Here’s a clear, simple, and practical summary of **Lecture 3: Access Control and Identity Management** by Eleftheria Makri:

---

# Lecture 3: Access Control and Identity Management

---

## 1. Key Concepts in Access Control

* **Access Control:** Process to allow only authorized users/programs to access or modify system resources.
* Main steps when accessing a system:

  1. **Identification:** Claiming who you are (e.g., user ID, badge).
  2. **Authentication:** Verifying your identity claim (e.g., password, biometrics).
  3. **Authorization:** Granting access to resources based on identity.
  4. **Accountability:** Tracking who accessed what and when.

---

## 2. Identification Methods

* Physical or digital ways to identify users or devices:

  * Badges, User IDs, Account Numbers, MAC/IP addresses.
  * RFID tags (used in passports, goods), Email addresses (common but spoofable).

---

## 3. Authentication Methods

* Verify identity using:

  * **Knowledge:** Passwords, PINs, graphical passwords.
  * **Possession:** Smart cards, tokens, USB devices.
  * **Characteristics:** Biometrics (fingerprints, iris, voice, signature).

* **Multifactor authentication (MFA):** Use two or more methods for stronger security.

* Biometric accuracy is measured by:

  * False Reject Rate (FRR)
  * False Accept Rate (FAR)
  * Crossover Error Rate (CER)

---

## 4. Identity Management

* Systems that **create, maintain, and revoke** user identities.

* Challenges in large systems include privacy, linking to physical identity, and unforgeability.

* **User vs. Identity vs. Subject:**

  * User: the real person or machine.
  * Identity: entry in identity system linked to a user.
  * Subject: system entity (e.g., process) acting with privileges.

* **User Access Management:** Lifecycle from registration to removal of access.

---

## 5. Access Control Policies

* Define who can access what, under which conditions.
* Types of policies:

  * **Discretionary Access Control (DAC):** Owner decides access; rights can be transferred.
  * **Mandatory Access Control (MAC):** System/admin enforces strict rules based on labels; no transfer of rights.
  * **Non-Discretionary Access Control:** Access based on roles or attributes; admin controls permissions.
  * **Role-Based Access Control (RBAC):** Access granted based on roles (job functions).

---

## 6. Access Control Mechanisms

* **Access Control Lists (ACLs):** List of permissions attached to each resource.
* **Capabilities:** Tokens held by users defining their access rights.
* ACLs are simpler to implement, but harder to check at runtime; capabilities are easier to check but harder to manage in big systems.

---

## 7. Privilege Classes in Systems

* **Owner:** Creator/admin of resource.
* **Group:** Users grouped to share privileges.
* **World:** All other users with minimal privileges.
* **Superuser:** Has all privileges.

---

## 8. Separation of Duties (SoD)

* To prevent insider abuse by limiting role combinations.
* Example constraints:

  * A user cannot hold conflicting roles simultaneously.
  * Some roles require others to be assigned too.
  * "Four eyes principle": At least two people must approve actions.

---

## 9. Multi-level Security Models

### Bell-LaPadula Model (Confidentiality)

* No **read-up:** Users can’t read data above their clearance.
* No **write-down:** Users can’t write data to lower clearance levels.
* Used in military/government systems to protect classified info.

### Biba Model (Integrity)

* No **read-down:** Users can’t read lower integrity data.
* No **write-up:** Users can’t write to higher integrity levels.
* Ensures data integrity by preventing unauthorized modification.

### Chinese Wall Model (Conflict of Interest)

* Prevents users from accessing data from competing companies.
* User can access data from one company but blocked from rivals.
* Write access allowed only if no conflicts exist.

---

## 10. Summary

* **Access control** ensures only authorized access to resources.
* **Identification, Authentication, Authorization, and Accountability** are the core steps.
* Various policies and models exist depending on use case and environment.
* SoD limits risks from insiders.
* Multi-level models like Bell-LaPadula and Biba protect confidentiality and integrity.
* The Chinese Wall model addresses conflicts of interest in business contexts.

---

## Useful References

* Dieter Gollmann, *Authentication, Authorisation & Accountability* (AAA) - CyBOK
* William Stallings & Lawrie Brown, *Computer Security: Principles and Practice* (Chapters 3 and 4)

---

If you want, I can help with real-world examples, practice questions, or deeper explanations on any part!
