Computer Security Mechanisms

Innovative Technologies for Computer Security
Theory
Author
Affiliation

Andrei Biziuk

VSTU

Published

December 3, 2024

Introduction

We’ll explore various aspects of how computer systems protect themselves and their data from unauthorized access and threats. Our focus will be on key mechanisms such as identification, authentication (including biometric authentication), access control, organization of access control in computer systems, and logging and auditing.

1. Identification

Definition: Identification is the initial step where a user claims an identity within a system. This step doesn’t prove identity but sets the stage for subsequent verification.

Importance: - Fundamental for tracking and accountability. - Sets up the framework for authentication and access control.

Examples and Mechanisms: - Usernames: Common in most systems; simple yet effective. - Digital Certificates: Used in SSL/TLS for secure communications. - RFID Tags: Common in physical security systems for identifying personnel.

2. Authentication

Definition: Authentication confirms the identity claimed during identification. It answers the question, “Are you who you say you are?”

Methods of Authentication: 1. Knowledge-Based Authentication: - Passwords, PINs. - Challenges: Passwords can be weak or reused across platforms.

  1. Possession-Based Authentication:
    • Smart cards, OTP (One-Time Password) tokens.
    • Challenges: Devices can be lost or stolen.
  2. Inherence-Based Authentication (Biometrics):
    • Uses unique biological traits.
    • Types:
      • Fingerprint Scanners: High accuracy, widely used in smartphones.
      • Facial Recognition: Used in security systems and devices.
      • Iris Scanning: Very accurate, used in high-security environments.
      • Voice Recognition: Convenient for phone-based authentication.

Advantages of Biometric Authentication: - Hard to forge. - Convenient as users don’t need to remember credentials.

Disadvantages: - Privacy concerns: biometric data, once compromised, cannot be changed. - False positives/negatives: may affect user experience. - Special hardware requirements.

Emerging Trends: - Behavioral Biometrics: Analyzes patterns in user behavior, such as typing rhythms or mouse movements. - Multifactor Authentication (MFA): Combines two or more authentication methods for increased security.

3. Access Control

Definition: Access control ensures that only authorized users can access certain resources or perform specific actions within a system.

Types of Access Control: 1. Discretionary Access Control (DAC): - Users have control over their own resources. - Example: File permissions in Unix/Linux systems. - Pros: Flexible. - Cons: Prone to errors and less secure.

  1. Mandatory Access Control (MAC):
    • Access rights are regulated by a central authority based on policies.
    • Example: Government and military applications.
    • Pros: High security.
    • Cons: Rigid, difficult to manage.
  1. Role-Based Access Control (RBAC):
    • Permissions are assigned to roles rather than individuals.
    • Example: Corporate environments where roles define access levels.
    • Pros: Scalable, manageable.
    • Cons: Requires careful planning of roles and permissions.

Organization of Access Control in Systems: - Policy Definition: Establishing rules for access (who, what, when, where, why). - Policy Enforcement: Mechanisms to enforce these rules (ACLs, RBAC models). - Policy Management: Regular updates and reviews to ensure relevance and compliance.

Examples of Access Control Mechanisms: - Access Control Lists (ACLs): Specify user permissions for files and resources. - Capabilities: Tokens or keys granting specific access rights. - Security Labels: Used in MAC systems to classify and control access.

4. Access Control in Computer Systems

Implementation Strategies: - Centralized Management: - Active Directory (AD): Manages users and permissions centrally. - Pros: Simplifies administration, improves security. - Cons: Single point of failure.

  • Decentralized Management:
    • Each device/system manages its own access control.
    • Pros: Flexibility, independence.
    • Cons: Harder to maintain consistency and compliance.

Techniques and Tools: - Encryption: Ensures data confidentiality by encoding information. - Firewalls: Control incoming and outgoing network traffic based on security rules. - Intrusion Detection Systems (IDS): Monitor network/system activities for malicious actions or policy violations.

Challenges in Access Control: - Scalability: Managing permissions across large and diverse environments. - Dynamic Changes: Adapting to changes in user roles and organizational structures. - Compliance: Ensuring adherence to legal and regulatory requirements.

5. Logging and Auditing

Definition: Logging involves capturing detailed records of system events and user activities. Auditing is the process of analyzing these logs to ensure compliance and security.

Purpose and Benefits: - Accountability: Provides a trace of user actions. - Incident Response: Helps in identifying and responding to security incidents. - Compliance: Meets legal and regulatory requirements for data protection and privacy.

Components of Effective Logging: - Event Logs: Record system events (e.g., user logins, system errors). - Audit Logs: Capture detailed information relevant to security (e.g., access to sensitive files).

Best Practices: - Regular Audits: Perform periodic reviews of logs to detect anomalies. - Log Retention Policies: Maintain logs for a specific period based on organizational and regulatory requirements. - Automation: Use tools for automated log collection, analysis, and alerting (e.g., SIEM systems).

Tools and Techniques: - Syslog: Standard for message logging in Unix/Linux systems. - Windows Event Logs: Built-in logging mechanism in Windows environments. - Security Information and Event Management (SIEM): Tools that provide real-time analysis of security alerts generated by network hardware and applications.

Back to top