authentication

• ensuring that data are coming from claimed source

• Sender encrypts a message with his private key and sends plain-text with corresponding cipher-text over the network. A receiver uses sender's public key and decrypts the received cipher-text. The decrypted message is compared with the received plain-text and if values match, the message is authenticated
  

confidentiality

• protecting data from unauthorized disclosure
• the same process as at authentication, only that we do not send message in plain text along
• suitable for text where integrity problems would result in an unreadable file at the recipient end

integrity

• detection of any modification, insertion or deletion of data
• a cryptographic hash value of the message is calculated, encrypted with the private key and sent along with the message (resulting in a cryptographic signature of the message)
• receiver can then verify message integrity and origin by calculating the hash value of the received message and comparing it against the decoded signature (the original hash)
• if the hash from the sender and the hash on the receiver side do not match, then the received message is not identical to the message which the sender "signed", or the sender's identity is wrong

integrity + authentication = non-repudiation

access control

• prevents unauthorized use of resources
• implemented with appropriate logical controls (within OS)

• discretionary access control (DAC)

  • objects - resources that need to be protected
  • subjects - entities interacting with objects
  • access rights - defining interactions type
  • predicates - constraints
  • the term is commonly used in contexts that assume that, under DAC, every object has an owner that controls the permissions to access the object, probably because many systems do implement DAC using the concept of an owner

• mandatory access control (MAC)
  

  • operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target
  • a subject is usually a process or thread; objects are constructs such as files, directories etc.
  • subjects and objects each have a set of security attributes
  • whenever a subject attempts to access an object, an authorization rule enforced by the operating system kernel examines these security attributes and decides whether the access can take place. Any operation by any subject on any object will be tested against the set of authorization rules (aka policy) to determine if the operation is allowed.

• Role-based access control (RBAC)

  • approach to restricting system access to authorized users. It is a newer alternative approach to mandatory access control (MAC) and discretionary access control (DAC)
  • Within an organization, roles are created for various job functions. The permissions to perform certain operations ('permissions') are assigned to specific roles. Members of staff (or other system users) are assigned particular roles, and through those role assignments acquire the permissions to perform particular system functions.
  • Since users are not assigned permissions directly, but only acquire them through their role (or roles), management of individual user rights becomes a matter of simply assigning the appropriate roles to the user, which simplifies common operations such as adding a user, or changing a user's department.
• many authors argue that these classical models cannot be used in a network environment with various operating systems.

auditing - logging

• enables recording of events for detection, analysis and evidence of breaches