Preparation
Access Control models:
-
DAC models
-
Book, by Fred B. Schneider, Chapter 7 sections 7.1-7.4 but skip 7.1.3, and 7.3.1-7.3.4 (22 pages)
-
note: in each of 7.3.1-7.3.4, the first 1-2 paragraphs are illuminating; rest is out-of-scope.
-
-
-
MAC models (Bell-LaPadula + Biba, Brewer-Nash)
-
Book, by Fred B. Schneider, Chapter 8 sections 8.1-8.3, skip "*" in 8.1.1, skip 8.3.2 (17 pages)
-
-
RBAC models
-
ABAC models
-
Attribute Based Access Control (ABAC), by Hu et al., NIST 800-162, Section 2-2.2 (5 pages)
-
Mechanisms (monitors):
Exercise
Further Reading
-
Access Control models (6:05)
-
DAC (45:09)
-
RBAC, MAC (32:35)
-
ABAC (3:41) (cringe video, but it’s at least short)
-
Confused Deputy attack (Wormhole vulnerability in an Android library) (2 pages of text)
-
SELinux at Lockheed-Martin (Multi-Level Security) (22:19)
-
Reference Monitors (& other OS Protection Mechanisms) (6:07)