Information Technology (IT) Security and Design

Non-discretionary controls means than there is mandatory access control. In this type of system, security is enforced by a strict set of rules that creates a hierarchy of permissions that users cannot override. Essentially, this type of system is meant to hinder insider users from actually working against the system. Users cannot access crucial internal information as to become spies, thus they cannot see the internal designs of the system to stop leaks such as selling internal designs to competitors, implanting spyware or other malicious software, making critical errors that would injure the system, or access sensitive records that can be leaked to outside sources.

According to the research traditional UNIX is not non-discretionary, but rather a version of a discretionary ACL. In this, there are options as to what users have access to sensitive security information from within the system design. Unlike non-discretionary systems, typical UNIX systems categorize users into specified lists, which allow them different levels of access into the internal workings of the system. There are those who can read software components, write software, execute operations, and then the final tier is the special operations that are reserved only for the owner or original creator of the system. Thus, users are defined as user, owner, or other and their level of access is then defined based on what group category they fall into.

Still, there have been evolutions within UNIX systems designs that have begun to "incorporate a centrally-managed, non-discretionary access control mechanism that works in tandem with the usual UNIX access controls" (IBM, 2004). These are more complicated features that have been built into major UNIX systems, like that seen in the case of IBM. But, UNIX operation systems themselves are typically discretionary, and need extra layers built in to make them non-discretionary.

Question 2

In this particular situation, there is clearly some sort of bad function within the scheme. When using an XOR, there is little chance of users getting the same hash from different keys. Essentially, the scheme itself is terminally weak, which could be extremely problematic for future security scenarios. In this scenario, an attacker can very easily XOR the random bit stream with the original random string and get access to the response. Additionally, if you use a random bit stream to XOR the message, your partner would not be able to receive or have access to the same material because then the hash would not be truly random. Ultimately, this also goes to show that there is a flaw within the scheme. To strengthen the scheme, one could use something like a cryptographic hash function, like the SHA-256, or other variants of the hash function.

Question 3

The addition of salt characters helps increase the level of encryption to the password, which then increases security levels in regards to access. Essentially, it hinders the building of code books because it requires users to store 4096 entries for all the possible password versions. Additionally, it also helps stop identical passwords from generating entries that are identical to each other because users must use a crypt (3) for each salt that comes up. The use of a crypt (3) is extremely time consuming and so it greatly increases the time spent working to uncover the password options. Ultimately, it makes it harder for potential threats to break passwords.

Question 4

The RBAC model has four major components, SSD and DSD being two of them. These both set constraints based by a specified role. Yet, there are some clear differences here between these two components. Thus, "the difference between SSD and DSD is that while an SSD constraint limits the roles for which the user can be authorized, a DSD constraint limits the roles that a user can activate in one session" (Li et al., 2011). Thus, the limitations each component places on the user are different in configuration.

Question 5