SlideShare a Scribd company logo

Access Control for Windows

A
ayousif
1 of 14
Download to read offline
Access Control for Windows Operating System M.S. in Information Security Capella University TS5520 – Operating System Theory and Practice Instructor – Kris Jamsa By Amar Yousif, CISSP amaryousif@yahoo.com June 2005
Access Control for Windows Operating System TS5520 Abstract Why do we lock the office building at night? Who has the key to the front door and why? Who has the key to your office and why? Who has the master key and why? Is the building monitored via security CCTV systems and why? The answers to the above questions can be summed up in two words (Access Control), physical Access Control in this case. In the digital age, our valuable data no longer reside only in file cabinets behind locked doors; computers and digital storage facilities nowadays contain our most valuable data as well. Thus, Access Control in the digital context is as important as physical Access Control. Access Control is an integral part of the system security and it directly affects the three tenets of Information Security; Confidentiality, Integrity, and Availability. In this paper, we will attempt to explore the Access Control implementation in the Windows Operating System. Amar Yousif Page 2 6/20/2005
Access Control for Windows Operating System TS5520 Table of Contents Abstract ............................................................................................................................... 2 Table of Contents................................................................................................................ 3 The Concept of Access Control .......................................................................................... 4 What is Access Control?................................................................................................. 4 Why is Access Control needed? ..................................................................................... 6 Access Control Models ................................................................................................... 7 Mandatory Access Control (MAC)............................................................................. 7 Discretionary Access Control (DAC) ......................................................................... 7 Role-Based Access Control (RBAC).......................................................................... 8 Windows Access Control Model ........................................................................................ 9 Active Directory.............................................................................................................. 9 Identification and Authentication ................................................................................... 9 Authorization and Accounting...................................................................................... 10 How it works................................................................................................................. 11 Conclusion ........................................................................................................................ 13 References......................................................................................................................... 14 Amar Yousif Page 3 6/20/2005
Access Control for Windows Operating System TS5520 The Concept of Access Control What is Access Control? Microsoft’s TechNet uses the travel analogy to explain some of the concepts of Access Control. I will attempt to use the same analogy to relate the three tenets of Access Control; Authentication, Authorization, and Accounting. Authentication: When traveling, you show your passport to airport security personnel for identification purposes. Security personnel will then inspect your passport to verify authenticity. This is the process of Identification and Authentication, often referred to as Authentication only. In the digital security context, Authentication is accomplished via the use of passwords (something you know), smart cards (something you have), biometrics (something you are), or a combination of any two (two-factor authentication). Authorization: Let us go back to the travel analogy; once security personnel authenticate your passport, they will deny, allow, or limit entrance to the country based on your passport type, nationality, and visa status. This is the process of Authorization. One way to accomplish this process in the digital security context is via user privileges and object access control lists. Amar Yousif Page 4 6/20/2005
Access Control for Windows Operating System TS5520 Accounting: Upon determining your level of Authorization, security personnel may log your passport data, take your fingerprints, or both for tracking purposes. This is the process of Accounting. Most modern operating systems implement comprehensive auditing capabilities to allow for user activities accounting. Krutz and Vines (2003) define Access Control as “The process of limiting access to the resources of a system only to authorized programs, processes, or other systems (on a network).” (p. 882). Although Accounting is not a part of the above definition, I believe it to be an inseparable part of Access Control for modern systems. Thus, my modified definition of Access Control (The process of limiting access to the resources of a system only to authenticated and authorized principals and the mechanisms with which the principal’s actions are tracked and logged). Amar Yousif Page 5 6/20/2005
Access Control for Windows Operating System TS5520 Why is Access Control needed? Simply put, Access Control is needed to preserve the three tenets of information security; Confidentiality, Integrity, and Availability. Kurtz and Vines (2001) indicate that proper Access Control assures the following: 1. The information is not disclosed to unauthorized persons or processes thus preserving Confidentiality. 2. Integrity is preserved through: a. The prevention of the modification of information by unauthorized personnel. b. The prevention of unauthorized or unintentional modification of information by authorized personnel. c. Preservation of internal and external consistency. 3. The system’s authorized users have timely and uninterrupted access to the information in the system thus preserving Availability. (p. 43-44). Amar Yousif Page 6 6/20/2005
Access Control for Windows Operating System TS5520 Access Control Models Chiefly, Access Control Models can be categorized as Mandatory, Discretionary, or Role-based Access Controls depending on the methodology with which permissions and privileges are granted and controlled. Mandatory Access Control (MAC) In MAC, the Authorization of an object to access a subject depends on the object’s clearance and the subject’s classification. Krutz and Vines (2003) cite a military MAC system as an example. In such system, the documents are classified as unclassified, confidential, secret, and top secret. In order for a user to access a secret level document, the user’s clearance must be equal to, or higher of, the documents classification level, secret in this case. (p. 45). Discretionary Access Control (DAC) As the name implies, the Authorization of an object to access a subject is determined by the subject’s owner discretion. DAC is often used to limit access to files using Access Control Lists (ACL). The file owner determines who can access the file. Amar Yousif Page 7 6/20/2005
Access Control for Windows Operating System TS5520 Role-Based Access Control (RBAC) In 2004 Reynaldo J. de la Fuente published a review for David Ferraiolo, D. Richard Kuhn and Ramaswamy Chandramouli book titled (Role-Based Access Control) in which he explained “In 1992, US National Institute of Standards and Technology (NIST) initiated a study of commercial and government organizations, and found that access control needs were not being met by products on the market at the time. Discretionary access control (DAC) was too flexible and allowed wrong behaviors in badly managed organizations. Mandatory access control (MAC) was suitable only for organizations connected with extremely high security or US Department of Defense requirements. A process was needed to support subject-based security policies, such as access based on competency, conflict-of-interest rules, or access based on a strict concept of least privilege. Supporting such policies without disregarding the organizational structure requires the ability to restrict access based on a user function or role within the enterprise. A solution to meet these needs was proposed in 1992 by Ferraiolo and Kuhn, integrating features of existing application-specific approaches in a generalized role-based access control (RBAC) model”. As Fuente explained, it is that proposed solution that gave birth to the RBAC as we know it today. In RBAC, roles, as opposed to users, are granted access and permissions over objects by the system administrator and then the appropriate users are assigned to these roles. Amar Yousif Page 8 6/20/2005
Access Control for Windows Operating System TS5520 Windows Access Control Model Active Directory Microsoft first introduced Active Directory in Windows 2000 operating system as a central repository of system objects. William and Watts (2000) explain that each object within Active Directory has a set of attributes associated with it; these attributes are used to describe the object and make it unique (p. 25). Objects within Active Directory include users, groups, computers, servers, domains, sites, OUs, etc. Users within Active Directory can be organized in groups to allow for better management of privileges and permissions. Identification and Authentication Microsoft’s TechNet (2003) explains that modern Windows Server operating systems provide a method for applications and users to authenticate by using the Security Support Provider Interface (SSPI). SSPI is Windows implementation of IETF’s Generic Security Services Application Programming Interface (GSSAPI) and it is the foundation of Authentication in Windows 2003. Windows support two methods for selecting authentication protocols; (Single Protocol) where the client must use the protocol predetermined by Windows, and (Negotiate Protocol) where the client can choose to use Kerberos, NTLM, Secure Channel, or Digest as its communication protocol. Amar Yousif Page 9 6/20/2005
Access Control for Windows Operating System TS5520 Authorization and Accounting Once the user in authenticated, the system must determine its proper Authorization level over system objects and track its actions. TechNet (2003) indicates that Authorization and Accounting in Windows is based on the following principles: User-based Authorization: Every application that a user starts runs in the security context of that user. Discretionary Access Control (DAC): The user who owns a securable object can control who has permission to use it and in what way. Inheritance of Permissions: Objects inherent the security attributes of their parent folder. Administrative Privileges: Special users within the system can be granted security administrative privileges (e.g. give permissions to other users, assign users to security groups, run backup jobs, set system wide security policies, etc.) Auditing of System Events: The system is capable of capturing users and administrator actions in an audit trail. Amar Yousif Page 10 6/20/2005
Access Control for Windows Operating System TS5520 How it works Cooke (2004) states that Access Control is geared to answer a question as simple as (can Bob open the file?); (Bob) being the subject, (open) being the action, and (file) being the object. For the system to make a decision in this case, the system must: 1. Authenticate Bob and issue an Access Token (remember Identification and Authentication). A unique Access Token is issued to every authenticated user, it holds the security attributes of the user and it is passed to all processes and threads acting on the user’s behalf (remember User-Based Authorization). 2. The process or the thread acting on the user behalf will call the system API associated with the (open) action. In windows, all user actions are accomplished by calling an Application Programming Interface. The object (file) is passed as a parameter to the API. 3. At this point all needed parameters are identified for the system to make a decision. The subject (Bob) is identify through the Access Token associated with the process requesting the API, the action (open) is identified by calling the respective API, and the object is identified as a parameter that is passed to the API by the requesting process. 4. The part of the system that makes the decision is called the Reference Monitor (RM). 5. The RM will inspect the object’s Security Descriptor (which is associated with the object and holds the Access Control List that defines who is authorized to access the object and in what way) and look for the subject authorization. See figure 1. 6. Based on the information stored in the Security Descriptor, the RM may allow or deny access to the object. Amar Yousif Page 11 6/20/2005
Access Control for Windows Operating System TS5520 Figure 1 Amar Yousif Page 12 6/20/2005
Access Control for Windows Operating System TS5520 Conclusion Access Control in Windows is designed as a Discretionary Access Control model that is fitted to act as a Role-Based Access Control model due to its groups and administrative privileges’ capabilities. Groups can be regarded as roles, permissions and privileges can be assigned to these groups/roles, and finally users can be joined to the said groups/roles. Amar Yousif Page 13 6/20/2005
Access Control for Windows Operating System TS5520 References Cooke, P. (2004). How Access Control Works. Retrieved June 18, 2005, from http://searchwindowssecurity.techtarget.com/originalContent/0,289142,sid45_gci1025647,00.htm l De la Fuente, R. (2004). Role-based Access Control (RBAC): By David Ferraiolo, D. Richard Kuhn and Ramaswamy Chandramouli. Retrieved June 18, 2005, from http://www.isaca.org/Template.cfm?Section=Home&CONTENTID=15068&TEMPLATE=/Cont entManagement/ContentDisplay.cfm Krutz, R.L., & Vines, R.D. (2003). The CISSP Prep Guide: Gold Edition. Indianapolis, Indiana: Wiley Publishing, Inc. Microsoft TechNet. (2003). logon and Authentication Technologies. Retrieved June 18, 2005, from http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/78cb5d3c- d0b2-4d20-a693-fa66bde1a63b.mspx Microsoft TechNet. (2003). Authorization and Access Control Technologies. Retrieved June 18, 2005, from http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/addc004e- a1ad-4fba-8caa-1c9c3eb0fa86.mspx Willis, W., Watts, D.V., & Bruzzese, J.P. (2000). Windows 2000: Directory Services. Scottsdale, AZ: The Coriolis Group. Amar Yousif Page 14 6/20/2005

Recommended

Physical security.ppt
Physical security.pptPhysical security.ppt
Physical security.pptFaheem Ul Hasan
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMANAND MURALI
 
Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).Debasis Chowdhury
 
Access Controls
Access ControlsAccess Controls
Access Controlsprimeteacher32
 
Physical security
Physical securityPhysical security
Physical securityTariq Mahmood
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
Data security and Integrity
Data security and IntegrityData security and Integrity
Data security and IntegrityZaid Shabbir
 
Lec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptxLec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptxskknowledge
 

Recommended

Physical security.ppt
Physical security.pptPhysical security.ppt
Physical security.pptFaheem Ul Hasan
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMANAND MURALI
 
Virtual Private Network (VPN).
Virtual Private Network (VPN).Virtual Private Network (VPN).
Virtual Private Network (VPN).Debasis Chowdhury
 
Access Controls
Access ControlsAccess Controls
Access Controlsprimeteacher32
 
Physical security
Physical securityPhysical security
Physical securityTariq Mahmood
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
Data security and Integrity
Data security and IntegrityData security and Integrity
Data security and IntegrityZaid Shabbir
 
Lec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptxLec # 7 Symmetric and asymmetric cryptography.pptx
Lec # 7 Symmetric and asymmetric cryptography.pptxskknowledge
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Physical Security
Physical SecurityPhysical Security
Physical Securitykavitha muneeshwaran
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONAnoop T
 
Physical Security
Physical SecurityPhysical Security
Physical SecurityKriscila Yumul
 
Information Security
Information SecurityInformation Security
Information Securitychenpingling
 
Access_Control_Systems_and_methodology
Access_Control_Systems_and_methodologyAccess_Control_Systems_and_methodology
Access_Control_Systems_and_methodologyArti Ambokar
 
Network Security Terminologies
Network Security TerminologiesNetwork Security Terminologies
Network Security Terminologiesuniversity of education,Lahore
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory Forensicsn|u - The Open Security Community
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Network Intelligence India
 
Physical Security Assessments
Physical Security AssessmentsPhysical Security Assessments
Physical Security AssessmentsTom Eston
 
Anti forensic
Anti forensicAnti forensic
Anti forensicMilap Oza
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security AssessmentGary Bahadur
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsRamesh Ogania
 
Ch07 Access Control Fundamentals
Ch07 Access Control FundamentalsCh07 Access Control Fundamentals
Ch07 Access Control FundamentalsInformation Technology
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniquesIGZ Software house
 
Cryptography
CryptographyCryptography
CryptographyShivanand Arur
 
Registry Forensics
Registry ForensicsRegistry Forensics
Registry ForensicsSomesh Sawhney
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)david rom
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingKaren Oliver
 
The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management ActMichelle Singh
 

More Related Content

What's hot

02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONAnoop T
 
Information Security
Information SecurityInformation Security
Information Securitychenpingling
 
Access_Control_Systems_and_methodology
Access_Control_Systems_and_methodologyAccess_Control_Systems_and_methodology
Access_Control_Systems_and_methodologyArti Ambokar
 
Physical Security Assessments
Physical Security AssessmentsPhysical Security Assessments
Physical Security AssessmentsTom Eston
 
Anti forensic
Anti forensicAnti forensic
Anti forensicMilap Oza
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security AssessmentGary Bahadur
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)david rom
 

What's hot (20)

CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Physical Security
Physical SecurityPhysical Security
Physical Security
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
 
Physical Security
Physical SecurityPhysical Security
Physical Security
 
Information Security
Information SecurityInformation Security
Information Security
 
Access_Control_Systems_and_methodology
Access_Control_Systems_and_methodologyAccess_Control_Systems_and_methodology
Access_Control_Systems_and_methodology
 
Network Security Terminologies
Network Security TerminologiesNetwork Security Terminologies
Network Security Terminologies
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory Forensics
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
 
Physical Security Assessments
Physical Security AssessmentsPhysical Security Assessments
Physical Security Assessments
 
Anti forensic
Anti forensicAnti forensic
Anti forensic
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Ch07 Access Control Fundamentals
Ch07 Access Control FundamentalsCh07 Access Control Fundamentals
Ch07 Access Control Fundamentals
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
Cryptography
CryptographyCryptography
Cryptography
 
Registry Forensics
Registry ForensicsRegistry Forensics
Registry Forensics
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)
 

Similar to Access Control for Windows

Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingKaren Oliver
 
The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management ActMichelle Singh
 
Implementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control PlanImplementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control PlanAngie Willis
 
1.1 Cyber Security Layers of Defense and Technology Solutions.pdf.pdf
1.1 Cyber Security Layers of Defense and Technology Solutions.pdf.pdf1.1 Cyber Security Layers of Defense and Technology Solutions.pdf.pdf
1.1 Cyber Security Layers of Defense and Technology Solutions.pdf.pdfThangVuQuang4
 
What is Access Control and Why is it Important for Cybersecurity.pdf
What is Access Control and Why is it Important for Cybersecurity.pdfWhat is Access Control and Why is it Important for Cybersecurity.pdf
What is Access Control and Why is it Important for Cybersecurity.pdfSysvoot Antivirus
 
Ncsc security architecture anti patterns white paper
Ncsc security architecture anti patterns white paperNcsc security architecture anti patterns white paper
Ncsc security architecture anti patterns white paperAhmedHany Sayed
 
INTERVIEW QUESTION FOR IT AUDITOR
INTERVIEW QUESTION FOR IT AUDITORINTERVIEW QUESTION FOR IT AUDITOR
INTERVIEW QUESTION FOR IT AUDITORInfosec Train
 
Access Control and Maintenance.pptx
Access Control and Maintenance.pptxAccess Control and Maintenance.pptx
Access Control and Maintenance.pptxKinetic Potential
 
Access Control Systems
Access Control SystemsAccess Control Systems
Access Control Systemsarnoldpeter01
 
Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Brianna Johnson
 
Self Monitoring System to Catch Unauthorized Activity
Self Monitoring System to Catch Unauthorized ActivitySelf Monitoring System to Catch Unauthorized Activity
Self Monitoring System to Catch Unauthorized ActivityIRJET Journal
 
Comprehensive Analysis of Contemporary Information Security Challenges
Comprehensive Analysis of Contemporary Information Security ChallengesComprehensive Analysis of Contemporary Information Security Challenges
Comprehensive Analysis of Contemporary Information Security Challengessidraasif9090
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET Journal
 
Solvit identity is the new perimeter
Solvit identity is the new perimeterSolvit identity is the new perimeter
Solvit identity is the new perimeterS.E. CTS CERT-GOV-MD
 

Similar to Access Control for Windows (17)

Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
 
The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management Act
 
Is4560
Is4560Is4560
Is4560
 
Implementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control PlanImplementing Physical Security As An Access Control Plan
Implementing Physical Security As An Access Control Plan
 
1.1 Cyber Security Layers of Defense and Technology Solutions.pdf.pdf
1.1 Cyber Security Layers of Defense and Technology Solutions.pdf.pdf1.1 Cyber Security Layers of Defense and Technology Solutions.pdf.pdf
1.1 Cyber Security Layers of Defense and Technology Solutions.pdf.pdf
 
What is Access Control and Why is it Important for Cybersecurity.pdf
What is Access Control and Why is it Important for Cybersecurity.pdfWhat is Access Control and Why is it Important for Cybersecurity.pdf
What is Access Control and Why is it Important for Cybersecurity.pdf
 
Ncsc security architecture anti patterns white paper
Ncsc security architecture anti patterns white paperNcsc security architecture anti patterns white paper
Ncsc security architecture anti patterns white paper
 
INTERVIEW QUESTION FOR IT AUDITOR
INTERVIEW QUESTION FOR IT AUDITORINTERVIEW QUESTION FOR IT AUDITOR
INTERVIEW QUESTION FOR IT AUDITOR
 
1.pptx
1.pptx1.pptx
1.pptx
 
IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS
IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS
IT SYSTEMS , CONTROLS , CAATS AND FLOWCHARTS
 
Access Control and Maintenance.pptx
Access Control and Maintenance.pptxAccess Control and Maintenance.pptx
Access Control and Maintenance.pptx
 
Access Control Systems
Access Control SystemsAccess Control Systems
Access Control Systems
 
Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...
 
Self Monitoring System to Catch Unauthorized Activity
Self Monitoring System to Catch Unauthorized ActivitySelf Monitoring System to Catch Unauthorized Activity
Self Monitoring System to Catch Unauthorized Activity
 
Comprehensive Analysis of Contemporary Information Security Challenges
Comprehensive Analysis of Contemporary Information Security ChallengesComprehensive Analysis of Contemporary Information Security Challenges
Comprehensive Analysis of Contemporary Information Security Challenges
 
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud ComputingIRJET - Study Paper on Various Security Mechanism of Cloud Computing
IRJET - Study Paper on Various Security Mechanism of Cloud Computing
 
Solvit identity is the new perimeter
Solvit identity is the new perimeterSolvit identity is the new perimeter
Solvit identity is the new perimeter
 

Access Control for Windows

  • 1. Access Control for Windows Operating System M.S. in Information Security Capella University TS5520 – Operating System Theory and Practice Instructor – Kris Jamsa By Amar Yousif, CISSP amaryousif@yahoo.com June 2005
  • 2. Access Control for Windows Operating System TS5520 Abstract Why do we lock the office building at night? Who has the key to the front door and why? Who has the key to your office and why? Who has the master key and why? Is the building monitored via security CCTV systems and why? The answers to the above questions can be summed up in two words (Access Control), physical Access Control in this case. In the digital age, our valuable data no longer reside only in file cabinets behind locked doors; computers and digital storage facilities nowadays contain our most valuable data as well. Thus, Access Control in the digital context is as important as physical Access Control. Access Control is an integral part of the system security and it directly affects the three tenets of Information Security; Confidentiality, Integrity, and Availability. In this paper, we will attempt to explore the Access Control implementation in the Windows Operating System. Amar Yousif Page 2 6/20/2005
  • 3. Access Control for Windows Operating System TS5520 Table of Contents Abstract ............................................................................................................................... 2 Table of Contents................................................................................................................ 3 The Concept of Access Control .......................................................................................... 4 What is Access Control?................................................................................................. 4 Why is Access Control needed? ..................................................................................... 6 Access Control Models ................................................................................................... 7 Mandatory Access Control (MAC)............................................................................. 7 Discretionary Access Control (DAC) ......................................................................... 7 Role-Based Access Control (RBAC).......................................................................... 8 Windows Access Control Model ........................................................................................ 9 Active Directory.............................................................................................................. 9 Identification and Authentication ................................................................................... 9 Authorization and Accounting...................................................................................... 10 How it works................................................................................................................. 11 Conclusion ........................................................................................................................ 13 References......................................................................................................................... 14 Amar Yousif Page 3 6/20/2005
  • 4. Access Control for Windows Operating System TS5520 The Concept of Access Control What is Access Control? Microsoft’s TechNet uses the travel analogy to explain some of the concepts of Access Control. I will attempt to use the same analogy to relate the three tenets of Access Control; Authentication, Authorization, and Accounting. Authentication: When traveling, you show your passport to airport security personnel for identification purposes. Security personnel will then inspect your passport to verify authenticity. This is the process of Identification and Authentication, often referred to as Authentication only. In the digital security context, Authentication is accomplished via the use of passwords (something you know), smart cards (something you have), biometrics (something you are), or a combination of any two (two-factor authentication). Authorization: Let us go back to the travel analogy; once security personnel authenticate your passport, they will deny, allow, or limit entrance to the country based on your passport type, nationality, and visa status. This is the process of Authorization. One way to accomplish this process in the digital security context is via user privileges and object access control lists. Amar Yousif Page 4 6/20/2005
  • 5. Access Control for Windows Operating System TS5520 Accounting: Upon determining your level of Authorization, security personnel may log your passport data, take your fingerprints, or both for tracking purposes. This is the process of Accounting. Most modern operating systems implement comprehensive auditing capabilities to allow for user activities accounting. Krutz and Vines (2003) define Access Control as “The process of limiting access to the resources of a system only to authorized programs, processes, or other systems (on a network).” (p. 882). Although Accounting is not a part of the above definition, I believe it to be an inseparable part of Access Control for modern systems. Thus, my modified definition of Access Control (The process of limiting access to the resources of a system only to authenticated and authorized principals and the mechanisms with which the principal’s actions are tracked and logged). Amar Yousif Page 5 6/20/2005
  • 6. Access Control for Windows Operating System TS5520 Why is Access Control needed? Simply put, Access Control is needed to preserve the three tenets of information security; Confidentiality, Integrity, and Availability. Kurtz and Vines (2001) indicate that proper Access Control assures the following: 1. The information is not disclosed to unauthorized persons or processes thus preserving Confidentiality. 2. Integrity is preserved through: a. The prevention of the modification of information by unauthorized personnel. b. The prevention of unauthorized or unintentional modification of information by authorized personnel. c. Preservation of internal and external consistency. 3. The system’s authorized users have timely and uninterrupted access to the information in the system thus preserving Availability. (p. 43-44). Amar Yousif Page 6 6/20/2005
  • 7. Access Control for Windows Operating System TS5520 Access Control Models Chiefly, Access Control Models can be categorized as Mandatory, Discretionary, or Role-based Access Controls depending on the methodology with which permissions and privileges are granted and controlled. Mandatory Access Control (MAC) In MAC, the Authorization of an object to access a subject depends on the object’s clearance and the subject’s classification. Krutz and Vines (2003) cite a military MAC system as an example. In such system, the documents are classified as unclassified, confidential, secret, and top secret. In order for a user to access a secret level document, the user’s clearance must be equal to, or higher of, the documents classification level, secret in this case. (p. 45). Discretionary Access Control (DAC) As the name implies, the Authorization of an object to access a subject is determined by the subject’s owner discretion. DAC is often used to limit access to files using Access Control Lists (ACL). The file owner determines who can access the file. Amar Yousif Page 7 6/20/2005
  • 8. Access Control for Windows Operating System TS5520 Role-Based Access Control (RBAC) In 2004 Reynaldo J. de la Fuente published a review for David Ferraiolo, D. Richard Kuhn and Ramaswamy Chandramouli book titled (Role-Based Access Control) in which he explained “In 1992, US National Institute of Standards and Technology (NIST) initiated a study of commercial and government organizations, and found that access control needs were not being met by products on the market at the time. Discretionary access control (DAC) was too flexible and allowed wrong behaviors in badly managed organizations. Mandatory access control (MAC) was suitable only for organizations connected with extremely high security or US Department of Defense requirements. A process was needed to support subject-based security policies, such as access based on competency, conflict-of-interest rules, or access based on a strict concept of least privilege. Supporting such policies without disregarding the organizational structure requires the ability to restrict access based on a user function or role within the enterprise. A solution to meet these needs was proposed in 1992 by Ferraiolo and Kuhn, integrating features of existing application-specific approaches in a generalized role-based access control (RBAC) model”. As Fuente explained, it is that proposed solution that gave birth to the RBAC as we know it today. In RBAC, roles, as opposed to users, are granted access and permissions over objects by the system administrator and then the appropriate users are assigned to these roles. Amar Yousif Page 8 6/20/2005
  • 9. Access Control for Windows Operating System TS5520 Windows Access Control Model Active Directory Microsoft first introduced Active Directory in Windows 2000 operating system as a central repository of system objects. William and Watts (2000) explain that each object within Active Directory has a set of attributes associated with it; these attributes are used to describe the object and make it unique (p. 25). Objects within Active Directory include users, groups, computers, servers, domains, sites, OUs, etc. Users within Active Directory can be organized in groups to allow for better management of privileges and permissions. Identification and Authentication Microsoft’s TechNet (2003) explains that modern Windows Server operating systems provide a method for applications and users to authenticate by using the Security Support Provider Interface (SSPI). SSPI is Windows implementation of IETF’s Generic Security Services Application Programming Interface (GSSAPI) and it is the foundation of Authentication in Windows 2003. Windows support two methods for selecting authentication protocols; (Single Protocol) where the client must use the protocol predetermined by Windows, and (Negotiate Protocol) where the client can choose to use Kerberos, NTLM, Secure Channel, or Digest as its communication protocol. Amar Yousif Page 9 6/20/2005
  • 10. Access Control for Windows Operating System TS5520 Authorization and Accounting Once the user in authenticated, the system must determine its proper Authorization level over system objects and track its actions. TechNet (2003) indicates that Authorization and Accounting in Windows is based on the following principles: User-based Authorization: Every application that a user starts runs in the security context of that user. Discretionary Access Control (DAC): The user who owns a securable object can control who has permission to use it and in what way. Inheritance of Permissions: Objects inherent the security attributes of their parent folder. Administrative Privileges: Special users within the system can be granted security administrative privileges (e.g. give permissions to other users, assign users to security groups, run backup jobs, set system wide security policies, etc.) Auditing of System Events: The system is capable of capturing users and administrator actions in an audit trail. Amar Yousif Page 10 6/20/2005
  • 11. Access Control for Windows Operating System TS5520 How it works Cooke (2004) states that Access Control is geared to answer a question as simple as (can Bob open the file?); (Bob) being the subject, (open) being the action, and (file) being the object. For the system to make a decision in this case, the system must: 1. Authenticate Bob and issue an Access Token (remember Identification and Authentication). A unique Access Token is issued to every authenticated user, it holds the security attributes of the user and it is passed to all processes and threads acting on the user’s behalf (remember User-Based Authorization). 2. The process or the thread acting on the user behalf will call the system API associated with the (open) action. In windows, all user actions are accomplished by calling an Application Programming Interface. The object (file) is passed as a parameter to the API. 3. At this point all needed parameters are identified for the system to make a decision. The subject (Bob) is identify through the Access Token associated with the process requesting the API, the action (open) is identified by calling the respective API, and the object is identified as a parameter that is passed to the API by the requesting process. 4. The part of the system that makes the decision is called the Reference Monitor (RM). 5. The RM will inspect the object’s Security Descriptor (which is associated with the object and holds the Access Control List that defines who is authorized to access the object and in what way) and look for the subject authorization. See figure 1. 6. Based on the information stored in the Security Descriptor, the RM may allow or deny access to the object. Amar Yousif Page 11 6/20/2005
  • 12. Access Control for Windows Operating System TS5520 Figure 1 Amar Yousif Page 12 6/20/2005
  • 13. Access Control for Windows Operating System TS5520 Conclusion Access Control in Windows is designed as a Discretionary Access Control model that is fitted to act as a Role-Based Access Control model due to its groups and administrative privileges’ capabilities. Groups can be regarded as roles, permissions and privileges can be assigned to these groups/roles, and finally users can be joined to the said groups/roles. Amar Yousif Page 13 6/20/2005
  • 14. Access Control for Windows Operating System TS5520 References Cooke, P. (2004). How Access Control Works. Retrieved June 18, 2005, from http://searchwindowssecurity.techtarget.com/originalContent/0,289142,sid45_gci1025647,00.htm l De la Fuente, R. (2004). Role-based Access Control (RBAC): By David Ferraiolo, D. Richard Kuhn and Ramaswamy Chandramouli. Retrieved June 18, 2005, from http://www.isaca.org/Template.cfm?Section=Home&CONTENTID=15068&TEMPLATE=/Cont entManagement/ContentDisplay.cfm Krutz, R.L., & Vines, R.D. (2003). The CISSP Prep Guide: Gold Edition. Indianapolis, Indiana: Wiley Publishing, Inc. Microsoft TechNet. (2003). logon and Authentication Technologies. Retrieved June 18, 2005, from http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/78cb5d3c- d0b2-4d20-a693-fa66bde1a63b.mspx Microsoft TechNet. (2003). Authorization and Access Control Technologies. Retrieved June 18, 2005, from http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/addc004e- a1ad-4fba-8caa-1c9c3eb0fa86.mspx Willis, W., Watts, D.V., & Bruzzese, J.P. (2000). Windows 2000: Directory Services. Scottsdale, AZ: The Coriolis Group. Amar Yousif Page 14 6/20/2005