Tejas Jain

This was the first formal state machine model developed to protect confidentiality. The Bell-LaPadula model focuses on data confidentiality, unlike Biba model (which focuses on integrity). It is also called "read down, write up" model. This implies trusted subjects may read content below their security level and write content above their security level. Bell-LaPadula Model The model defines two mandatory access control (MAC) rules: The Simple Security Property states that a subject at a given security level may not read an object at a higher security level . The * (star) Security Property states that a subject at a given security level may not write to any object at a lower security level . Limitations Only addresses Confidentiality (out of the three - confidentiality, integrity and availability) Covert channel communication is not addressed comprehensively

Origin: Published in 1977 at the Mitre Corporation, one year after the Bell La-Padula model. While BLP model addresses Confidentiality (and nothing about Integrity), Biba proposed this model to address Integrity Biba Integrity model describes a set of access control rules that are designed to ensure data integrity. Subjects and Objects are grouped into various ordered levels of integrity. Access modes of Biba Model Modify : This allows a subject to write to an object. In layman parlance, it is equivalent to write mode in other models. Observe : This allows a subject to read an object. This command is synonymous to the read command of other models. Invoke : This allows one subject to communicate with another subject. Execute: This allows a subject to execute an object. The command essentially allows a subject to execute a program which is the object This model is directed towards data integrity (rather than confidentiality). It is also called "read up, write down" model. This

What is false acceptance rate? FAR = the percent of unauthorized users incorrectly matched to a valid user's bio metric parameter What is false rejection rate? FRR = the percent of incorrectly rejected valid users What is crossover error rate? The Crossover Error Rate (CER) describes the point where the False Rejection Rate (FRR) and False Accept Rate (FAR) are equal. CER is also known as the Equal Error Rate (EER). The Crossover Error Rate describes the overall accuracy of a biometric system. Moral of the story : As the sensitivity of a biometric system increases, FRRs will rise and FARs will drop. Conversely, as the sensitivity is lowered, FRRs will drop and FARs will rise.

What are subjects? Subject are active entitites that access passive objects. For eg. users can be considered as subjects as they access the objects for performing some action or to accomplish a task. What are objects? Objects are passive entities such as files, accessed by subjects

Preventive - to stop unauthorized or unwanted activity from occurring Detective - to discover / detect unauthorized or unwanted activity Corrective - to restore systems back to normal after unauthorized or unwanted activity has occurred. Deterrent - to discourage attackers from violating security policies or take an unwanted action Recovery - to repair or restore resources and capabilities after a security policy violation Directive - to direct, confine or control the action of subjects to force or encourage compliance with security policy Compensation - to provide alternatives to existing controls to aid enforcement and support of a security policy

Cisco ACI - Port Tracking One of the techniques to speed up convergence in case of internal fabric connectivity failures, "port-tracking" feature addresses an outage where a leaf node loses connectivity to "all" the spine nodes in the Cisco ACI fabric. In such a scenario, the hosts that are connected to such a leaf in active-standby setup are usually not aware of such an outage and continue to send traffic to the now isolated leaf. This is where the port-tracking feature brings down all the host facing ports of the isolated leaf node. For the servers that are dual homed to different leafs, this action would ensure that the uplink to the isolated leaf is not considered for forwarding the traffic. The changes can be made as below: System >> System Settings >> Port Tracking

Cisco ACI has the concept of Anycast Gateway where the default gateway of the subnet (configured with the Bridge domain) exists on the Leaf devices. Now, more importantly, the anycast gateway / SVI (Switched Virtual Interface) is configured (rather programmed) on only those Leaf switches which have endpoints belonging to that bridge domain. How does Cisco ACI determine whether it should configure an SVI on a particular Leaf? It does this via CDP, LLDP or OpFlex (if the endpoints support it). This would imply, that CDP / LLDP is not just there for operational purposes, but rather, it actually holds a powerful influence on the actual traffic forwarding, unlike traditional switches. CDP uses the usual Cisco CDP timers with an interval of 60s and a holdtime of 120s. LLDP uses the usual LLDP timers with an interval of 30s and a holdtime of 120s. CDP support for Fabric Extenders has started from ACI 2.2 release. For older releases, LLDP should do the trick.