Materials

You can use the L17 slides (pdf) to take notes. L17 annotated slides (pdf) from lecture have my drawings.

Please see piazza@439 for a link to the recorded video.

Summary

Authorization is what happens after authentication.

1. Principle-Subject-Object: what are these? how are they used to make authorization decisions?

2. There are two main types, discretionary access control and manditory access control.

3. Within discretionary systems, there are ACLs, unix-style permissions, and also capability-based systems. Whereas an ACL corresponds to setting the “columns” of an access control matrix, a capability-based system corresponds to setting the “rows” of the matrix.

4. There are many advantages of a capability-based system. (Know them). Android and IOS use this model.

5. However, DACs still have simple failure cases. High-security systems need to implement manditory access control. The Bell-Lapadula (BPL) model is the basis for such MAC systems: “no read up, no write down.” Understand how this model works. How can it be used to implement a need-to-know policy? BPL only provides confidentiality; the corresponding Biba model implements integrity in a MAC. How does it work?

6. Introduce a new failure of operation: the social engineering attack.