On Comparing the Expressing Power of Access Control Model Frameworks Workshop on Logical Foundations of an Adaptive Security Infrastructure (WOLFASI) A.

Slides:



Advertisements
Similar presentations
Explanation-Based Learning (borrowed from mooney et al)
Advertisements

ROWLBAC – Representing Role Based Access Control in OWL
11 World-Leading Research with Real-World Impact! A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu.
Flexible access control policy specification with constraint logic programming Steve Barker, Peter J. Stuckey Presenter: Vijayant Dhankhar.
Language Specification using Metamodelling Joachim Fischer Humboldt University Berlin LAB Workshop Geneva
A Model Based on Semantic Nets to Support Evolutionary and Adaptive Hypermedia Systems N. Padilla Zea M. Medina Medina M. J. Cabrera F. Molina Ortiz L.
TU e technische universiteit eindhoven / department of mathematics and computer science Modeling User Input and Hypermedia Dynamics in Hera Databases and.
Role Based Access control By Ganesh Godavari. Outline of the talk Motivation Terms and Definitions Current Access Control Mechanism Role Based Access.
Role-Based Access Control CS461/ECE422 Fall 2011.
Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
A SLA evaluation Methodology in Service Oriented Architectures V.Casola, A.Mazzeo, N.Mazzocca, M.Rak University of Naples “Federico II”, Italy Second University.
Process Model for Access Control Wael Hassan University of Ottawa Luigi Logrippo, Université du Québec en Outaouais.
Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.
Role Based Access Control Venkata Marella. Access Control System Access control is the ability to permit or deny the use of a particular resource by a.
Dynamic Ontologies on the Web Jeff Heflin, James Hendler.
1 Modeling and Language Support for the management of PBMS Manolis Terrovitis Panos Vassiliadis Spiros Skiadopoulos Elisa Bertino Barbara Catania Anna.
Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.
Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering.
An Access Control Model for Video Database Systems As a joint work of: Elisa Bertino 1, Ahmed K. Elmagarmid 2 and Moustafa M. Hammad 2 1 Dipartimento di.
Role Based Access control By Ganesh Godavari. Outline of the talk Motivation Terms and Definitions Current Access Control Mechanism Role Based Access.
Distributed Computer Security 8.2 Discretionary Access Control Models - Liang Zhao.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
11 World-Leading Research with Real-World Impact! Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin.
Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.
Knowledge Mediation in the WWW based on Labelled DAGs with Attached Constraints Jutta Eusterbrock WebTechnology GmbH.
Selective and Authentic Third-Party distribution of XML Documents - Yashaswini Harsha Kumar - Netaji Mandava (Oct 16 th 2006)
Ontology Development Kenneth Baclawski Northeastern University Harvard Medical School.
Chapter 8 Architecture Analysis. 8 – Architecture Analysis 8.1 Analysis Techniques 8.2 Quantitative Analysis  Performance Views  Performance.
CatBAC: A Generic Framework for Designing and Validating Hybrid Access Control Models Bernard Stepien, University of Ottawa Hemanth Khambhammettu Kamel.
1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.
INF 384 C, Spring 2009 Ontologies Knowledge representation to support computer reasoning.
1 Chapter 9 Database Design. 2 2 In this chapter, you will learn: That successful database design must reflect the information system of which the database.
An Algebra for Composing Access Control Policies (2002) Author: PIERO BONATTI, SABRINA DE CAPITANI DI, PIERANGELA SAMARATI Presenter: Siqing Du Date:
A Holistic Security Architecture for Distributed Information Systems – A Categorical Approach.
1 Dept of Information and Communication Technology Creating Objects in Flexible Authorization Framework ¹ Dep. of Information and Communication Technology,
Business Process Driven Framework for defining an Access Control Service based on Roles and Rules by Ramaswamy Chandramouli Computer Security Division,
A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.
53rd Conference of European Statisticians, 13 to 15 June 2005 Seminar on Sustainable Development Session I: The role of official statistics Discussant:
MIS 673: Database Analysis and Design u Objectives: u Know how to analyze an environment and draw its semantic data model u Understand data analysis and.
NIST Standard for Role- Based Access Control Present by Wenyi Ni.
Li Xiong CS573 Data Privacy and Security Access Control.
Information Security - City College1 Access Control in Collaborative Systems Authors: Emis Simo David Naco.
Mapping the IntesaGIS model to the EuroRoads model Alberto Belussi Università di Verona Giuseppe Pelagatti, Mauro Negri Politecnico di Milano ESDI Workshop.
Object Oriented Multi-Database Systems An Overview of Chapters 4 and 5.
Formal Specification of Intrusion Signatures and Detection Rules By Jean-Philippe Pouzol and Mireille Ducassé 15 th IEEE Computer Security Foundations.
Using Meta-Model-Driven Views to Address Scalability in i* Models Jane You Department of Computer Science University of Toronto.
TRBAC: A Temporal Role-Based Access Control Model Elisa Bertino CERIAS and CS Department Purdue University.
FlexFlow: A Flexible Flow Policy Specification Framework Shipping Chen, Duminda Wijesekera and Sushil Jajodia Center for Secure Information Systems George.
Metadata Common Vocabulary a journey from a glossary to an ontology of statistical metadata, and back Sérgio Bacelar
Software Security II Karl Lieberherr. What is Security Enforcing a policy that describes rules for accessing resources. Policy may be explicit or implicit.
ROLE BASED ACCESS CONTROL 1 Group 4 : Lê Qu ố c Thanh Tr ầ n Vi ệ t Tu ấ n Anh.
Towards a Reference Quality Model for Digital Libraries Maristella Agosti Nicola Ferro Edward A. Fox Marcos André Gonçalves Bárbara Lagoeiro Moreira.
An Ontology-based Approach to Context Modeling and Reasoning in Pervasive Computing Dejene Ejigu, Marian Scuturici, Lionel Brunie Laboratoire INSA de Lyon,
Computer Security: Principles and Practice
Condition Testing. Condition testing is a test case design method that exercises the logical conditions contained in a program module. A simple condition.
1 Chapter 2 Database Environment Pearson Education © 2009.
Yu, et al.’s “A Model-Driven Development Framework for Enterprise Web Services” In proceedings of the 10 th IEEE Intl Enterprise Distributed Object Computing.
Scalable and E ffi cient Reasoning for Enforcing Role-Based Access Control Tyrone Cadenhead Advisors: Murat Kantarcioglu, and.
1 XACML for RBAC and CADABRA Constrained Delegation and Attribute-Based Role Assignment Brian Garback © Brian Garback 2005.
Presented By: Smriti Bhatt
Talk Outline Motivation and Background. Policy Contexts.
SysML 2.0 Formalism Requirements and Potential Language Architectures
Software Security II Karl Lieberherr.
CSc4730/6730 Scientific Visualization
Manager’s Overview DoDAF 2.0 Meta Model (DM2) TBS dd mon 2009
Scalable and Efficient Reasoning for Enforcing Role-Based Access Control
Access Control What’s New?
SECTION 4: OO METHODOLOGIES
Ponder policy toolkit Jovana Balkoski, Rashid Mijumbi
NIST Standard for Role-Based Access Control
Presentation transcript:

On Comparing the Expressing Power of Access Control Model Frameworks Workshop on Logical Foundations of an Adaptive Security Infrastructure (WOLFASI) A sub-workshop of the LICS Foundations of Computer Security (FCS'04) Workshop, LICS '04 July 12-13, 2004 Turku, Finland Elisa Bertino Purdue University Barbara Catania DISI Università degli Studi di Genova Elena Ferrari DSCFM Università degli Studi dell’Insubria Paolo Perlasca DICO Università degli Studi di Milano

Summary ASI and policy framework Frameworks comparison Conclusions and future work

ASI Adaptive Security Infrastructure (ASI) –Collect information about security environments –Analyze the collected data –Perform efficient compensating actions according to security relevant detected events ASI strictly depends on the underlying security policy

Security Policy Issues How formally representing the semantics of security policies ? In distributed environments –Compensating actions can involve different environments and must agree with the respective underlying security policies

Framework Strategy: framework for representation, analysis, and usage of security policies Useful in –Performing security analysis –Identifying strategies –Producing compensating actions –Representing in a uniform way the heterogeneity of the access control policies and formalisms We focus on one of the most relevant classes of security policies: access control policies

Access Control (AC) Policies An access control policy determines the operations and rights that subjects can exercise on the protected objects Access control policies can be specified through authorization rules –Rules able to establish for each subject s which actions such subject can perform on which object of the system

General Access Control System General Access Control System Access Control Policy Data1Data2 Access Request ACP Answer

Which AC framework ? A variety of access control frameworks have been so far defined Each framework provides a formalism for specifying access control policies and a semantics for computing authorizations Different frameworks support the representation of different sets of policies No comparison of the expressive power of the proposed frameworks has been investigated

LAMP LAMP is based on the C-Datalog language C-Datalog supports: –classical object-oriented concepts, such as classes, objects and inheritance (used to represent subjects, objects, privileges, sessions,…) –typical logic-based concepts, such as deductive rules (used to represent authorization and constraint rules) Each instance of an ACM is a logical program composed of C-Datalog rules defined against a C- Datalog schema

LAMP An Access Control Model Schema (ACMS) defines the structural components upon which the model is based Access Control Model Instance (ACMI) provides information concerning the component instances, that is, the “actual” subjects, objects, privileges and sessions, and the authorizations and constraint rules used to instantiate the model

ACMI DC DSC AC PC CC Domain Component Domain Structure Component Authorization Component Propagation Component Constraint Component Object(self:#8,name:Salaries,access_class:Secret) g1g1 g2g2 g3g3 g4g4 g5g5 SubG(G 1 :g 5,G 2 :g 4 ) InSubG(G 1 : g 4,G 2 : g 1 )  InSubG(G 1 : g 5,G 2 : g 1 ) InSubG(G 1 :X,G 2 :Y)  SubG(G 1 :X,G 2 :Y) InSubG(G 1 :X,G 2 :Y)  SubG(G 1 :X,G 2 :Z), InSubG(G 1 :Z,G 2 :Y) ACMS object(self:object,name:string,access_class:string) group(self:group,name:string) SubG(G 1 :group,G 2 :group) Object(self:,name:,access_class: )

Jajodia et al. Jajodia et al. framework represents access control models by stratified logic programs constructed over a given logical language The basic elements used to represent an ACM are: –OTH, UGH, RH, A, Rel –Authorizations (o,s, a)

Jajodia et al. An AS is a set of stratified rules satisfying some syntactic restrictions Authorizations are specified through predicates: –cando(o,s, a) –dercando(o,s, a) –do(o,s, a)

RBAC NIST RBAC is defined by four levels of increasing complexity Roles are powerful and easy to use SSD and DSD constraints Policy free

R1R1 R2R2 R3R3 R4R4 P Permission-role Assignments Constraints (SSD, DSD) User-role Assignments U RBAC COMPONENT O

Result All the ACMs that can be represented by the Jajodia et al. framework can be represented by the Lamp framework All the ACMs that can be represented by the four NIST levels can be represented by the Lamp framework

ACMI DC DSC AC PC CC ACMS Auth Base ACM Auth Base

Result The set of the ACMs that can be represented by LAMP is greater than the one representable by the Jajodia et al. framework Locally stratified logic programs generates a unique set of authorizations vs more general formalism supporting the generation of more than one set of consistent authorizations

Result The set of the ACMs that can be represented by LAMP is greater than the one representable by the NIST framework SSD and DSD constraints vs broader set of constraints (conditioned separation of duty depending on specific values of basic elements)

Conclusions Given a distributed system based on ASI our analysis will help in the selection of a specific ac framework for such environment

Future work Definition of new dimensions and comparison according to them –Mapping complexity –Spatial complexity –Temporal complexity Development of a set of tools for specifying and analyzing ac policies using LAMP as a core system