Role Based Access Control

Published Date: 02 Nov 2017

For decisions perspective policy is a basic principle normally used to guide decisions or mechanisms. Set of goals & policies are done through the set of actions called mechanisms. The surety of the mechanism enforceability that it is working according to their defined policy in relation to the policy & mechanism is called assurance.

Define Confidentiality, Integrity, and Availability?

Confidentiality, Integrity, and Availability are three basic pillars as well as important aspects of information security. With the help of confidentiality you can get surety that your information is fully safe through the access of unauthorized person. Integrity provide surety that your information is original it is not modified or copied by unauthorized person. The ease access of information at any place at any time is called Availability.

What is Authentication?

Authentication is a process in which you will give right to authorized person to access the information through username & password. More than 80% security based agencies, firm’s offices and websites providing companies are using authentication process for security reasons.

Open and closed world models for security

Open & closed world model are basically too different or opposite concepts in information security system. In Open world model it gives access to all users unless its permission is dangerous to all according to the defined policy & mechanism. And close world system is working opposite to the open world model it is closed for all unless its rules its rules & mechanism gives permission to all for accessing it.

Accountability

Accountability is a process in which all the actions, logs & activities of the users are monitor for the future investigation or rollback purpose. Normally the record of all these kind of information is stored in database.

Multi-level Security (MLS)

For security prospective many types of mechanism are implemented. The basic purpose of these mechanisms are how much data is in access of the user & how much data he/she is using of the system on daily, weekly or monthly basis.

Discretionary Access Control (DAC)

The Discretionary Access Control (DAC) is a feature in which the access of information its logs its criteria how much you can access how many you can access all of these kind of aspects are defined by the owner.

Mandatory Access Control (MAC)

The Mandatory Access Control (MAC) is feature in which the access of information its logs its criteria how much you can access how many you can access all of these kind of aspects are defined by the owner. But the permission of all these are only authorized to the user after the Security clearance of the user.

Context-based Access Control (CBAC)

The Context-based Access Control is a feature defined by the owner or other senior authorities. In this procedure they designed a context in which all the terms of the data access are defined if someone want to access the data & context has this kind of information then he/she can do that otherwise system will deny the access of user. In CBAC all the object you can only access if they are in application level context.

Role-based Access Control (RBAC)

The Role-based Access Control (RBAC) is a feature in which access to the objects is only for the authorized users. And now Extends MAC has also introduced in which the access rules & its criteria are determined by the role defined by the owner.

Fine-grained Access Control (FGAC)

The Fine-grained Access Control (FGAC) is a feature allowable only for the highly & fully applicable customized solution. They cannot scale the entries of logs & access. In which the access of objects can happened on the per object cell or on the tube criteria of the procedure.

Poly-instantiation

Poly-instantiation is a concept to terminate the roles of access to the data for the user’s means user has access to the data other than those tuples which he can access according to the roles. Normally it is violation of the roles but it is most important for the lower roles to get the confidentiality of data.

Access Control in Relational Database Systems.

What features in SQL help to support DAC? Are there any limitations?

There are several types of commands like Revoke, Grant & create command that provide help to support to the SQL with DAC. The access to the object is done through the Grant Command. The granting access to the other subject is the authority of the same subject. The revoking process of grant access issue is possible through to the Revoke Command. There are some drawbacks of the revoke command also like it has dependence on both cascading and non-cascading scenario. The authority of the owner into an object is emphasize through the ease & most useful create command. He can also shift his access to other subject for accessing specific object through grant command. SQL features has a limitation called latter for example if one subject will get the grant to access the object then he can copy the object & misuse it through select command after changing the name by showing the authority as an owner over the object. The prevention of this kind of drawback is most important now days.

Where is MAC used? How effective is it in corporate and military environments?

The centralization of security policy is commonly possible due to the usage of MAC. It is often useful into many environments. It is also useful for military sector as well as for corporate purpose. In Corporate MAC is useful while giving security label to the class of students to access the information about the class in student information system. and in military MAC is useful because there is multiple system implemented for information security reasons.

Explain the need for different security models in modern applications (hint: see the introduction to section 3 of the paper).

The sharing of data & information between the users is now become more challenges because of some latest & most useful applications like dropbox, groveshark, google docks, twiter & linkdin. All the new applications are handling fully complex and lengthy coded media to access the objects & also data mining they are all uses the evaluated security models.

In most of the software they are using centralized highly scalable online service like dropbox etc. in the other hand some of the applications are giving services to update the docks at a time by the several users like in Google docks. All these applications has synchronized methodologies implemented to share the data between the different users with full data integrity. Twitter sends the information to the other user without the authenticity of the user. So in many cases of the centralized information sharing environment the permission of the data cannot be applied.

Outline the kinds of modern applications that force new security models (hint: See section 3 introduction).

All the new applications which are dealing with most complex multimedia data object according to their need and requirement they are all need to implement new security model with updated features. Like some of most usable applications faces that challenges because while adding the data users also updating the record, deleting the record & want to access the record simultaneously. Some example of these software’s are Some Examples are drop box, grooveshark, twitter and Google docs.

The paper claims that there is "increasing disintermediation" in data accesses. What does this really mean in terms of secure database systems?

When the data is not accessed by the employees of the organization anymore is called Disintermediation & sometime when the data is less often using also meaning that same. It is just because of Ecommerce online banking or other internet based transactions. After the advancement in online banking & ecommerce system required more system level security as well as for the information security reasons because users are doing their self transactions they have full access on it so system is protecting the record of all users.

IV. Miscellany

How are privacy and security different from each other?

The data protection from the unauthorized users is called security. Data encryption algorithms are implemented to provide the security to the data. And in the other hand privacy is that while you will ensure that the data is used only for the assigned purpose or someone misusing it etc. there are some mechanisms to implement for preventing the unauthorized access of data. Normally both security & privacy working for the same means they are providing data confidentiality.

Briefly explain the significance of System R in terms of security in modern database systems.

Non-cascading revokes operation & negative authorization are the basic significance of the system R.

Negative Authorization: Negative authorization is most useful now a days we will take an example of credit card, when user make a transaction then the system check the information of the credit card with all dismiss credit card if it will not match with any of them then you can make the transaction. The authorization authority can issue authorization to all the subject of the groups then he can also give Negative Authorization to that subject who does not have the authorized authority to access that object by using denials-take-precedence policy. With the help of Negative Authorization we can get security to the data so unauthorized authority cannot access it. This providing helps to prevent from that kind of big problems. Let suppose we will explain it through an example here we have one subject that has authorized authority to access an object he is giving authority to access that object to someone else subject. When we will revoke the authorization of the subject to access the object then what will be the result of next authorization through that object which he has allowed.

What vulnerabilities are typically displayed by an insecure database system? How can these vulnerabilities be addressed using practical methods in a real world environment?

There are so many vulnerabilities in insecure database like encryption of the information. In most of the cases information is not encrypted in it anyone else can read copy & misuses it. The huge amount of processing power required to encrypt the data of the database. That’s why this vulnerability is becoming more harmful because someone is getting access on the DB more then he need & more then he authorized so he can easily misuse it.

4005-774, Winter 20122

based on

Ben Natan, Chapter 1; the Jajodia and Yu paper; Abrams, Essays 1 and 2; and Lectures

Ron BenNatan, "Implementing Database Security and Auditing," Elsevier Digital Press, 2005.

Related website: http://www.ibm.com/software/data/guardium/

I. Ben Natan: Getting Started

Why do you think Ben Natan claims that databases hold an enterprise’s crown Jewels? Explain whether you agree or not.

The process of decision making & analyzing the environment can be cause of improvement of the organization. The decision making process is also helpful to handle data store in the database. Information Technology improving day by day & playing a big role for the development of the organizations and for that purpose database is playing a role as a backbone of IT. It is providing facility to store all the information of the organizations as a backup.

Using Ben Natan, outline a few major issues that need to be dealt with when hardening each of the following DBMS environments: (a) Oracle, and (b) MS SQL Server. Has anything changed in terms of hardening since the publication of the Ben Natan book?

If you want to use any type of Database for your organization then there are some most important aspects like OS of the DB environment should be fully secured & its physical environment should also be fully protected.

There are some Basic Directories of the Oracle & MS-SQL.

in the Natan’s book:

Oracle:

Always use directory of 700 permissions as temporary install directory (avoid /tmp) for UNIX environments.

Separate Account for each db are more reliable as compare to the installation of Oracle on an AD Domain Controller.

Remove all the unused accounts also lock the default accounts of owner.

Your installed features should be according to your requirement the verification of required features also most important.

Natan mentions in the book’s list that all the other important revisions must be according to the files permissions.

MS-SQL:

For the Windows OS and SQL Server. The installation of available service packs and hot fixes for MS-SQL is very important.

All the appropriate permissions should be configured & Install the SQL Server in NTFS.

Changing process of SA user Password & deletion of all sample user accounts and databases vis also most important.

There should be no any type of NULL password in the db.

Audit Tasks are also most important for the verification of developer’s access & for other security based issues.

How can we ensure that the DBMS is running in a consistent overall secure Environment?

The Database system should be fully secured as all the other layers are depending on it. There should be a good physical space & all the security controls are available for the better performance & secure information storage of the db. There should be good electricity, temperature and humidity system, all access control to

The area & fire and intrusion alarms, security settings &file-system permissions with recent hotfixes installed,

etc. A third layer can be an adequate network configuration that keeps the server unreachable.

Third layer provide help to reach the reachable to the internet so the security of this layer is also most important as well.

Provide an example of how buffer overflows may make databases vulnerable?

In programming language when reference to an array element or stack is override its values then it caused Buffer overflows vulnerability. It is only oriented by programming errors so it is available commonly in all software having complex functionality. It can allow to local user to become system root in Database.

Explain the terms C2 Security and C2 Auditing. Are they important? Why or why not?

C2 Security:

If the database system is capable to implement user Logs its credentials, Tracking of system actions, user has access to manage all his assigned objects and all the other settings then the system dictate C2 security system. It is secured through C2 Security.

C2 Auditing:

In SQL Server Management Studio C2 Audit mode can be configure through the c2 Audit Mode. With the help of c2 audit system will save all the failed and successful attempts to access statements and objects. This will provide help for the security prospective.

II. General Security Concepts (Refer to Abrams Essays 1 and 2; Jajodia and Yu;

Lectures)

Explain the notation of a security policy. How is a security policy enforced? What are the guarantees available that the policy is enforced? Why should a security policy be general for it to be useful?

World has developed a lot so security policy having lot of importance for each organization. A security policy is some rules & condition based on the sensitive information protection. Normally all organizations has their own security policy but the most complicated thing is the implementation of this policy in organization. The initial steps are

solve all the computer based problems

implementation of firewall

data inscription

Security mechanism

Security based software’s

Security policy can enforce through security mechanism for user authentication & authorization. Authorization includes username password & unique key for all users.

Access controls are used to the enforcement of the security policy. It defines security. There is no or very less guarantee available to say that the policy is enforced.

Do UNIX commands such as setuid and setgid lead to a security illusion? Why or why not?

In UNIX setuid & setgid commands are used to give rights to some users for accessing a file same like the file’s owner. These command are important because sometime users need to do some actions that require such kind of privileges to access the information like the admin of the group or role. This is only use with the executable files which are not well designed if someone will argue it then it can effect to the security mechanism.

It can be implemented without the following of previous security policy. If the mechanism deals with the privileges criteria that someone can access to this file or not then it cannot lead to the security illusion.

Discuss correctness and space/time performance issues of the different inference handling approaches (access restriction, query set restriction, micro aggregation, data perturbation, output perturbation, random sampling, and auditing).

Access restriction refers to provision of different subset of data with a database to different users based on their access level. For example in university the VC of the university has access to the information of all the students but a student cannot access to the information of other student. He can get access after getting permission but this access will be limited.

in inference handling approach the correctness of data depends on the use of data, for the above because 1st user VC want access to all the information of the student & second user will get the information of the student on limited bases based on the users rules. For Example both the user has to get data of high correctness and with trustworthiness.

Database administrator can define the rule how many time a user can access to the information & how much?

Through Micro-aggregation we can publish aggregate information to the users. With the help of this we can reduce the data access in less time.

Data perturbation is a process in which you can add noise with the data this can be cause of data less correctness. This process of perturbation is less severe than data perturbation.

Random sampling is process that provides only a subset of the query result for a specific user.

The process of auditing is maintaining the logs of accessing information of all users.

III. Abrams: Essay 20 (pages 460-479; omit the rest)

What differences, if any, are there between the security needed by corporations and by the military? Provide examples of MLS relational models applicable in each setting.

Yes there is big difference between the security level of the corporation & military because the military security policies & there mechanisms required more restriction & formal then the private corporate sectors security mechanism.

Military can take action to investigate the information of an individual to get the clearance requested by the individual.

The private sector is that where people work as their designations & positions on specific projects. The private organization normally don’t need of such type of individual investigation. They only rely on the information provided by the individual & little bit investigation through phone call through their educational institutions.

IV. Abrams: Essay 27 and more (some answers may not be in the essay!)

Answer: The difference between improper and unauthorized is that improper is a wider term

In a 3-tier application setup, can integrity be provided only at: (a) the DBMS level, (b) the middleware level, and (c) the application tier level? Comment on your?

Yes in three tier architecture level integrity is only provided at the DBMS level. Integrity policies always operate on the application level in the other hand most of the integrity is only operate in the DBMS. The mechanism of integrity is generic & can be easily reusable else if the integrity is maintained by the middleware or application then it cannot be portable or reusable.

Why this landscape should be considered when developing a database security plan?

The attack on database is normal many hackers or other users who don’t have access on the information can misuse the database so security landscape is most important & should be considered while developing the database security.

Why are false positives a bane of intrusion detection systems? Can they be minimized?

By reducing the reliability of IDS can be cause of effectiveness of intrusion detection systems. In presence of an actual attack normally alert message is being ignored by the administrator. By monitoring the normal internal traffic & with the help of proper tuning the false positives bane of intrusion detection system & attacks on the network can be minimized.