[CISSP] Domain Access Control

Domain Access Control

Access control
Security features that control how users and systems communicate and interact with other systems and resources

Domain
The resources that are available to a subject for it to carry out ists tasks. The subjects can be users, applications, or processes.

Access criteria

• Roles
• Groups
• Physical or logical location
• Time of day
• Transaction type

Hybrid smart cards
A hybrid smart card has two chips embedded into a card's surface — one contact and one contactless — each with its own interface. This effectively doubles the functionality and security of every card issued.

Combi smart cards
Combi smart cards allow a single smart chip to securely interface with both contact and contactless readers. The Smart Card Alliance forecasts that the transportation and banking industries will adopt this technology first.

Characteristic of Kerberos
The user sends over his username to the authentication service(AS). The AS creates a ticket granting ticket(TGT), which is encrypted with the user's secret key. The TGT is used to communicate to the ticket that contains two instances of the same session key that is encrypted with the individual principals' secret keys. It is this second ticket that allows the two principals to obtain their session keys.

Secure Domain
A domain that is managed by the same group using the same security policy.

Attribute Valuse Pairs
are constructs that outline how cummunication will take place between cummunicationg entities. The more AVPs that are present in a protocol, the more functionality and capabilities that protocol has. Diameter has many more AVPs than RADIUS, which is why it can authenticate devices in many different ways and have more functionality through its peer to peer mode.

Kerberos
is made up of a KDC, a realm of principals(users, services, applications, devices), an authenticaion service, tickets, and a ticket granting service.

Access Control Models

Descretionary(DAC)

A system that uses discretionary access control(DAC) enables the owner of the resource to specify which subjects can access specific resources. This model is called discretionary because the control of access is based on the discretion of the owner. The system compares the subject's security token (permissions and rights) to the ACL on the resource. Data owners decide who has access to resources.

Mandatory(MAC)

The operating system makes the final decision and can override the data owner's wishes. The system makes access decisions by comparing the subject's clearance and need-to-know level to that of the security label. Access decisions are based on security labels.

Sensitivity Labels

When MAC is being used, every subject and object must have a sensitivity label, also called a security label.

Role-Based

Also called nondiscretionary access control, uses a centrally administrated set of controls to determine how subjects and objects interact. Access decisions are based on subject's role.

Type II error means that the system has authenticated a person who shuld not be allowed into the environment.

Type I error means that the system did not successfully authenticate someone who is authorized to access the environment.

Hybrid administration is a common access control method used today. It combines the centralized and decentralized approaches. Individual users may be able to dictate who can access their shares and local files, but the IT administration would control access to file servers, network printers, and network devices.