Basic composition : subject , object , control strategy ;
Access control model ：
1. Autonomous access control （DAC）:
characteristic : Authorized users can transfer their rights to others , Permission modification is performed by privileged users .linux,unix ,windows NT（windows
Series name of , include win 10 These releases ） They all take this form .
Permission information storage （ Access table ）:
(1) Access control table (ACL)： Take the object as the core , Then contact all subjects and their corresponding authorities to the object .
(2) Access control form (ACCL): Taking the subject as the core , List all its allowed objects and permissions .
(3) Access control matrix (ACM)： Binary matrix expresses authority relation , There will be redundancy .
characteristic : Flexible data access , Allow free transfer of permissions , But at the same time, it will bring security problems , Low data protection .
2. mandatory access control （MAC）:
More stringent rights management , Give subject and object a certain level of security , Each user according to their own security level , You will have all your own access , This permission is strictly linked to the security level , Transfer not allowed , It is also not allowed to change for a single user .
Read write permission instance :（ Two strict mechanisms commonly used in the army ）
（1） Write up , Read down : Effectively prevent information leakage to low security level , Protect confidentiality .
（2） Write down , Read up : Effectively prevent the lower level from tampering with information , Protect integrity .
3. Role based access control （RBAC）:
Combining the two extremes ( Freedom and coercion ), A comprehensive model of design .
Users are no longer considered individually , It's organized into groups , And set the permissions of the object as roles , A role will have its own specific abilities , In this way, the user can obtain the permission in the way of role , Instead of getting permission directly .
such , That is, the flexibility of freedom is preserved , That is, users can take different roles to obtain different permissions , It also ensures the strictness of access , That is, the role is fixed , No free combination of characters , And role acquisition is controllable .
The administrator decides to obtain, add or delete roles , Not free access . This is RBAC and DAC The difference between .
Permissions are organized by roles , A role may obtain permissions at different security levels , So there is no concept of security level , Add roles on demand . This is RBAC and DAC The difference between .
Basic principles of access control model :
（1） Principle of least privilege : According to the minimum distribution of power required by the subject , Not much .
（2） Minimum leakage principle : During the exercise of authority , Minimize the information it gets .
（3） Multilevel security policy : Consider the level of information security , Avoid high-level information leaking to low-level subjects .
Example of system security management ——windows NT:
User authentication ——> encryption / access control ——> audit / Administration core : security policy
The main body of safety management includes : user , group , computer （ resources ）, field .
Security services include two : security reference monitor SRM（ In kernel mode ）, Local security agency LSA( In user mode ). The former is the foundation , Be responsible for the authority control of the object , And LSA Cooperate to monitor access information , Keep the audit .
windows access control ：
Composed of access token and security descriptor ;
SID： Security identifier assigned to each account or account group , It's the only one in the same system .SID The last bits of are relative identifiers RID,500 by administrator,501 by guest,RID from 1000 Start with a user account .
A privilege information generated from the account information read by the access token when the account is logged in , Is the ticket for the user to access the system . After that, the access to resources will be judged according to the token , To change the token , You need to log out .
The security descriptor is the property of the accessed object , Containing those who have SID and ACL, Divided into DACL and SACL, It indicates whether the permission and principal operations are recorded in the log .
windows Network management :
Active Directory AD: Network objects , Include users , computer , equipment , The server , field , department , Security policies are organized into different organizational units OU, It is equivalent to dividing objects into different groups according to their types , To record and manage .
Group Policy GP: For different OU, Specify different GP, Perform the corresponding security configuration . Registry is the database of system application software configuration .GP You can merge the primary configuration into a set merge implementation , In fact, it is to modify the registration form .GP Divided into AD
GP And local GP, The former is stored on the domain controller AD In the database of , The OU in , Implemented by domain administrator ; The latter is stored on the local computer , Acting on the machine , Implemented by local administrator . When the user logs in to AD Middle time ,AD
GP Override local GP, Because the former has high priority .