11
AUTHORIZATION VENKATESH P 101012004 MS ITM

AUTHORIZATION part1

Embed Size (px)

Citation preview

Page 1: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 1/11

AUTHORIZATION

VENKATESH P

101012004

MS ITM

Page 2: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 2/11

Authentication vs. Authorization

Authentication� Who goes there?

Restrictions on who (or what) can access system

Authorization� 

Are you allowed to do that?

Restrictions on actions of authenticated users

Authorization is a form of access control

Authorization enforced byAccess Control Lists

Capabilities

Page 3: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 3/11

Lampsons Access Control

Matrix

rx rx r --- ---

rx rx r rw rw

rwx rwx r rw rw

rx rx rw rw rw

OSAccounting

program

Accounting

data

Insurance

data

Payroll

data

Bob

Alice

Sam

Accounting

program

Subjects (users) index the rows

Objects (resources) index the columns

Page 4: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 4/11

Are You Allowed to Do That?

Access control matrix has all relevant info

But how to manage a large access control (AC)

matrix? Could be 1000s of users, 1000s of resources

Then AC matrix with 1,000,000s of entries

Need to check this matrix before access to any

resource is allowed

Hopelessly inefficient

Page 5: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 5/11

Capabilities (or C-Lists)

Store access control matrix by row

Example: Capability for Alice is in red

rx rx r --- ---

rx rx r rw rw

rwx rwx r rw rw

rx rx rw rw rw

OSAccounting

programAccounting

data

Insurance

dataPayroll

data

Bob

Alice

Sam

Accounting

program

Page 6: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 6/11

ACLs vs Capabilities

Access Control List Capability

Note that arrows point in opposite directions!

With ACLs, still need to associate users to filess

f ile1

f ile2

f ile3

f ile1

f ile2

f ile3

r ---r 

Alice

Bob

Fred

wr 

---

rwr r 

Alice

Bob

Fred

r wrw

---r 

r ---r 

Page 7: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 7/11

Confused Deputy

Two resources

Compiler and BILL file

(billing info)

Compiler can write file

BILL

Alice can invoke

compiler with a debugfilename

Alice not allowed to

write to BILL

Access control matrix

x ---

rx rw

Compiler  BILL

Alice

Compiler 

Page 8: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 8/11

ACLs and Confused Deputy

Compiler is deputy acting on behalf of Alice

Compiler is confused

Alice is not allowed to write BILL

Compiler has confused its rights with Alices

Alice BILL

Compiler 

Page 9: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 9/11

Confused Deputy

Compiler acting for Alice is confused

There has been a separation of authority from the

purpose for which it is usedWith ACLs, difficult to avoid this problem

With Capabilities, easier to prevent problem

Must maintain association between authority and

intended purpose

Capabilities make it easy to delegate authority

Page 10: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 10/11

ACLs vs. Capabilities

ACLs

Good when users manage their own files

Protection is data-oriented

Easy to change rights to a resource Capabilities

o Easy to delegate

o Easy to add/delete users

o Easier to avoid the confused deputy

o More difficult to implement

Page 11: AUTHORIZATION part1

8/7/2019 AUTHORIZATION part1

http://slidepdf.com/reader/full/authorization-part1 11/11

THANK YOUu