Please enable JavaScript.
Coggle requires JavaScript to display documents.
IntroSP (IAM (Account Lifecycle (Creation (Authorization (General: …
IntroSP
IAM
Account Lifecycle
Creation
Authorization
General:
Specifying access policies of an account
in other words specifiying the rights of an account
Typical rights; read, write, execute
Possible through: Access Control Matrix, Access Control Lists and Capability Lists
Often Abstractions like: Groups of users, directory-level inheritance
Discretionary Access Control:
Ressource Owners control the access rights for their resources
Advantage: Easy implementation
Threat: un/intentional leaks
Mandatory Access Control:
System-wide access policy
Advantage: information control flow
Threat: difficult to administrate
Popular: Bell-LaPadula model (no write-down; no read-up)
Provisioning
Username
General:
chossen by user or generated by system
popular: Use e-mail address as username
Threat:
e-mail addresses are only unique at one point in time, but not forever
Password
General:
must remain secret
Popoluar implementations: choosen by user OR generated by the system and transmitted to the user (less secure; but e-mail is "verified")
Threats:
Generated passwords that do not expire after a short time OR are not changed by the user after first login
Registration
General:
All about identity and trusing it
Federated Systems (SSO) vs. Default Accounts
shared Accounts not desirable -> Accountability issues
often not feasible to establish the true identity (e.g. through ID Verification)
Threats
poor Accountability
Fake Accounts: sybils / sockpuppets
Federated systems are a high value target
Federated systems have unknown trustworthiness
Usage
Identification
General:
Claim identity with unique name
Threat:
Good balance needed for error handling vs. usability
e.g.Disclose whether the username or the password is incorrect? Enumeration Attacks possible anyways (in "Forgot Password" section)
Authentication
General:
Prove Identity claim with credentials
Authentication Factors:
Sth. you know (password)
Sth. you have (keys, documents, smartcard, smartphone)
Sth you are (physiological e.g. fingerprints; behavorial e.g. handwriting, keystroke dynamics)
Threats
:
Theft
Loss
Destruction
Consequence: unauthorized access or denial of service
Biometric Authentication System:
low False Acceptance Rate (FAR)
low False Rejection Rate (FRR)
FAR and FRR can be adjusted by more / less precision
Requirements of biometric characteristics:
universality
distinctiveness
permanence
collectabilty
Desirable in practice:
performance
acceptability
(no) circumvention
Access Control
General:
Granting of access by the system
"Complete Mediation"
Termination
General:
Accounts should expire when not renewed
Authorization revocation vs. Credentials deactivation vs. Account deactivation
Passwords
Advantages:
memorable
changeable
shareable
easy to implement
no need for special hardware
more precise than biometrics
Disadvantages:
static (unless changed)
can be stolen/lost/forgotten
often presented in the clear
good passwords are difficult to generate
difficult to remember lots of different passwords
Threats
Online Attacks:
limited because of network latency and throttling or further security measures by authenticating system
Offline Attacks
Brute-Force
Eavesdropping
Keylogger
Blackmailing
Phishing