SlideShare une entreprise Scribd logo
1  sur  18
Télécharger pour lire hors ligne
Development and Implementation of Mandatory Access
Control Policy for RDBMS MySQL
Denis Kolegov, Nikolay Tkachenko, Dmitry Chernov
National Research Tomsk State University
Department of Information Security and Cryptography

(

)

1 / 18
Problem

Development and implementation of mandatory access control for
RDBMSs that originally based on discretionary access control is one of the
actual problem of computer security
The MLS policy restricts access to entities based on the sensitivity of the
information contained in its entities and the "clearance"of users to access
such information
MLS controls the flow of information across the entire system,
guaranteeing that users with lower clearance know nothing about the
existence or contents of data with higher sensitivities

(

)

2 / 18
Disadvantages of existence approaches

Absence of formal (mathematical) models for access control security
policies
Correctness of mandatory access control is not proved
Security requirements for information flows are not considered
Mandatory access control mechanisms are not implemented as
reference monitor of database kernel

(

)

3 / 18
Purpose of the work

Enforcement of MLS policy in DBMS MySQL based on the formal models
The following problems were solved for reaching the purpose:
Research and modelling of discretionary access control mechanisms in
MySQL
Develompent of MySQL security policy including initially DAC policy
and new MLS policy
Implementation of MLS mechanism based on the created formal
security model
Access control mechanism security testing

(

)

4 / 18
Research of access control in MySQL

Access control research was based on the documentation and source
code analysis and tests
The main storage and timing covert channels were identified and
assessed
Information flows arising from SQL statements execution and violating
MLS policy were identified

(

)

5 / 18
Research of access control in MySQL

The following types of SQL statements can lead to unauthorized access
and MLS policy violating information flows:
«INSERT INTO . . . VALUES((SELECT. . . ), . . . )»;
«INSERT . . . SELECT»;
«UPDATE . . . SET . . . = (SELECT . . . )».

(

)

6 / 18
Example of violating MLS policy information flow

user> insert tab2 values((select col1 from tab1 limit 1));
(

)

7 / 18
Policy restrictions

All information flows are considered within DBMS MySQL
Information flows generated by SELECT, INSERT, UPDATE and
DELETE operators are considered
Timing covert channels are out of scope

(

)

8 / 18
The DP-models theory

DP-models were developed by Peter Devyanin in «Access control and
information flow security analysis of Computer Systems» monography
DP-models are based on the elements of Take-Grant model,
Bell-LaPadula model, and Military Security Policy model
DP-models are proposed for mathematical proving of access control
security

(

)

9 / 18
Elements of developed MySQL DP-model

Object entities O: columns COL, procedures Op , triggers Ot , views Ov
and variables Ov
Container entities C : tables TAB, databases DB and root container C0
Session subjects S, users’ accounts U
Function of entity hierarchy H : C ∪ Op ∪ Ot ∪ S → 2O∪C
Function of security classification of object entities
fe : (O  Ov ) ∪ C → L
Function of security clearance of user’s accounts
fs : U → L
Function determining user by session subject user : S → U

(

)

10 / 18
Elements of developed MySQL DP-model

Set of access rights Rr = {readr , writer , appendr , deleter , alterr ,
executer , creater , dropr , create_routiner , create_userr , triggerr ,
create_viewr }
Set of accesses Ra = {reada , writea , appenda }
Set of information flows Rf = {writem }
Set of access rights that can be granted Grant ⊆ U × (C ∪ O) × Rr
State of the model G = (U, S, E , R, A, H, (fs , fe ), user , Grant,
execute_as, triggers, owner , operations, var )
Σ(G ∗ , OP) – computer system

(

)

11 / 18
Examples of transformation rules

Rule
create_session(u, s)

Initial state
u ∈ U, s ∈ S

s
∈ S, user (s) ∈ Lu ,
u ∈ U, l ≤ fs (user (s)),
(user (s), c0 , create_userr ) ∈ R
grant_right(s, u, e, α, s ∈ S, u ∈ U, e ∈ C ∪O, α ∈ Rr ,
grant_option)
grant_option ∈ {true, false},
∃c ≥ e : (s, c , α) ∈ Rr , ∃c ≥
e : (user (s), c, α) ∈ Grant
access_read(s, e)
s ∈ S, e ∈ DB ∪ TAB ∪ COL,
∃c ∈ C ∪ O, that e < c or
e = c, fs (user (s)) ≥ fe (c) and
HLS(e, c) = true, e1 ∈ O ∪ C :
fe (e1 ) < fe (e) and (s, e1 , α) ∈
A, where α ∈ {writea , appenda }
create_user (s, u, l)

(

Final state
Ss = Ss ∪ {s}, fs (s) =
fs (u), user (s) = u
U = U ∪ {u}, fs (u) = l
R
= R ∪ {(u, e, α)},
if grant_option = true,
then Grant = Grant ∪
{(u, e, α)}
A = A ∪ {(s, e, reada )},
F = F ∪ {(e, s, writem )}

)

12 / 18
Theorem
Definition 1
In the state G of system Σ(G ∗, OP) access (s, e, α) ∈ A satisfy to
ss-property, if α = appenda or fs (user (s)) ≥ fe (e).

Definition 2
In the state G of system Σ(G ∗, OP) accesses (s, e1 , reada ), (s, e2 , α) ∈ A,
where α ∈ {writea , appenda } satisfy to *-property, if fe (e1 ) ≤ fe (e2 ).

Theorem
Let G0 – initial state of the system Σ(G ∗, OP, G0 ), that is secure in terms
of Bell-LaPadula, and A0 = F0 = ∅. Then system Σ(G ∗, OP, G0 ) is secure
in terms of Bell-LaPadula.

(

)

13 / 18
Security labels storing

(

)

14 / 18
Security labels processing

(

)

15 / 18
Mandatory access control scheme

(

)

16 / 18
Results

1) The implementation methods of violating MLS policy information
flows in DBMS MySQL were identified
2) The mathematical DP-model of mandatory access control policy of
DBMS MySQL was developed
3) The adaptation of developed model to access control mechanisms of
DBMS MySQL was performed
4) The mandatory access control mechanism of DBMS MySQL was
implemented as reference monitor on database kernel level

(

)

17 / 18
Thank you for your attention!!!

Denis Kolegov,
d.n.kolegov@gmail.com
Nikolay Tkachenko,
n.o.tkachenko@gmail.com
Dmitry Chernov,
dm.vl.chernov@gmail.com

(

)

18 / 18

Contenu connexe

Similaire à Development and Implementation of Mandatory Access Control Policy for RDBMS MySQL

CNSM 2022 - An Online Framework for Adapting Security Policies in Dynamic IT ...
CNSM 2022 - An Online Framework for Adapting Security Policies in Dynamic IT ...CNSM 2022 - An Online Framework for Adapting Security Policies in Dynamic IT ...
CNSM 2022 - An Online Framework for Adapting Security Policies in Dynamic IT ...Kim Hammar
 
Database Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDatabase Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDr-Dipali Meher
 
Ch18 OS
Ch18 OSCh18 OS
Ch18 OSC.U
 
concurrency with GPars
concurrency with GParsconcurrency with GPars
concurrency with GParsPaul King
 
Scalable and Privacy-preserving Data Integration - Part 2
Scalable and Privacy-preserving Data Integration - Part 2Scalable and Privacy-preserving Data Integration - Part 2
Scalable and Privacy-preserving Data Integration - Part 2ErhardRahm
 
Apache Flink Training: DataStream API Part 2 Advanced
Apache Flink Training: DataStream API Part 2 Advanced Apache Flink Training: DataStream API Part 2 Advanced
Apache Flink Training: DataStream API Part 2 Advanced Flink Forward
 
Data Science At Scale for IoT on the Pivotal Platform
Data Science At Scale for IoT on the Pivotal PlatformData Science At Scale for IoT on the Pivotal Platform
Data Science At Scale for IoT on the Pivotal PlatformGautam S. Muralidhar
 
secure mining of association rules in horizontally distributed databases
secure mining of association rules in horizontally distributed databasessecure mining of association rules in horizontally distributed databases
secure mining of association rules in horizontally distributed databasesswathi78
 
Ch3_Rel_Model-95.ppt
Ch3_Rel_Model-95.pptCh3_Rel_Model-95.ppt
Ch3_Rel_Model-95.pptAtharvaBagul2
 
Privacy-preserving Information Sharing: Tools and Applications
Privacy-preserving Information Sharing: Tools and ApplicationsPrivacy-preserving Information Sharing: Tools and Applications
Privacy-preserving Information Sharing: Tools and ApplicationsEmiliano De Cristofaro
 
Graphing Enterprise IT – Representing IT Infrastructure and Business Processe...
Graphing Enterprise IT – Representing IT Infrastructure and Business Processe...Graphing Enterprise IT – Representing IT Infrastructure and Business Processe...
Graphing Enterprise IT – Representing IT Infrastructure and Business Processe...Neo4j
 
Topic12ADTS_GenericDataStructures.ppt
Topic12ADTS_GenericDataStructures.pptTopic12ADTS_GenericDataStructures.ppt
Topic12ADTS_GenericDataStructures.pptBlackSeraph
 

Similaire à Development and Implementation of Mandatory Access Control Policy for RDBMS MySQL (20)

Auditing.ppt
Auditing.pptAuditing.ppt
Auditing.ppt
 
Synopsis_kamlesh
Synopsis_kamleshSynopsis_kamlesh
Synopsis_kamlesh
 
wsns
wsnswsns
wsns
 
CNSM 2022 - An Online Framework for Adapting Security Policies in Dynamic IT ...
CNSM 2022 - An Online Framework for Adapting Security Policies in Dynamic IT ...CNSM 2022 - An Online Framework for Adapting Security Policies in Dynamic IT ...
CNSM 2022 - An Online Framework for Adapting Security Policies in Dynamic IT ...
 
Database Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,ViewDatabase Security Methods, DAC, MAC,View
Database Security Methods, DAC, MAC,View
 
Ch18 OS
Ch18 OSCh18 OS
Ch18 OS
 
OSCh18
OSCh18OSCh18
OSCh18
 
OS_Ch18
OS_Ch18OS_Ch18
OS_Ch18
 
concurrency with GPars
concurrency with GParsconcurrency with GPars
concurrency with GPars
 
Scalable and Privacy-preserving Data Integration - Part 2
Scalable and Privacy-preserving Data Integration - Part 2Scalable and Privacy-preserving Data Integration - Part 2
Scalable and Privacy-preserving Data Integration - Part 2
 
Apache Flink Training: DataStream API Part 2 Advanced
Apache Flink Training: DataStream API Part 2 Advanced Apache Flink Training: DataStream API Part 2 Advanced
Apache Flink Training: DataStream API Part 2 Advanced
 
Data Science At Scale for IoT on the Pivotal Platform
Data Science At Scale for IoT on the Pivotal PlatformData Science At Scale for IoT on the Pivotal Platform
Data Science At Scale for IoT on the Pivotal Platform
 
secure mining of association rules in horizontally distributed databases
secure mining of association rules in horizontally distributed databasessecure mining of association rules in horizontally distributed databases
secure mining of association rules in horizontally distributed databases
 
Ch3_Rel_Model-95.ppt
Ch3_Rel_Model-95.pptCh3_Rel_Model-95.ppt
Ch3_Rel_Model-95.ppt
 
Privacy-preserving Information Sharing: Tools and Applications
Privacy-preserving Information Sharing: Tools and ApplicationsPrivacy-preserving Information Sharing: Tools and Applications
Privacy-preserving Information Sharing: Tools and Applications
 
Anti patterns
Anti patternsAnti patterns
Anti patterns
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
 
Graphing Enterprise IT – Representing IT Infrastructure and Business Processe...
Graphing Enterprise IT – Representing IT Infrastructure and Business Processe...Graphing Enterprise IT – Representing IT Infrastructure and Business Processe...
Graphing Enterprise IT – Representing IT Infrastructure and Business Processe...
 
Defense
DefenseDefense
Defense
 
Topic12ADTS_GenericDataStructures.ppt
Topic12ADTS_GenericDataStructures.pptTopic12ADTS_GenericDataStructures.ppt
Topic12ADTS_GenericDataStructures.ppt
 

Plus de Denis Kolegov

Database Firewall from Scratch
Database Firewall from ScratchDatabase Firewall from Scratch
Database Firewall from ScratchDenis Kolegov
 
F5 BIG-IP Misconfigurations
F5 BIG-IP MisconfigurationsF5 BIG-IP Misconfigurations
F5 BIG-IP MisconfigurationsDenis Kolegov
 
SibirCTF 2016. Практические методы защиты веб-приложений
SibirCTF 2016. Практические методы защиты веб-приложенийSibirCTF 2016. Практические методы защиты веб-приложений
SibirCTF 2016. Практические методы защиты веб-приложенийDenis Kolegov
 
SibeCrypt 2016. Практические методы защиты веб-приложений
SibeCrypt 2016. Практические методы защиты веб-приложенийSibeCrypt 2016. Практические методы защиты веб-приложений
SibeCrypt 2016. Практические методы защиты веб-приложенийDenis Kolegov
 
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web A...
Non-Invasive Elimination of  Logical Access Control  Vulnerabilities in Web A...Non-Invasive Elimination of  Logical Access Control  Vulnerabilities in Web A...
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web A...Denis Kolegov
 
Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...
Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...
Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...Denis Kolegov
 
Covert Timing Channels using HTTP Cache Headers
Covert Timing Channels using HTTP Cache HeadersCovert Timing Channels using HTTP Cache Headers
Covert Timing Channels using HTTP Cache HeadersDenis Kolegov
 
General Method of HTTP Messages Authentication Based on Hash Functions in Web...
General Method of HTTP Messages Authentication Based on Hash Functions in Web...General Method of HTTP Messages Authentication Based on Hash Functions in Web...
General Method of HTTP Messages Authentication Based on Hash Functions in Web...Denis Kolegov
 
Covert Timing Channels using HTTP Cache Headers
Covert Timing Channels using HTTP Cache HeadersCovert Timing Channels using HTTP Cache Headers
Covert Timing Channels using HTTP Cache HeadersDenis Kolegov
 
Общая модель аутентификации HTTP-сообщений на основе хэш-функций в веб-прилож...
Общая модель аутентификации HTTP-сообщений на основе хэш-функций в веб-прилож...Общая модель аутентификации HTTP-сообщений на основе хэш-функций в веб-прилож...
Общая модель аутентификации HTTP-сообщений на основе хэш-функций в веб-прилож...Denis Kolegov
 
Моделирование безопасности управления доступом и информационными потоками на ...
Моделирование безопасности управления доступом и информационными потоками на ...Моделирование безопасности управления доступом и информационными потоками на ...
Моделирование безопасности управления доступом и информационными потоками на ...Denis Kolegov
 
Разработка и реализация мандатного механизма управления доступом в СУБД MySQL...
Разработка и реализация мандатного механизма управления доступом в СУБД MySQL...Разработка и реализация мандатного механизма управления доступом в СУБД MySQL...
Разработка и реализация мандатного механизма управления доступом в СУБД MySQL...Denis Kolegov
 
О построении иерархического ролевого управления доступом (SibeCrypt 2012)
О построении иерархического ролевого управления доступом (SibeCrypt 2012)О построении иерархического ролевого управления доступом (SibeCrypt 2012)
О построении иерархического ролевого управления доступом (SibeCrypt 2012)Denis Kolegov
 
Разработка и реализация механизма мандатного управления доступом в СУБД MySQL...
Разработка и реализация механизма мандатного управления доступом в СУБД MySQL...Разработка и реализация механизма мандатного управления доступом в СУБД MySQL...
Разработка и реализация механизма мандатного управления доступом в СУБД MySQL...Denis Kolegov
 

Plus de Denis Kolegov (16)

Database Firewall from Scratch
Database Firewall from ScratchDatabase Firewall from Scratch
Database Firewall from Scratch
 
F5 BIG-IP Misconfigurations
F5 BIG-IP MisconfigurationsF5 BIG-IP Misconfigurations
F5 BIG-IP Misconfigurations
 
SibirCTF 2016. Практические методы защиты веб-приложений
SibirCTF 2016. Практические методы защиты веб-приложенийSibirCTF 2016. Практические методы защиты веб-приложений
SibirCTF 2016. Практические методы защиты веб-приложений
 
SibeCrypt 2016. Практические методы защиты веб-приложений
SibeCrypt 2016. Практические методы защиты веб-приложенийSibeCrypt 2016. Практические методы защиты веб-приложений
SibeCrypt 2016. Практические методы защиты веб-приложений
 
ZN27112015
ZN27112015ZN27112015
ZN27112015
 
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web A...
Non-Invasive Elimination of  Logical Access Control  Vulnerabilities in Web A...Non-Invasive Elimination of  Logical Access Control  Vulnerabilities in Web A...
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web A...
 
Codefest2015
Codefest2015Codefest2015
Codefest2015
 
Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...
Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...
Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...
 
Covert Timing Channels using HTTP Cache Headers
Covert Timing Channels using HTTP Cache HeadersCovert Timing Channels using HTTP Cache Headers
Covert Timing Channels using HTTP Cache Headers
 
General Method of HTTP Messages Authentication Based on Hash Functions in Web...
General Method of HTTP Messages Authentication Based on Hash Functions in Web...General Method of HTTP Messages Authentication Based on Hash Functions in Web...
General Method of HTTP Messages Authentication Based on Hash Functions in Web...
 
Covert Timing Channels using HTTP Cache Headers
Covert Timing Channels using HTTP Cache HeadersCovert Timing Channels using HTTP Cache Headers
Covert Timing Channels using HTTP Cache Headers
 
Общая модель аутентификации HTTP-сообщений на основе хэш-функций в веб-прилож...
Общая модель аутентификации HTTP-сообщений на основе хэш-функций в веб-прилож...Общая модель аутентификации HTTP-сообщений на основе хэш-функций в веб-прилож...
Общая модель аутентификации HTTP-сообщений на основе хэш-функций в веб-прилож...
 
Моделирование безопасности управления доступом и информационными потоками на ...
Моделирование безопасности управления доступом и информационными потоками на ...Моделирование безопасности управления доступом и информационными потоками на ...
Моделирование безопасности управления доступом и информационными потоками на ...
 
Разработка и реализация мандатного механизма управления доступом в СУБД MySQL...
Разработка и реализация мандатного механизма управления доступом в СУБД MySQL...Разработка и реализация мандатного механизма управления доступом в СУБД MySQL...
Разработка и реализация мандатного механизма управления доступом в СУБД MySQL...
 
О построении иерархического ролевого управления доступом (SibeCrypt 2012)
О построении иерархического ролевого управления доступом (SibeCrypt 2012)О построении иерархического ролевого управления доступом (SibeCrypt 2012)
О построении иерархического ролевого управления доступом (SibeCrypt 2012)
 
Разработка и реализация механизма мандатного управления доступом в СУБД MySQL...
Разработка и реализация механизма мандатного управления доступом в СУБД MySQL...Разработка и реализация механизма мандатного управления доступом в СУБД MySQL...
Разработка и реализация механизма мандатного управления доступом в СУБД MySQL...
 

Dernier

Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 

Dernier (20)

Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 

Development and Implementation of Mandatory Access Control Policy for RDBMS MySQL

  • 1. Development and Implementation of Mandatory Access Control Policy for RDBMS MySQL Denis Kolegov, Nikolay Tkachenko, Dmitry Chernov National Research Tomsk State University Department of Information Security and Cryptography ( ) 1 / 18
  • 2. Problem Development and implementation of mandatory access control for RDBMSs that originally based on discretionary access control is one of the actual problem of computer security The MLS policy restricts access to entities based on the sensitivity of the information contained in its entities and the "clearance"of users to access such information MLS controls the flow of information across the entire system, guaranteeing that users with lower clearance know nothing about the existence or contents of data with higher sensitivities ( ) 2 / 18
  • 3. Disadvantages of existence approaches Absence of formal (mathematical) models for access control security policies Correctness of mandatory access control is not proved Security requirements for information flows are not considered Mandatory access control mechanisms are not implemented as reference monitor of database kernel ( ) 3 / 18
  • 4. Purpose of the work Enforcement of MLS policy in DBMS MySQL based on the formal models The following problems were solved for reaching the purpose: Research and modelling of discretionary access control mechanisms in MySQL Develompent of MySQL security policy including initially DAC policy and new MLS policy Implementation of MLS mechanism based on the created formal security model Access control mechanism security testing ( ) 4 / 18
  • 5. Research of access control in MySQL Access control research was based on the documentation and source code analysis and tests The main storage and timing covert channels were identified and assessed Information flows arising from SQL statements execution and violating MLS policy were identified ( ) 5 / 18
  • 6. Research of access control in MySQL The following types of SQL statements can lead to unauthorized access and MLS policy violating information flows: «INSERT INTO . . . VALUES((SELECT. . . ), . . . )»; «INSERT . . . SELECT»; «UPDATE . . . SET . . . = (SELECT . . . )». ( ) 6 / 18
  • 7. Example of violating MLS policy information flow user> insert tab2 values((select col1 from tab1 limit 1)); ( ) 7 / 18
  • 8. Policy restrictions All information flows are considered within DBMS MySQL Information flows generated by SELECT, INSERT, UPDATE and DELETE operators are considered Timing covert channels are out of scope ( ) 8 / 18
  • 9. The DP-models theory DP-models were developed by Peter Devyanin in «Access control and information flow security analysis of Computer Systems» monography DP-models are based on the elements of Take-Grant model, Bell-LaPadula model, and Military Security Policy model DP-models are proposed for mathematical proving of access control security ( ) 9 / 18
  • 10. Elements of developed MySQL DP-model Object entities O: columns COL, procedures Op , triggers Ot , views Ov and variables Ov Container entities C : tables TAB, databases DB and root container C0 Session subjects S, users’ accounts U Function of entity hierarchy H : C ∪ Op ∪ Ot ∪ S → 2O∪C Function of security classification of object entities fe : (O Ov ) ∪ C → L Function of security clearance of user’s accounts fs : U → L Function determining user by session subject user : S → U ( ) 10 / 18
  • 11. Elements of developed MySQL DP-model Set of access rights Rr = {readr , writer , appendr , deleter , alterr , executer , creater , dropr , create_routiner , create_userr , triggerr , create_viewr } Set of accesses Ra = {reada , writea , appenda } Set of information flows Rf = {writem } Set of access rights that can be granted Grant ⊆ U × (C ∪ O) × Rr State of the model G = (U, S, E , R, A, H, (fs , fe ), user , Grant, execute_as, triggers, owner , operations, var ) Σ(G ∗ , OP) – computer system ( ) 11 / 18
  • 12. Examples of transformation rules Rule create_session(u, s) Initial state u ∈ U, s ∈ S s ∈ S, user (s) ∈ Lu , u ∈ U, l ≤ fs (user (s)), (user (s), c0 , create_userr ) ∈ R grant_right(s, u, e, α, s ∈ S, u ∈ U, e ∈ C ∪O, α ∈ Rr , grant_option) grant_option ∈ {true, false}, ∃c ≥ e : (s, c , α) ∈ Rr , ∃c ≥ e : (user (s), c, α) ∈ Grant access_read(s, e) s ∈ S, e ∈ DB ∪ TAB ∪ COL, ∃c ∈ C ∪ O, that e < c or e = c, fs (user (s)) ≥ fe (c) and HLS(e, c) = true, e1 ∈ O ∪ C : fe (e1 ) < fe (e) and (s, e1 , α) ∈ A, where α ∈ {writea , appenda } create_user (s, u, l) ( Final state Ss = Ss ∪ {s}, fs (s) = fs (u), user (s) = u U = U ∪ {u}, fs (u) = l R = R ∪ {(u, e, α)}, if grant_option = true, then Grant = Grant ∪ {(u, e, α)} A = A ∪ {(s, e, reada )}, F = F ∪ {(e, s, writem )} ) 12 / 18
  • 13. Theorem Definition 1 In the state G of system Σ(G ∗, OP) access (s, e, α) ∈ A satisfy to ss-property, if α = appenda or fs (user (s)) ≥ fe (e). Definition 2 In the state G of system Σ(G ∗, OP) accesses (s, e1 , reada ), (s, e2 , α) ∈ A, where α ∈ {writea , appenda } satisfy to *-property, if fe (e1 ) ≤ fe (e2 ). Theorem Let G0 – initial state of the system Σ(G ∗, OP, G0 ), that is secure in terms of Bell-LaPadula, and A0 = F0 = ∅. Then system Σ(G ∗, OP, G0 ) is secure in terms of Bell-LaPadula. ( ) 13 / 18
  • 16. Mandatory access control scheme ( ) 16 / 18
  • 17. Results 1) The implementation methods of violating MLS policy information flows in DBMS MySQL were identified 2) The mathematical DP-model of mandatory access control policy of DBMS MySQL was developed 3) The adaptation of developed model to access control mechanisms of DBMS MySQL was performed 4) The mandatory access control mechanism of DBMS MySQL was implemented as reference monitor on database kernel level ( ) 17 / 18
  • 18. Thank you for your attention!!! Denis Kolegov, d.n.kolegov@gmail.com Nikolay Tkachenko, n.o.tkachenko@gmail.com Dmitry Chernov, dm.vl.chernov@gmail.com ( ) 18 / 18