Scribd
Upload
198 views

SecurityArchitecture PDF

The document discusses various components of a CPU and concepts related to computer security. It describes the Arithmetic Logic Unit (ALU) and Bus Interface Unit (BIU) as two main CPU components. It also outlines different Evaluation Assurance Levels (EAL1-EAL7) used to evaluate functionality and assurance of systems. Finally, it summarizes several access control models and terms related to information security including the Clark-Wilson and Biba integrity models and the Bell-LaPadula confidentiality model.

Uploaded by

Berrezeg Mahieddine
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
198 views

SecurityArchitecture PDF

The document discusses various components of a CPU and concepts related to computer security. It describes the Arithmetic Logic Unit (ALU) and Bus Interface Unit (BIU) as two main CPU components. It also outlines different Evaluation Assurance Levels (EAL1-EAL7) used to evaluate functionality and assurance of systems. Finally, it summarizes several access control models and terms related to information security including the Clark-Wilson and Biba integrity models and the Bell-LaPadula confidentiality model.

Uploaded by

Berrezeg Mahieddine
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Arithmetic Logic Unit - ALU - Performs computation Bus Interface Unit - BIU - I/O to CPU Uses an Evaluation Assurance

Level - EAL EAL1 - Functionally Tested EAL2 - Structurally Tested EAL3 - Methodically tested and checked EAL4 - Methodically designed, tested and reviewed EAL5 - Semi-formally designed and tested EAL6 - Semi-formally verified design and tested EAL7 - Formally verified design and tested Operating (or Run) Control Unit - Coordinates other CPU components

CPU Components

Floating Point Unit - FPU Memory Management Unit - MMU

Common Criteria

Pre-Fetch Unit Protection Test Unit

CPU States
Evaluates on Functionality and Assurance Functionality rating F1 - F10 Assurance rating E0 - E6

Problem (or Application) Supervisory - Privileged Instruction Wait

ITSEC

Multiprogramming - can load more than one program in memory at one time

Trusted Computer Systems Evaluation Criteria - TCSEC A1 - Verified Design B1 - Labeled Security - Objects are classified B2 - Structured Protection B3 - Secure Domains C1 - Discretionary Security C2 - Controlled Access - reasonable commercial apps C - Discretionary Protection B - Mandatory Protection A - Verified Protection

OS Terms

Multitasking - can handle requests from several different processes loaded into memory at the same time Multithreading - can run multiple threads simultaneously Multiprocessing - has more than one CPU

TCSEC Orange Book

Security Architecture and Design


Mike Smith
26/04/10 - Rev.28

1973 - First formal confidentiality model State-machine model Simple security property - no read up Bell-LaPadula * property - no write down Strong star property - subject's = object's clearance for RW Discretionary property and trusted subject 1977 - First integrity lattice based model

Evaluated but fail

D - Minimal Security

Covert channels Race conditions Emanations Maintenance hooks Reveal as little as possible Limit access - need to know Disable unused services and accounts Use strong authentication Countermeasures

Biba

Simple integrity property - no read down * integrity property - no write up 1987 - commercial, e.g. banking Unconstrained Data Item - UDI

Issues Access Control Models

Clarke-Wilson

Constrained Data Item - CDI Integrity Verification Procedures - IVPs Transformation Procedures - TPs

Access Matrix Take Grant

Object access rights to subjects Rights a subject can transfer to/from another subject or object create, revoke, take, grant

Trusted Computer Base - TCB - the total combination of protection mechanisms within a computer system, including hardware, firmware and software to enforce security policy. Access Control - ability to permit or deny the use of an object by a subject Reference Monitor - system component that enforces access controls on an object Mediate all accesses Be protected from modification Be verified as correct Security Kernel - hardware, firmware and software that implement the reference monitor concept

Information Flow Model Noninterference Model Brewer and Nash Model - dynamically changing access controls

Terms

Graham-Denning Model - How subjects and objects should be created and deleted - access rights Confidentiality - Bell-LaPadula, Access Matrix and Take-Grant Integrity - Biba and Clarke-Wilson 1. Prevent unauthorized modifications Three goals of integrity 2. Prevent authorized users from improper modifications 3. Maintain internal and external consistency - well-formed transaction

You might also like