Ethical Hacking – Access Control

Objectives: Ethical Hacking – Access Control

Ethical Hacking – Access Control – Chapter 1

ETHICAL HACKING – GST 08111
Chapter 1: Access Control

Prepared by: Mr. Saidi

Introduction to Access Control

Access Control refers to the techniques, policies, and mechanisms used to manage:

  • Who can access a system
  • What resources they can access
  • Which actions they are allowed to perform

Real-Life Example:

Imagine your home: The house is the system β†’ The door is the access control point β†’ The key is authentication β†’ You (homeowner) decide who can enter β†’ Authorization

Everyday Example:

  • ATM machine β†’ Identification = card, Authentication = PIN, Authorization = withdraw money
  • University β†’ Students can access libraries but not administrative offices
  • WiFi password β†’ Only authorized users connect

Learning Objectives

  • Explain identification, authentication, authorization
  • Use access control models (DAC, MAC, RBAC, ABAC)
  • Apply mechanisms to enforce access control
  • Explain and use Single Sign-On (SSO)
  • Monitor logs and detect unauthorized access attempts (Practical)

Components of Access Control

1. Identification β€” β€œWho are you?”

User claims identity using:

  • Username
  • Email
  • ID number
  • IP address

Everyday Example:

When entering a school, you show your student ID card β†’ You identify yourself.

2. Authentication β€” β€œProve it!”

Authentication verifies the identity through:

  • Password
  • PIN
  • Fingerprint (biometrics)
  • One-time password (OTP)

Real-Life Example:

Unlocking your phone (biometrics or PIN) β†’ authentication.

3. Authorization β€” β€œWhat are you allowed to do?”

Once authenticated, the system checks what you can access.

Examples:

  • Students β†’ view results only
  • Lecturers β†’ upload marks
  • Admins β†’ manage system settings

Access Control Models

a) Discretionary Access Control (DAC)

Resource owner decides who gets access.

Examples:

  • A file owner gives read-only permission to others
  • Sharing a Google Drive folder

b) Mandatory Access Control (MAC)

Permissions set by the system, not the user.

Examples:

  • Military security clearance: Confidential, Secret, Top Secret
  • Prison database access

c) Role-Based Access Control (RBAC)

Access is based on job roles.

Example in School:

  • Teacher β†’ Grade assignments
  • Student β†’ View assignments only
  • Admin β†’ Create user accounts

d) Attribute-Based Access Control (ABAC)

Access depends on attributes such as time, device, location.

Examples:

  • Employees can only access the system during office hours
  • Only office computers allowed to access financial data

Access Control Mechanisms

These mechanisms enforce security policies:

  • Operating system permissions
  • Biometric scanners
  • Smart cards
  • Acl (Access Control Lists)
  • Firewall rules
  • IAM (Identity Access Management)

Everyday Example:

Your phone asking for fingerprint β†’ biometric mechanism.

Single Sign-On (SSO)

Definition:

SSO allows a user to log in once and access multiple systems without logging in again.

Examples:

  • Login to Gmail β†’ access Drive, YouTube, Workspace
  • Login to Microsoft account β†’ access Teams, OneDrive, Outlook

How SSO Works:

  1. User logs into Identity Provider (IdP)
  2. IdP verifies identity
  3. IdP generates authentication token
  4. Token is used across all trusted systems

Monitoring Logs for Unauthorized Access

Why monitor logs?

  • Identify suspicious activities
  • Detect intrusion attempts
  • Investigate system anomalies

Real-Life Example:

When someone reads your WhatsApp messages from another phone, you check β€œLinked Devices”. That's log monitoring.

Linux Commands:

1. Authentication Logs

sudo cat /var/log/auth.log

Check failed login attempts:

sudo grep "Failed password" /var/log/auth.log

2. System Logs

sudo tail /var/log/syslog

3. Audit Logs (if auditd installed)

sudo ausearch -x cat

4. Firewall Logs

sudo cat /var/log/ufw.log

Full Practical Lab – Access Control + Logs

Task 1: Create Users

sudo adduser student1
sudo adduser student2
sudo adduser adminuser

Create Groups (Roles)

sudo groupadd students
sudo groupadd admins

Assign Roles

sudo usermod -aG students student1
sudo usermod -aG students student2
sudo usermod -aG admins adminuser

Task 2: Create Secure Folder (DAC)

sudo mkdir /securedata
sudo chown adminuser:admins /securedata
sudo chmod 770 /securedata

Task 3: Unauthorized Access Attempt

su - student1
cd /securedata Expected: Permission denied

Task 4: Check Logs

sudo cat /var/log/auth.log | grep student1

Real-Life Scenarios

Below are examples showing how each model works in real environments:

1. DAC Scenario

You own a file and give your friend read-only access.

2. RBAC Scenario

Bank staff: Cashier β†’ deposit/withdraw, Manager β†’ approve loans.

3. ABAC Scenario

Employee can access payroll only:

  • During working hours
  • Inside office
  • Using company laptop

30 Examination & Revision Questions (With Answers)

  1. What is identification?
    Claiming an identity (username).
  2. What is authentication?
    Proving the identity using password or biometrics.
  3. What is authorization?
    Permissions granted to a verified user.
  4. Give real-life authentication example.
    Unlocking a phone using fingerprint.
  5. Which access control model gives most flexibility?
    ABAC.
  6. Which model uses roles?
    RBAC.
  7. Give example of MAC.
    Military security clearance.
  8. Give DAC example.
    File owner sharing permission.
  9. What is an Access Control List (ACL)?
    A list defining who can access a resource.
  10. What is SSO?
    Login once β†’ access all connected apps.
  11. Example of SSO.
    Google account login.
  12. What is MFA?
    Using 2+ authentication factors.
  13. Give example of MFA.
    Password + OTP.
  14. How do logs help security?
    Track suspicious activities.
  15. Linux log for authentication attempts?
    /var/log/auth.log
  16. What command shows failed login attempts?
    grep "Failed password"
  17. Define brute-force attack.
    Trying multiple passwords repeatedly.
  18. Define privilege escalation.
    Normal user gaining admin rights.
  19. Example of RBAC in a school.
    Teacher uploads marks; student views results.
  20. Example of ABAC in company.
    System accessible only during office hours.
  21. Firewall log use?
    Detect unauthorized network connections.
  22. Command to check last logins?
    last
  23. Why password policies are important?
    Reduce hacking risk.
  24. Example of least privilege principle.
    Cashier cannot approve loans.
  25. What is audit trail?
    Record of user activities.
  26. Command to create user in Linux?
    adduser
  27. Command to change file owner?
    chown
  28. Command to change file permissions?
    chmod
  29. What does 770 permission mean?
    Owner/group full access; others none.
  30. Why is SSO useful?
    Reduces password fatigue & improves security.

Reference Book: N/A

Author name: SIR H.A.Mwala Work email: biasharaboraofficials@gmail.com
#MWALA_LEARN Powered by MwalaJS #https://mwalajs.biasharabora.com
#https://educenter.biasharabora.com

:: 1.2::

β¬… ➑