12/24/2023 0 Comments Mandatory access control![]() ![]() Hospitals store and process electronic health records (EHRs), which contain medical information about patients. Hospitals are a great example of an entity that needs to employ mandatory access control. ![]() DAC QuizĭAC can't control information flow, so we must use MAC. In mandatory access control, decisions about sharing information are not made at the discretion of the user. To address these problems, we will explore another model for access control: mandatory access control (MAC). Most employers do not leave the decisions about data sharing in the hands of their employees, but rather mandate explicit policies about who can share what. While DAC allows users to control direct access to a file, we can't actually prevent the spread of data contained in that file that is, we can't control the information flow.Īnother problem with DAC is that it doesn't reflect how most organizations treat their data. Charlie now has effective access to the file that Alice didn't want to share with him in the first place. Bob copies the contents into a new file, and shares that file with Charlie. To illustrate the first problem with DAC, let's consider the following scenario.Īlice owns a file and gives read access to Bob, but not to Charlie. In particular, we focused on discretionary access control (DAC), whereby the user who creates a resource is the owner of that resource and can choose to give access to other users. In the last lesson we talked about access control. Mandatory Access Control Discretionary Access Control Cost Benefit Certification Tradeoffs Quiz Solution.Cost Benefit Certification Tradeoffs Quiz.Earning an EAL4 Certification Quiz Solution.Policies for Commercial Environments Part 2.Policies for Commercial Environments Part 1.Like I said in my previous post, pick the low hanging fruit first, there are other things that can be set and almost forgotten and will not break anything, then give mac a try and be sure to check regularly if you have to update the security policy. I'm not using tomoyo now but it can be a nice tool to use when you want to find out what a program is doing. One problem that might be common to both tomoyo and apparmor is that if a program's behavior changes slightly, then things will break in subtle ways and you will only find out when you are short on time and really need things to work, unless you are more lax where you allow programs to have free reign, and then you may be leaving some security whole open. ![]() You will also find that you may need to take into account not only the program itself but also the toolkit it uses and other things like fontconfig. This is where the trouble starts because the config file tomoyo-patternize uses is very bare. Many things can be reduced to a simple rule (image access to a program's config directory). Tomoyo can learn all this by recording what a program accesses, then you want to use an utility (tomoyo-patternize) to reduce the amount of rules. ![]() With tomoyo you can specify if a program is allowed to read/write/unlink/truncate/rename files, mkdir/rmdir directories, which chmod values it can use, which values it can use with chown, if you allow it to use tcp/udp/unix sockets, which ioclts it can use, just to name a few common things that will show up in policy files. I didn't elaborate much on it in my last post because I don't want to discourage anyone from trying it or any other mac system. I don't know about apparmor but tomoyo allows you to get into the nitty gritty details of what each program can do, up to the point where it can get tiresome. Tomoyo does allow you to make permission groups that you can use how many times you want, or you can specify it as global permissions, it all depends on how common certain things are. Tomoyo's syntax can be a little tricky since it requires a good amount of escaping and it can get tiresome after a while so I guess apparmor might be easier in that regard. AppArmor files use a convenient BASH-like syntax, and can have common requirements grouped for easy specification. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |