* 6 *

Access control

Self-test problems

  1. What is meant by an access control list (ACL)? What can ACLs be used for? Give two examples of ACLs in different contexts.
  2. What is meant by two-mode operation in Unix/NT? How does two mode operation help the security of processes?
  3. Consider the two matrices:
      A = ( 0 1 )    B = ( 0 0 )
          ( 0 0 )        ( 1 0 )
    acting on a two-component vector
      v = ( yes )
          ( no  )
    Compute ABv and BAv. Suppose we apply this property to an access control system with two security checkpoints A and B. If we assign a matrix-valued security token after authentication to each secure area, how could we use this property to ensure that only those who have successfully be authenticated to A and then B (in that order) will gain access to data?
  4. Can you generalize the previous problem to three levels, A, B and C? (Hint, try 3x3 matrices)

Graded problems

These problems may be done as a group.
  1. This practical work is about taking precautions in authentication. Use the code you collected and compiled last week. Replace the file appl.c with this file: This program reads in a password. It takes several security precautions. Your task this week is to compile this program and to use the manual pages to document how it works. On windows NT similar code should be used. There one has windows functions GetConsoleMode and SetConsoleMode with flag ENABLE_ECHO_INPUT.

  2. This problem is about the importance of placing access control close to the resources being protected. The preponderance of firewall solutions is now coming under attack from this issue. Review firewalls in Principles of Network and System Administration

    Restriction of access to and from certain IP addresses, to and from certain ports, is often controlled at the perimeter by passing traffic through a firewall, which includes a filtering router. Here is an example Cisco router configuration:

    ! Cisco IOS router config
    interface Ethernet 0
     description site 1 LAN interface
     ip address
     ip access-group 100 in
     ip access-group 101 out
    ! ACL's
    access-list 100 permit tcp any host eq http
    access-list 100 permit tcp any host eq 443
    access-list 100 permit tcp any host eq 22
    access-list 100 permit udp host host eq ntp
    access-list 100 deny ip any any
    access-list 101 permit tcp host host eq http any
    What ports are open/closed here?

    Many firewalls are programmed to pass traffic on port 80 (WWW), so it is becoming common to disguise traffic to other services as traffic to port 80. This is called port-80 tunneling. This "wolf in sheep's clothing" approach is clearly a security breach, which would be unnecessary if hosts protected themselves instead of relying on a firewall. Recently, host-based protection has obtained more acceptance:

    Do you see how a system is most vulernable to attack on this "inside" of the system?

  3. Port 80 is not the only way to tunnel through defenses. Viruses which leak info from internal mail boxes to outsiders effectively use "SMTP tunneling" (port 25)! Which other services could be used to smuggle an agent onto the inside of a defense perimeter?