Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
16 views15 pages

Lecture 2

The document outlines various approaches to computer system security, including data encryption, firewalls, intrusion detection systems, and authentication techniques. It details the authentication process, types of authentication protocols, and access control methods such as mandatory, non-discretionary, and discretionary access controls. Additionally, it explains the access matrix model, which defines user permissions and resource access within an organization.

Uploaded by

naxoga5148
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
16 views15 pages

Lecture 2

The document outlines various approaches to computer system security, including data encryption, firewalls, intrusion detection systems, and authentication techniques. It details the authentication process, types of authentication protocols, and access control methods such as mandatory, non-discretionary, and discretionary access controls. Additionally, it explains the access matrix model, which defines user permissions and resource access within an organization.

Uploaded by

naxoga5148
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

UNIT-I

Subject Name : System Security


Subject Code : TCS-591
Different approaches to computer system security

• Use of data encryption

• Use of a firewall

• Use of Intrusion detection system

• Use of authentication and access control techniques


Use of authentication and access control techniques

Authentication:
• The process of proving or showing something to be true, genuine,
or valid.
• The action of verifying the identity of a user (or process, sender).
Authentication procedure
Authentication procedure

Types:
• 1-Factor authentication protocol
• 2-Factor authentication protocol
• 3-Factor authentication protocol
Authentication procedure

• Positive verification of identity (man or machine)

• Verification of a person’s claimed identity

• Who are you? Prove it.

• It has three categories:

• What you know (i.e., password)

• What you have (i.e., smart card)

• Who you are (i.e., biometric data-finger prints etc.)


Access Controls

• Access controls are explicitly used to address a user’s admission


into a trusted area of the organization.
• Putting restrictions on the invalid user.
Access Matrix

● The access matrix model is the policy for user authentication,


and has several implementations such as access control lists
(ACLs) and capabilities.
● It is used to describe which users (subject) have access to what
resource (objects).
Access Matrix

The access matrix model consists of four major parts:


I. A list of objects
II. A list of subjects
III. A function T which returns an object’s type
IV.The matrix itself, with the objects making the columns and the
subjects making the rows
Example of Access Matrix

Subjects (i.e., user)


Objects (i.e., some file)
Operations (i.e., read, write)
Can determine
– Who can access an object
– What objects can be accessed by a subject
– What operations a subject can perform on an object
Access controls types:

Mandatory access controls (MAC)


• Give users and data owners limited control over the access to
information.
• MAC is more commonly utilized in organizations that require an
elevated emphasis on the confidentiality and classification of data
(i.e., military institutions).
2. Non discretionary controls

• Role based access control (RBAC): Users are assigned to a


particular role.
• For example, an accountant in a company will be assigned to the
Accountant role, gaining access to all the resources permitted for all
accountants on the system.
• Similarly, a software engineer might be assigned to the developer
role.
3. Discretionary access controls (DAC)

• Unlike Mandatory Access Control (MAC), access to system


resources is controlled by the operating system (under the control of
a system administrator).
3. Discretionary access controls (DAC)

● DAC allows each user to control access to their own data.


● DAC is typically the default access control mechanism for most
desktop operating systems.
● For example, User A may provide read-only access on one of
her files to User B, read and write access on the same file to
User C and full control to any user belonging to Group 1.

You might also like