Which of the following describes a distinction between Kerberos and sesame?
Logical or technical controls involve the restriction of access to systems and the protection of information. Which of the following statements pertaining to these types of controls is correct?
A. Examples of these types of controls include policies and procedures, security awareness training, background checks, work habit checks but do not include a review of vacation history, and also do not include increased supervision. B. Examples of these types of controls do not include encryption, smart cards, access lists, and transmission protocols. C. Examples of these types of controls are encryption, smart cards, access lists, and transmission protocols. D. Examples of these types of controls include policies and procedures, security awareness training, background checks, work habit checks, a review of vacation history, and increased supervision. The purpose of access control is to allow authorized users access to appropriate data and deny access to unauthorized users and the mission and purpose of access control is to protect the confidentiality, integrity, and availability of data. Access control is performed by implementing strong technical, physical and administrative measures. Access control protect against threats such as unauthorized access, inappropriate modification of data, loss of confidentiality. Show
Basic concepts of access controlCIA triad and his opposite (DAD) – see (My) CISSP Notes – Information Security Governance and Risk Management A subject is an active entity on a data system. Most examples of subjects involve people accessing data files. However, running computer programs are subjects as well. A Dynamic Link Library file or a Perl script that updates database files with new information is also a subject. An object is any passive data within the system. Objects can range from databases to text files. The important thing remember about objects is that they are passive within the system. They do not manipulate other objects. Access control systems provide three essential services:
Access control modelsDiscretionary Access Control (DAC)Discretionary Access Control (DAC) gives subjects full control of objects they have been given access to, including sharing the objects with other subjects. Subjects are empowered and control their data. Standard UNIX and Windows operating systems use DAC for filesystems.
Major disadvantages of DAC include:
Mandatory Access Control (MAC)Mandatory Access Control (MAC) is system-enforced access control based on subject’s clearance and object’s labels. Subjects and Objects have clearances and labels, respectively, such as confidential, secret, and top secret. A subject may access an object only if the subject’s clearance is equal to or greater than the object’s label. Subjects cannot share objects with other subjects who lack the proper clearance, or “write down” objects to a lower classification level (such as from top secret to secret). MAC systems are usually focused on preserving the confidentiality of data. In MAC, the system determines the access policy. Common MACs models includes Bell-La Padula, Biba, Clark-Wilson; for more infos about these models please see : (My) CISSP Notes – Security Architecture and Design . Major disadvantages of MAC control techniques include:
Access control administrationAn organization must choose the type of access control model : DAC or MAC. After choosing a model, the organization must select and implement different access control technologies and techniques. What is left to work out is how the organization will administer the access control model. Access control administration comes in two basic flavors: centralized and decentralized. Centralized access models systems maintains user account information in a central location. Centralized access control systems allow organizations to implement a more consistent, comprehensive security policy, but they may not be practical in large organizations. Exemples of centralized access control systems and protocols commonly used for authentication of remote users:
Decentralized access control allows IT administration to occur closer to the mission and operations of the organization. In decentralized access control, an organization spans multiple locations, and the local sites support and maintain independent systems, access control databases, and data. Decentralized access control is also called distributed access control. Access control defensive categories and typesAccess control is achieved throughout an entire et of control which , identified by purpose, include;
These access control types can fall into one of three categories: administrative, technical, or physical.
Preventive controls prevents actions from occurring. Detective controls are controls that alert during or after a successful attack. Corrective controls work by “correcting” a damaged system or process. The corrective access control typically works hand in hand with detective access controls. After a security incident has occurred, recovery controls may need to be taken in order to restore functionality of the system and organization. The connection between corrective and recovery controls is important to understand. For example, let us say a user downloads a Trojan horse. A corrective control may be the antivirus software “quarantine.” If the quarantine does not correct the problem, then a recovery control may be implemented to reload software and rebuild the compromised system. Deterrent controls deter users from performing actions on a system. Examples include a “beware of dog” sign: A compensating control is an additional security control put in place to compensate for weaknesses in other controls. Here are more clear-cut examples: Preventive
Detective
Deterrent
Authentication methodsA key concept for implementing any type of access control is controlling the proper authentication of subjects within the IT system. There are three basic authentication methods:
Biometric Enrollment and ThroughputEnrollment describes the process of registering with a biometric system: creating an account for the first time. Throughput describes the process of authenticating to a biometric system. Three metrics are used to judge biometric accuracy:
Types of biometric controlFingerprints are the most widely used biometric control available today. A retina scan is a laser scan of the capillaries which feed the retina of the back of the eye. An iris scan is a passive biometric control. A camera takes a picture of the iris (the colored portion of the eye) and then compares photos within the authentication database. In hand geometry biometric control, measurements are taken from specific points on the subject’s hand: “The devices use a simple concept of measuring and recording the length, width, thickness, and surface area of an individual’s hand while guided on a plate.” Keyboard dynamics refers to how hard a person presses each key and the rhythm by which the keys are pressed. Dynamic signatures measure the process by which someone signs his/her name. This process is similar to keyboard dynamics, except that this method measures the handwriting of the subjects while they sign their name. A voice print measures the subject’s tone of voice while stating a specific sentence or phrase. This type of access control is vulnerable to replay attacks (replaying a recorded voice), so other access controls must be implemented along with the voice print. Facial scan technology has greatly improved over the last few years. Facial scanning (also called facial recognition) is the process of passively taking a picture of a subject’s face and comparing that picture to a list stored in a database. Access control technologiesThere are several technologies used for the implementation of access control. Single Sign-On (SSO) allows multiple systems to use a central authentication server (AS). This allows users to authenticate once, and then access multiple, different systems. SSO is an important access control and can offer the following benefits:
The disadvantages of SSO are listed below and must be considered before implementing SSO on a system:
SSO is commonly implemented by third-party ticket-based solutions including Kerberos, SESAME or KryptoKnight. Kerberos is a third-party authentication service that may be used to support Single Sign-On. Kerberos uses secret key encryption and provides mutual authentication of both clients and servers. It protects against network sniffing and replay attacks. Kerberos has the following components:
Kerberos provides mutual authentication of client and server.Kerberos mitigates replay attacks (where attackers sniff Kerberos credentials and replay them on the network) via the use of timestamps. The primary weakness of Kerberos is that the KDC stores the plaintext keys of all principals (clients and servers). A compromise of the KDC (physical or electronic) can lead to the compromise of every key in the Kerberos realm. The KDC and TGS are also single points of failure. SESAME is Secure European System for Applications in a Multi-vendor Environment, a single sign-on system that supports heterogeneous environments. “SESAME adds to Kerberos: heterogeneity, sophisticated access control features, scalability of public key systems, better manageability, audit and delegation.”20 Of those improvements, the addition of public key (asymmetric) encryption is the most compelling. It addresses one of the biggest weaknesses in Kerberos: the plaintext storage of symmetric keys. Assessing access controlA number of processes exist to assess the effectiveness of access control. Tests with a narrower scope include penetration tests, vulnerability assessments, and security audits. Penetration testsPenetration tests may include the following tests:
A zero-knowledge (also called black box) test is “blind”; the penetration tester begins with no external or trusted information, and begins the attack with public information only. A full-knowledge test (also called crystal-box) provides internal information to the penetration tester, including network diagrams, policies and procedures, and sometimes reports from previous penetration testers. Penetration testers use the following methodology:
Vulnerability testingVulnerability scanning (also called vulnerability testing) scans a network or system for a list of predefined vulnerabilities such as system misconfiguration, outdated software, or a lack of patching. A vulnerability testing tool such as Nessus (http://www.nessus.org) or OpenVAS (http://www.openvas.org) may be used to identify the vulnerabilities. Security auditA security audit is a test against a published standard. Organizations may be audited for PCI (Payment Card Industry) compliance, for example. PCI includes many required controls, such as firewalls, specific access control models, and wireless encryption. What is the difference between identity management and access management?The difference between identity management and access management is thus: Identity Management is about managing the attributes related to the user. Access Management is about evaluating the attributes based on policies and making Yes/No decisions.
Which of the following is a weakness in Kerberos implementations?The main weakness of the Kerberos protocol is that all authentication tokens passed by it have a lifespan. As such, any network using the Kerberos protocol for authentication must ensure that the clocks on all systems are synchronized using a protocol such as the Network Time Protocol (NTP).
What is the primary purpose of Kerberos?Kerberos is a computer network security protocol that authenticates service requests between two or more trusted hosts across an untrusted network, like the internet. It uses secret-key cryptography and a trusted third party for authenticating client-server applications and verifying users' identities.
Which one of the following is best described as an access control model that focuses on subjects and identifies the objects that each subject can access?1. Which of the following is best described as an access control model that focuses on subjects and identifies the objects that each subject can access? C. Capability tables list the privileges assigned to subjects and identify the objects that subjects can access.
|