An Attribute Graph Based Approach to Map Local Access Control Policies to Credential Based Access Control Policies Janice Warner and Vijayalakshmi Atluri.

Slides:

Advertisements

Similar presentations

A Unified Approach to Combat Counterfeiting: Use of the Digital Object Architecture and ITU-T Recommendation X.1255 Robert E. Kahn President & CEO CNRI,

Advertisements

CIP Cyber Security – Security Management Controls

Some questions o What are the appropriate control philosophies for Complex Manufacturing systems? Why????Holonic Manufacturing system o Is Object -Oriented.

Session 6 Integrated Emergency Management. Objectives of the Session Students will be able to 6.1 Define the principle of integration. 6.2Discuss the.

SharePoint 2010 Permissions Keith Tuomi. profile KEITH TUOMI SharePoint Consultant / Developer at itgroove Developing Online Systems since years.

1 Authentication Trustworthiness The Next Stage in Identity-Based Access and Security Tom Board, NUIT.

HIPAA Security Standards What’s happening in your office?

Fundamentals of Computer Security Geetika Sharma Fall 2008.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Xyleme A Dynamic Warehouse for XML Data of the Web.

1 Using Certified Policies to Regulate E-Commerce Transactions Victoria Ungureanu Rutgers University.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

Copyright B. Wilkinson, This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

1 Software Testing and Quality Assurance Lecture 30 – Testing Systems.

A Credential-Based Approach for Facilitating Automatic, Secure Resource Sharing Among Ad-hoc Dynamic Coalitions Janice Warner and Vijayalakshmi Atluri.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

Vijayalakshmi Atluri MSIS Department and CIMIC Rutgers University - USA Automatic Enforcement of Access Control Policies Among Dynamic Coalitions.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

EmpowHR EmpowHR Security Overview. 2 Application Security Administration Permission List Roles User Profiles Row level security Distributed Security Administration.

Lecture 7 Access Control

Understanding Active Directory

Working with Workgroups and Domains

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

Managing Active Directory Domain Services Objects

1 Multi Cloud Navid Pustchi April 25, 2014 World-Leading Research with Real-World Impact!

Designing Active Directory for Security

Industry Canada 1 Bob Leafloor Colman Ho Peter Chau Industry Canada January 2003 (ENUM) T E lephone NU mber M apping.

© 2008 IBM Corporation ® IBM Cognos Business Viewpoint Miguel Garcia - Solutions Architect.

Database Administration COMSATS INSTITUTE OF INFORMATION TECHNOLOGY, VEHARI.

Dimitrios Skoutas Alkis Simitsis

A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.

1 Administering Shared Folders Understanding Shared Folders Planning Shared Folders Sharing Folders Combining Shared Folder Permissions and NTFS Permissions.

Understanding to InterGrid and WAG Dr. ZhenChun Huang Tsinghua Univ. NRSCC/RSGS/SIG Team Sep, 2006.

Andrew S. Budarevsky Adaptive Application Data Management Overview.

Requirements as Usecases Capturing the REQUIREMENT ANALYSIS DESIGN IMPLEMENTATION TEST.

G53SEC 1 Access Control principals, objects and their operations.

EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks David Kelsey RAL/STFC,

By Rashid Khan Lesson 6-Building a Directory Service.

1 Chapter Overview Managing Object and Container Permissions Locating and Moving Active Directory Objects Delegating Control Troubleshooting Active Directory.

Advanced CAMP: BoF Summaries. 2 Role-based Access Control (RBAC)

A Standards-Based Approach for Supporting Dynamic Access Policies for a Federated Digital Library K. Bhoopalam, K. Maly, F. McCown, R. Mukkamala, M. Zubair.

© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 6 Implementing Infrastructure Controls.

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

Foundations of Information Systems in Business. System ® System  A system is an interrelated set of business procedures used within one business unit.

Introduction to Active Directory

© 2012 IBM Corporation IBM Security Systems 1 © 2012 IBM Corporation Cloud Security: Who do you trust? Martin Borrett Director of the IBM Institute for.

CHAPTER 5 MANAGING USER ACCOUNTS & GROUPS. User Accounts Windows 95, 98 & Me do not need a user account like Windows XP Professional to access computer.

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

The Claromentis Digital Workplace An Introduction

M2M Service Layer – DM Server Security Group Name: OMA-BBF-oneM2M Adhoc Source: Timothy Carey, Meeting Date:

Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.

Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.

Planning an Active Directory Deployment Lesson 1.

SAP R/3 User Administration1. 2 User administration in a productive environment is an ongoing process of creating, deleting, changing, and monitoring.

DM Collaboration – OMA & BBF: Deployment Scenarios Group Name: WG5 - MAS Source: Tim Carey, ALU, Meeting Date:

Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.

L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.

Identity and Access Management

Active Directory Administration

Introduction to Networking

CHAPTER 2 CREATING AN ARCHITECTURAL DESIGN.

Validating Access Control Policies with Alloy

Chapter 9 MANAGING SOFTWARE.

IS4680 Security Auditing for Compliance

Contact Center Security Strategies

CSSSPEC6 SOFTWARE DEVELOPMENT WITH QUALITY ASSURANCE

Analysis of Privacy and Data Protection Laws and Directives

Presentation transcript:

An Attribute Graph Based Approach to Map Local Access Control Policies to Credential Based Access Control Policies Janice Warner and Vijayalakshmi Atluri Rutgers University Ravi Mukkamala Old Dominion University ICISS December 2005

ICISS05-Warner, Atluri and Mukkamala 2 Objective Map local RBAC policies to credential requirements for collaborations. Project Manager Role Subjects Privilege Credential Attributes: -Project management certified -Project Team member -5+ years of experience

December 2005ICISS05-Warner, Atluri and Mukkamala 3 Why? Today’s collaborations among organizations are increasingly Short-lived Dynamic Ad-hoc Need access control that is dynamic and efficient for such an environment Our proposal allows users, external to the organization, access to resources if they possess certain attributes similar to those possessed by internal users.

December 2005ICISS05-Warner, Atluri and Mukkamala 4 Two Alternatives Translate all collaborators policies into a common model Difficult Not dynamic Requires centralized processing Make policies interpretable with distributed control – what we are striving for

December 2005ICISS05-Warner, Atluri and Mukkamala 5 Extracting Policies Has Other Applications Web Service Offers Grid Computing Privacy and Security Legislation Compliance Role Mining

December 2005ICISS05-Warner, Atluri and Mukkamala 6 Outline Collaborative Sharing Model Motivating Example Policy Transformation Steps Conclusions and Future Work

December 2005ICISS05-Warner, Atluri and Mukkamala 7 What is a collaboration or coalition? Group of independent entities that have resources they are willing to share under certain conditions. Dynamic and Ad-hoc – members may leave and new members may join. Examples: Natural Disaster: government agencies, non- government organizations and private organizations may share data about victims, supplies and logistics. Homeland Security: Information collected by various governmental agencies shared for comprehensive data mining Virtual Enterprises: Collaboration between companies B P V Y G P – Y P – V – B P – B – G

December 2005ICISS05-Warner, Atluri and Mukkamala 8 Dynamic Coalition-Based Access Control Model (DCBAC) Dynamic because: Employs a Coalition Service Registry (CSR) where shared resources and coalition level policies are publicized Agreements do not need to established between coalition partners beforehand Computes credentials needed by external user from local access control policies through Mapper layer. Coalition access control policy determined through transformation of local access control policy Any resource could be shared at any time as long as the external party has the right credentials.

December 2005ICISS05-Warner, Atluri and Mukkamala 9 Principals of DCBAC Existing access control mechanisms within each coalition entity remain intact. Access rights are granted to subjects only if they belong to an organization recognized by the coalition. Subjects of a coalition entity must have credentials with attribute values comparable to those of local subjects.

December 2005ICISS05-Warner, Atluri and Mukkamala 10 Network (e.g., Internet) DCBAC Architecture Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Local Services (shared and private) Local Services (shared and private) Coalition Service Registry (CSR) Coalition Access Point (CAP)

December 2005ICISS05-Warner, Atluri and Mukkamala 11 Motivating Example Consider HapSys, a software development company. They have parameterized roles allowing separation of permissions by client and/or project. One client, SkyCo would like to allow members from a third organization, Test-it-Sys, to review test results for project “Blue Skies”. HapSys allows this if a user from Test-it-Sys can provide appropriate credentials.

December 2005ICISS05-Warner, Atluri and Mukkamala 12 Motivating Example Reqts Analyst SW DeveloperSystem Tester Project Manager Client Manager Reqts Analyst- SkycoSW Developer - SkyCoSystem Tester-SkyCo Project Manager – Code RedProject Manager – Blue Skies Client Manager - SkyCo

December 2005ICISS05-Warner, Atluri and Mukkamala 13 Policies Set on Resource Types Project Data (res_id=700) Testing Methods (res_id=510) Code Red (res_id=730) …… … Technology Reports (res_id=500) HapSys Resource Hierarchy Lab Configuration (res_id= 514) … Blue Skies (res_id=710) (res_id = 517) Test Case Library ProjectPlan (res_id = 722) Test Results (res_id = 729) Market Data (res_id = 731) Requirements (res_id = 735)

December 2005ICISS05-Warner, Atluri and Mukkamala 14 User Attributes (A) Assume each user is associated with a set of attributes Identifier Attributes (IA) – one to one correspondence between the attribute value and a user (e.g., address) General Attribute (GA) – one to many correspondence between the attribute value and a set of users (e.g., academic degree) Local Attribute (LA) – any general attribute for which values are valid only within an organization (e.g., department) A = IA  LA  GA

December 2005ICISS05-Warner, Atluri and Mukkamala 15 Policy Transformation Steps 1.Identify potential required attributes to obtain privilege. 2.Apply selection strategies to select a subset of the identified attributes. 3.Transform LA and IA (if they were selected) into comparable credential attributes.

December 2005ICISS05-Warner, Atluri and Mukkamala 16 Step 1 – Build Attribute Graph Used to determine sets of user attributes (and values) that might be associated with a privilege Assumes specific order among attributes GA > LA > IA Graph may be a forest Stores attributes as nodes, number of users as weights, and attribute values as node labels.

December 2005ICISS05-Warner, Atluri and Mukkamala 17 Step 2 – Attribute Selection Conservative Strategy: Require full collection of attributes held by all users assigned to role r with privilege p. Greater requirement than any single internal user and would likely result in no external user gaining access.

December 2005ICISS05-Warner, Atluri and Mukkamala 18 Step 2 – Attribute Selection Largest Attribute Group Strategy: Uses attribute graph – Each path from root to leaf in any tree T  AG represents the full set of attributes of one or more users in U. Longest path would have the next most conservative attribute requirement that is actually held by one or more users. But the longest path might be an exception – so may not be the best choice.

December 2005ICISS05-Warner, Atluri and Mukkamala 19 Step 2 – Attribute Selection Typical Profile Strategy: Uses weights of attribute graph. Attributes chosen based on perceived importance of a user attribute. Attributes are considered critical if the weight of the attribute is greater than , a settable parameters. If more than one path in AG has nodes with weights greater or equal to , the sets of attributes in each path can be considered as a set of alternative attribute requirements.

December 2005ICISS05-Warner, Atluri and Mukkamala 20 Example Attribute Selection Suppose SkyCo asks Ellen Jones of Test-it-Sys to review the test results for project Blue Skies (red_id = 729) Attributes selected if largest attribute group strategy used Attributes selected if typical profile strategy used with  =.5 x U p = 5.

December 2005ICISS05-Warner, Atluri and Mukkamala 21 Step 3 – Transformation of Attributes General attributes are attributes that can be held by any individual (inside or outside the organization) No transformation may be necessary But, may have problem of semantics Translation could be done using a terminological ontology. Attribute Ontology Credential Attribute Base Internal Attribute Base

December 2005ICISS05-Warner, Atluri and Mukkamala 22 Step 3 – Transformation of Attributes Three options exist for transforming identity and local attributes into general attributes: 1.Require attribute – External users may be required to present an id or group attribute of the correct form, but with no particular values. Any value in a valid credential would be accepted and stored (for audit or to build up an ontology). 2.Modify attribute – External users would be required to present an identity attribute for someone or something else, such as the person who delegated rights to them or the organization to which they belong. 3.Ignore attribute – Make privilege decision only on the basis of other attributes in selected set.

December 2005ICISS05-Warner, Atluri and Mukkamala 23 Conclusions Proposed an attribute graph based approach to enable secure sharing of information in a collaboration. Ensures that internal security policies are adhered to when providing access to users of external organizations. External users are provided access to resources if they possess attributes that are in some sense similar to those possessed by internal users.

December 2005ICISS05-Warner, Atluri and Mukkamala 24 Ongoing Work Data mining of logs, local policies, and other security related data to obtain: Groupings of users with similar data requirements and attributes Groupings of resources From these groupings, collaborative properties may be derived. Resolving semantic heterogeneity between policies and credential attributes using ontologies.