form of access control, which assigns users a matrix of authorizations for particular areas of access, incorporating the information assets of subjects such as users and objects.
framework / security model
In infosec, a specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls, including infosec policies, security education and training programs, and technological controls. -describes what the end product should look like
least privilege
The data access principle that ensures no unnecessary access to data exists by regulating members so they can perform only the minimum data manipulation needed. -implies a need to know.
Separation of duties
The information security principle that requires significant tasks to be split up so that more than one individual is required to complete them.
need-to-know
The principle of limiting users' access privileges to only the specific information required to perform their assigned tasks.
Trusted Computing Base (TCB)
Under TCSEC, the combination of all hardware, firmware, and software responsible for enforcing the security policy.
mandatory access controls (MAC)
a required, structured data classification scheme that rates each collection of information as well as each user -these ratings are often referred to as sensitivity or classification levels
Explain why access control is an essential element of InfoSec management
access control is maintained by a means of a collection of policies, programs to carry out those policies, and technologies that enforce policies. -all of which are controlled by management
discretionary access controls (DACs)
access controls that are implemented at the discretion or option of the data user
nondiscretionary controls
access controls that are implemented by a central authority
information technology system evaluation criteria (ITSEC)
an international set of criteria for evaluating computer systems
Common Criteria for Information Technology Security Evaluation ("CC")
an international standard (ISO/IEC 15408) for computer security certification that is considered the successor to TCSEC and ITSEC
blueprint
in infosec, a framework or security model customized to an organization including implementation details -includes information on how to get to the end product
capabilities table
in lattice-based access control (LBAC), the row of attributes associated with a particular subject (such as a user)
ISO 27000
infosec management model intended to provide a common basis for developing organizational security standards and effective security management practice and to provide confidence in inter-organizational dealings
access controls
the selective method by which systems specify who may use a particular resource and how they may use it -processes 1. identification 2. authentication 3. authorization 4. accountability
covert channels
unauthorized or unintended methods of communications hidden inside a computer system -includes storage channels and timing channels
reference monitor
within TCB, a conceptual piece of the system that manages access controls -in other words, it mediates all access to objects by subjects