Access control and authorization

Access Controls In Linux (Exercise 4.10 A, B)

Duration: 20-40 minutes

This lab teaches how to add users to groups in linux. Also demonstrates how to create a location in your computer to keep information confidential.

Report:

• Describe briefly the user management process in linux
• Describe briefly the main access controlled actions you encountered in the exercise e.g read/write and the commands you used for Linux file and Directory access control and what they do e.g chmod:

Software firewalls (Exercise 4.14)

Duration: 30-45 minutes

This lab exposes students to different approaches for software firewall use on linux platforms.

Report:

• What happens when you try to delete an non-empty chain in IPtables?
• What are the various filter table rules that you see?
• How would you allow only machines on your private network to access your computer?
• What rule would you write to stop anyone using your computer from accessing an infected host at IP….
• What rule written for input makes iptables act as a stateful firewall?
• How do you allow all access from the loopback device (in target extensions)?

Access control matrices, authorization lists, transfer of rights, access control models

See this page for the questions.