access control & intrusion detection by:raul fernandes 411112
TRANSCRIPT
ACCESS CONTROL & INTRUSION DETECTION
BY:RAUL FERNANDES
411112
ACCESS CONTROL
ResourceUser
process
Referencemonitor
access request
policy
?
WHAT IS ACCESS CONTOL
oAccess Controls: The security features that control how users and systems communicate and interact with one another.
POLICY DICTATES WHAT TYPES OF ACCESS ARE PERMITTED,UNDER WHAT CIRCUMSTANCES,AND BY WHOM
CATEGORIES OF ACCESS CONTROL
DISCRETIONARY ACCESS CONTOL(DAC)
MANDATORY ACCESS CONTROL(MAC)
ROLE-BASED ACCESS CONTROL(RBAC)
DISCRETIONARY ACCESS CONTOL(DAC)
A system that uses discretionary access control allows the owner of the resource to specify which person can access which resources.
Access control is given by the owner.
MANDATORY ACCESS CONTROL(MAC)
Access control is based on a security labeling (how data is sensitive and critical) system.
Users have security clearances(eligibility to access certain resource) and resources have security labels that contain data classifications.
Model is used in confidentiality(e.g military)
ROLE-BASED ACCESS CONTROL(RBAC)
Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.
INTRUSION DETECTION
SECURITY INTRUSION:A SECURITY EVENT OR A COMBINATION OF MULTIPLE SECURITY EVENTS THAT CONSTITUTES A SECURITY INCIDENT IN WHICH AN INTRUDER GAINS OR ATTEMPTS TO GAIN, ACCESS TO A SYSTEM WHITHOUT AUTHORIZATION
INTRUSION DETECTION:A SECURITY SERVICE THAT MONITORS AND ANALYZES SYSTEM EVENTS FOR THE PURPOSE OF FINDING,AND PROVIDING REAL TIME WARNINGS OF ATTEMPTS TO ACCESS SYSTEM RESOURCES IN AN AUTHORIZED MANNER
CLASSIFICATION OF ID`S
HOST- BASED IDSNETWORK –BASED IDS
HOST-BASED ID`S
Analyze the activity within a particular computer system
MONITORS THE CHARACTERISTICS OF A SINGLE HOST AND THE EVENTS OCCURING WITHIN THAT HOST FOR SUSPICIOUS ACTIVITY
NETWORK BASED ID`S
Monitor network communications MONITORS NETWORK TRAFFIC FOR
PARTICULAR NETWORK SEGMENTS OR DEVICES AND ANALYZES NETWORK,TRANSPORT,AND APPLICATION PROTOCOLS TO IDENTIFY SUSPICIOUS ACTIVITY
LOGICAL COMPONENTS OF IDS
SENSORS :- Part of system resposible for collecting evidence of an intrusion.
ANALYZERS :- Responsible for determining if an intrusion has occurred.
USER INTERFACE :- Enables user to view output from he system or control the behavior of the system.
REFERNCE
ACCESS CONTROL-(PgNO 675-680 WILLIAM STALLINGS)INTRUSION DETECTION-(PgNO 680-684 WILLIAM STALLINGS)
THANK YOU