etrust Access Control etrust Access Control UNIX(Linux, Windows) 2
etrust Access Control etrust Access Control 3 ID 10 ID SU ID root 4
OS OS 2 aaa 3 5 TCP/IP outgoing incoming DMZ 6
OS setuid/setgid) OS 7 Read, Write, Execute, Delete, Update, Chown, Chmod, Chdir, ALL, Note UFS, HPFS, CDFS, FAT, NTFS Kill OS etrust Access Control 8
9 DB 10 etrust Access Control etrust Access Control
11 etrust Access Control etrust Access Control OS 12 etrust Access Control User1 more /secret? SYSCALL TABLE Access Control Access Control secret secret ACDB read Etc. Etc. open exec setuid
etrust Access Control etrust Access Control root administrator root root Shut Down UNIXOS 14
IV. I. II. III. etrust Access Control. Log etc 16
17. All Deny All Deny 18. Unix
. HTTP Port aaaa Login Telnet,rlogin Login Unix 19. su Unix OS root 20
21. Unix 22. etrust Access ControlUnix Unix OS etrust Access Control
etrust Access Control WH What Who When Where How 23 Information Title Access Administrator Class Command Command Type Daemon Date Details Effective user ID Event type File Host name Login user ID Object Program Real user ID Resource Service Status Terminal Time Trace Information User name 24 etrust Access Control UID ID ( ) UNIX UID UIDeAC Logout
1. hanako 2. taro 3. su root 4. </JINJI> 5. </KEIRI> UNIX 1. hanako HP-UX 2. taro 3. su root 4. 5. etrust Access Control 1. hanako 2. taro 3. su taro 4W1H 4. taro </JINJI> 5. taro </KEIRI> 25 26 08 Jul 2002 10:57 D LOGIN root 59 10 TKY001 sedlang 08 Jul 2002 10:58 P LOGIN tanaka 59 2 100.35.110.100 /usr/bin/login 08 Jul 2002 11:37 D FILE tanaka Read 69 2 /test1/test1.txt /bin/ vi 08 Jul 2002 11:37 D FILE tanaka Read 69 2 /test1/test1.txt /bin/cat 08 Jul 2002 11:11 D SURROGATE tanaka Read 69 2 USER.root /bin/su 100.35.110.100 08 Jul 2002 16:14 P LOGIN yamada 59 2 100.50.101.20 /bin/login 08 Jul 2002 16:15 P TRACE 210 210 210 0 EXECARGS: 'cp /etc/passwd *' 08 Jul 2002 16:15 D FILE yamada Read 55 2 /etc/inetd.conf /bin/cat 100.50.101.20 08 Jul 2002 16:16 O LOGOUT yamada 49 2 100.50.101.20 TKY001 root 100.35.110.100 tanaka tanaka /test1/test1.txt vi tanaka /test1/test1.txt cat tanaka 100.35.110.100 su 100.50.101.20 yamada UID 210 /etc/passwd 100.50.101.20 yamada /etc/inetd.conf 100.50.101.20 yamada
27 OS Linux UNIX PMDB COPY COPY COPY PMDB PMDB PMDB PMDB PMDB PMDB PMDB PMDB PMDB PMDB PMDB 28 Linux SNMP unix
etrust Access Control 29 30
Web OS:Redhut7.0 Hostname: etrustxxx IP address xxx.xxx.xxx.xxx etrust Access Control SW Web OS:Redhut7.0 Hostname:etrust015 IP address:1 xxx.xxx.xxx.xxx etrust Access Control 31 DMZ OS:Windows2000Server Hostname:iinhi02 IP address:yyy.yyy.yyy.yyy Web 32 Root Root Root
Web Web Web 33 Web iinuma 34
Web OS root OS root 35 Web 36
Web OS root Web 37 Web 38
etrust Access Control Web Web 39 etrust Access Control etrust Access Control HTML OS root Web Web 40
etrust Access Control iinuma 41 etrust Access Control OS root etrust Access Control iinuma 42
etrust Access Control etrust Access Control iinuma User :iinuma /bin/su Root 43 etrust Access Control etrust Access Control root OS root 44
etrust Access Control OS root etrust Access Control OS Web 45 etrust Access Control etrust Access Control Web root User :root HTML 46
etrust Access Control OS root Web etrust Access Control OS Web 47 etrust Access Control etrust Access Control Web Web root Web User :root Web 48
49 etrust Access Control Web Web 50 Web Root Root Root Host Host su OK su OK
51 etrust Access Control Unix OS etrust Access Control 52 Web Root Root Root root root
53 etrust Access Control Unix OS etrust Access Control 54 Web Root Root Root Host Host su OK su OK root root
55 Unix OS etrust Access Control 56
etrust Access Control etrust Access Control 58
etrust Access Control root administrator 59 etrust Access Control OracleDB2 60
etrust Access Control su root ID 61 IDS etrust Access Control 62
etrust Access Control OS 63 etrust Access Control UNIX LINUX 64
etrust Access Control OS 65 etrust Access Control 66