RBAC vs ABAC Quiz

Questions and Answers

What does RBAC stand for?

• Role-Authorized Access Condition
• Role-Based Access Control (correct)
• Role-Based Approval Code
• Role-Assigned Behavior Control

In an RBAC system, a department manager has the right to modify any data within their department.

False (B)

What is a major disadvantage of ABAC as mentioned in the content?

Changing user permissions

In RBAC, user permissions are based solely on the user's assigned __________.

role

Match the role in an RBAC system with their corresponding access level:

Administrator = Full access to the database Department Manager = Access to departmental information Employee = Access to personal data only

Which of the following is true about ABAC?

It considers dynamic attributes for user permissions. (D)

What does the Trusted Computing Base (TCB) primarily consist of?

A combination of hardware, software, and controls (D)

RBAC allows for user permission adjustments based solely on changes in user roles.

True (A)

How does ABAC differ in flexibility compared to RBAC?

ABAC takes dynamic attributes into account, whereas RBAC only considers assigned roles.

A larger TCB provides less flexibility for developers.

False (B)

Name one advantage of a small TCB.

Easier to protect from vulnerabilities.

Three elements that are inside the TCB are: Kernel, _____, and the cryptography component.

authentication mechanisms

Which of the following should probably not be included in the TCB?

Third-party applications (D)

The biggest threat to the TCB is the software it runs.

False (B)

What is a supply-chain attack?

A method of compromising hardware through its external supply sources.

Match the elements with their description regarding the TCB:

Kernel = Core component managing system resources Authentication mechanisms = Methods for verifying user identity Cryptography component = Ensures secure data encryption and decryption Third-party applications = Software not essential to the TCB's core functions

What should the Trusted Computing Base (TCB) be in relation to a system's security needs?

As small as possible, yet adequate (B)

The principle of least privilege suggests that users should be granted maximum privileges to perform their tasks.

False (B)

What can be affected if the authorization mechanism is compromised?

Integrity of the software

If a user can perform administrative tasks without proper authorization, it indicates a possible _____ in the system's security.

vulnerability

Match the following user roles with their respective privileges:

Root user = Can perform all administrative operations Basic user = Limited to standard user tasks Sudo user = Can execute commands with root privileges Attacker = Exploits vulnerabilities to gain unauthorized access

Why is confidentiality important in a system?

To ensure sensitive content is protected (A)

A user granted unauthorized access to change another user's password indicates a well-functioning authorization mechanism.

False (B)

What does the term 'privilege escalation' refer to in system security?

A basic user gaining unauthorized administrative access

What are the two concepts that RBAC-A utilizes?

Static role definition and dynamic attributes (B)

In RBAC-A, permissions are determined at the time of role definition.

False (B)

Name one of the MAC systems used by Linux.

SELinux or AppArmor

In ABAC, the rule format includes 'If the role is ______ and working day is ______...'

teller, Tuesday

Match the following MAC systems with their characteristics:

SELinux = Implements a robust MAC framework AppArmor = Path-based access control RBAC = Role-based access control MLS = Multi-level security enforcement

Which statement accurately describes SELinux?

It combines RBAC, type enforcement, and multi-level security. (C)

AppArmor restricts applications based on roles.

False (B)

What type of permissions can be added or removed in RBAC-A?

Permissions based on dynamic attributes

Flashcards

Trusted Computing Base (TCB)

A collection of hardware, software, and controls working together to enforce a security policy within a computer system.

Large TCB

A larger TCB includes more security mechanisms, such as extensive logging, encryption, and secure communications, offering more comprehensive security coverage.

Small TCB

A smaller TCB, due to its limited components, is easier to secure, has fewer vulnerabilities, and is more portable, making it suitable for integrating into various systems.

Elements within the TCB

The operating system kernel, authentication mechanisms (e.g., biometrics, passwords), and cryptography components (key management, secure encryption/decryption) are essential elements within the TCB.

Elements NOT suitable for the TCB

Third-party applications, activity surveillance mechanisms (e.g., loggers), and unnecessary user applications can increase complexity and introduce vulnerabilities, and are generally not ideal components for the TCB.

Threat to the TCB: Hardware Vulnerability

A significant threat to the TCB is the hardware it relies on. Supply-chain attacks on hardware components can compromise the entire TCB.

Mitigating Hardware Vulnerability

Strict scrutiny of all hardware components entering the company, including scanning and reverse engineering, is a crucial mitigation strategy to ensure hardware reliability and protect against supply-chain attacks.

Security Effectiveness

The degree to which a system's design and implementation can effectively achieve security goals and withstand malicious attacks.

User Privileges

Operations a user can perform based on their role and context. This can include things like reading, writing, modifying files, managing user accounts, or installing software.

Confidentiality

Ensuring that sensitive data, like login credentials, is protected from unauthorized access.

Authorization Mechanism

The mechanism that determines what actions a user is allowed to perform based on their identity and role. It acts as a gatekeeper, deciding who can do what.

Privilege Escalation

A situation where a user gains access to more privileges than they should have. This can happen if the authorization mechanism is flawed or misconfigured.

Principle of Least Privilege

A principle that states that users should only have the minimum privileges necessary to carry out their tasks. This helps to prevent privilege escalation.

Vulnerability

A flaw in the software that could be exploited by attackers to gain unauthorized access or privileges.

Defense in Depth

A security measure that is designed to limit the impact of an attack. It helps to protect the system even if a vulnerability is exploited.

TCB (Trusted Computing Base)

A security policy that is designed to minimize the attack surface, which is the collection of potential entry points that could be exploited by attackers. It involves keeping the system simple and only including essential components.

Role-Based Access Control (RBAC)

A security model where access rights are assigned based on the functions a user performs. Users are grouped into roles, each with specific tasks and permissions.

Attribute-Based Access Control (ABAC)

A access control model where permissions are based on attributes, such as time of day, location, or device used.

RBAC's Strictness

In RBAC, permissions are strictly determined by the assigned role. Any change requires creating new roles based on the new attribute.

ABAC's Flexibility

ABAC adapts to changes more easily by considering dynamic attributes in access control decisions.

ABAC's Efficiency

ABAC can handle changes more efficiently due to its ability to use dynamic attributes, reducing the need for role explosion.

ABAC's Challenges

A main disadvantage of ABAC is the challenge of managing and updating user permissions as attributes change.

RBAC: Simple but Rigid

RBAC is a simpler model for access control, but can be less flexible for dynamic environments.

ABAC: Flexible but Complex

ABAC provides greater flexibility but requires careful management of attributes and their impact on access control.

Role-Based Access Control with Attributes (RBAC-A)

A method of access control where permissions are granted based on user roles, but also dynamically adjust based on changing attributes like time, location, or device.

Dynamic Attributes in RBAC-A

In RBAC-A, a single 'Teller' role can have different permissions based on attributes, like working day and hours. This effectively creates separate roles without defining them explicitly.

Mandatory Access Control (MAC)

A security model that enforces access control based on the type of data and resources, rather than user identities. It's designed to prevent unauthorized access to sensitive information regardless of who the user is.

Security-Enhanced Linux (SELinux)

A MAC system that utilizes a robust framework for enforcing security policies, utilizing RBAC, type enforcement, and multi-level security.

AppArmor

A MAC system that restricts applications to a set of specified resources through path-based access control. It offers a simpler approach compared to SELinux.

SELinux vs. AppArmor

SELinux focuses on enforcing security policies through a comprehensive framework, while AppArmor uses path-based rules to restrict access, offering simplified control.

Contextual Access Control

Depending on the security requirements and specific context, different configurations of access control systems like RBAC, RBAC-A, and MAC (SELinux or AppArmor) may be implemented.

MAC in Linux

Security-Enhanced Linux (SELinux) and AppArmor are examples of MAC systems that are commonly used in Linux operating systems. Both enforce access control but through different mechanisms.

Study Notes

Trusted Computing Base (TCB)

• TCB is the combination of hardware, software, and controls that work together to enforce computer security policies.
• A larger TCB offers broader security coverage through more comprehensive security mechanisms (e.g., logging, encryption). This allows for more flexible use due to numerous built-in functions.
• A smaller TCB is easier to protect because it has fewer components, which decreases vulnerabilities. Smaller TCBs are also portable.
• Three common elements within a TCB include the kernel, authentication mechanisms (biometrics/passwords), and cryptography components (key management and encryption).
• Three elements that should not typically be part of a TCB include third-party applications, activity surveillance mechanisms (like loggers), and unnecessary user applications. These add unnecessary complexity and vulnerability.

Authorization & Privilege Escalation

• User privileges are the operations a user is permitted to perform within a system. These depend on the user's role and context, including actions like reading, writing files, installing/removing software, or managing accounts.
• Phishing for user credentials does not directly break the authorization mechanism, but instead compromises the confidentiality property of the system.
• Compromising a piece of software running as root to gain root privileges breaks the authorization mechanism by granting unauthorized access.
• If an attacker gains the right to change another user's password, the authorization framework is compromised as it grants excessive privileges.
• A privilege escalation occurs when an attacker manipulates a system to obtain higher-level privileges.

Role-Based Access Control (RBAC)

• RBAC is an access control model that allows access based on functions a user is permitted to perform.
• Role-based access controls are defined by functions or roles, and users are assigned these roles. Examples are: administrator, manager, department manager, or employee. These roles determine access levels to data and features.
• A use case of RBAC is in a company database with financial data. The administrator has full database access followed by progressively narrowed access down to employees, only seeing their data.

Attribute-Based Access Control (ABAC)

• ABAC allows permissions based on dynamic attributes, including those tied to time of day or context.
• RBAC is stricter and roles are static, where ABAC is more flexible and allows user permissions to change based on real-time conditions.
• A potential disadvantage of ABAC is the complexity of changing permissions based on numerous attributes.
• RBAC-A combines static roles with dynamic attributes in order to avoid ABAC's complexity.

Description

Test your knowledge on Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). This quiz covers various aspects of these access control models, including their advantages, disadvantages, and components of the Trusted Computing Base (TCB). Challenge yourself to match roles with access levels and understand important security principles.