Attribution for GENI Jeffrey Hunker, JHA LLC Matt Bishop, UC Davis Carrie Gates, CA Labs.

Slides:

Advertisements

Similar presentations

Report on the Workshop on GENI and Security or, What Happens When the GENI Leaves the Bottle? Matt Bishop Department of Computer Science University of.

Advertisements

The Role of Trust Management in Distributed Systems Authors Matt Blaze, John Feigenbaum, John Ioannidis, Angelos D. Keromytis Presented By Akshay Gupte.

Directory and Trust Services (D&TS) Define an Abstract Model Purpose: Document a common terminology that the group can use between the various tracks Identify.

D u k e S y s t e m s Some tutorial slides on ABAC Jeff Chase Duke University.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Electronic Submission of Medical Documentation (esMD) for Medicare FFS Presentation to HITSC Provenance Workgroup January 16, 2015.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

United Nations Statistics Division Principles and concepts of classifications.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Securing the Broker Pattern Patrick Morrison 12/08/2005.

Sponsored by the National Science Foundation GENI Clearinghouse Panel GEC 12 Nov. 2, 2011 INSERT PROJECT REVIEW DATE.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.

May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.

Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.

Lecture 7 Access Control

CORDRA Philip V.W. Dodds March The “Problem Space” The SCORM framework specifies how to develop and deploy content objects that can be shared and.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

XACML Gyanasekaran Radhakrishnan. Raviteja Kadiyam.

Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.

1 APARSEN - WP2200 Identifiers and Citability Interoperability Framework for PI systems Webinar on PI - 15 February 2013 Maurizio Lunghi.

Copyright 2006 Archistry Limited. All Rights Reserved. SOA Federated Identity Management How much do you really need? Andrew S. Townley Founder and Managing.

Database Design - Lecture 1

The InCommon Federation The U.S. Access and Identity Management Federation

EuroPKI 2008 Manuel Sánchez Óscar Cánovas Gabriel López Antonio F. Gómez Skarmeta University of Murcia Levels of Assurance and Reauthentication in Federated.

Digital Object Architecture

Internet2 – InCommon and Box Marla Meehl Colorado CIO 11/1/11.

TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.

SOFTWARE DESIGN AND ARCHITECTURE LECTURE 09. Review Introduction to architectural styles Distributed architectures – Client Server Architecture – Multi-tier.

In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:

Belnet Federation Belnet – Loriau Nicolas Brussels – 12 th of June 2014.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

HEPKI-PAG Policy Activities Group David L. Wasley University of California.

Ning Zhang, the University of Manchester, UK David Groep, National Institute for Nuclear and High Energy Physics, NL Blair Dillaway, OGF Security Area.

Software Engineering Prof. Ing. Ivo Vondrak, CSc. Dept. of Computer Science Technical University of Ostrava

Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.

Information Technology Current Work in System Architecture January 2004 Tom Board Director, NUIT Information Systems Architecture.

Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

1 herbert van de sompel CS 502 Computing Methods for Digital Libraries Cornell University – Computer Science Herbert Van de Sompel

Status Report on Access TP8 Group Name: WG2 Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:

Authorizing Slice Creation How ABAC Coordinates Distributed Authorization Alefiya Hussain 1.

Introduction to Grids By: Fetahi Z. Wuhib [CSD2004-Team19]

Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

Shibboleth Trust Model Shibboleth/SAML Communities (aka Federated Administrations) Club Shib Club Shib Application process Policy decision points at the.

Sponsored by the National Science Foundation Establishing Policy-based Resource Quotas at Software-defined Exchanges Marshall Brinn, GPO June 16, 2015.

Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.

HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

Attribute Delivery - Level of Assurance Jack Suess, VP of IT

M2M Service Layer – DM Server Security Group Name: OMA-BBF-oneM2M Adhoc Source: Timothy Carey, Meeting Date:

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

AuthZ WG Conceptual Grid Authorization Framework document Presentation of Chapter 2 GGF8 Seattle June 25th 2003 Document AID 222 draft-ggf-authz-framework pdf.

The Policy Side of Federations Kenneth J. Klingenstein and David L. Wasley Tuesday, June 29, CAMP Shibboleth Implementation Workshop.

Tool Support for Testing Classify different types of test tools according to their purpose Explain the benefits of using test tools.

Delegation of Intent via Conversation David E. Ellis.

OGF PGI – EDGI Security Use Case and Requirements

Identity Management and Authorization

WS Standards – WS-* Specifications

Doug Bellows – Inteliquent 3/18/2019

Presentation transcript:

Attribution for GENI Jeffrey Hunker, JHA LLC Matt Bishop, UC Davis Carrie Gates, CA Labs

Agenda What we are doing – Generalized framework for attribution – Policy negotiation a key part of this – Benefits Discussion – Questions – Answers?

Caution Terminology varies among projects – So we’ll define ours next (One goal of our project is an ontology of the terminology to make life easier!)

Definition the association of data with an entity This is a high-level view! – Approach has benefits Attribution (dictionary definition): – the ascribing of a work (as of literature or art) to a particular author or artist – an ascribed quality, character, or right – determining the identity or location of an attacker or an attacker’s intermediary 4

Real-Life Example: Competing/Ambiguous Needs “First Origin” policy – Technical context: net admins can track botnets to point of distribution; generally considered good – Political context: repressive gov’ts can track messages of dissent to point of origin; generally considered bad Is privacy good or bad? – Consider the circumstances Result: different networks with different levels of attribution 5

How We Think About It Level of attribution – Perfect non-attribution, false attribution, etc. Target of attribution – Person, IP address, organization Confidence in attribution – Attribution assurance, level of assurance (LoA) Adequacy of attribution – Depends on purpose Composition of attribution – Sender, receiver policies may vary 6

Attribution Framework Set of actors What is being attributed Assurance of attribution Policy negotiation system perfect non-attribution false attribution randomized false attribution imprecise attribution perfect non-attribution perfect attribution perfect selective attribution sender non-attribution recipient non-attribution unconcern 7

Generalized Attribution System Policy specification: usually implicit Transaction: what you actually do DD Policy Specification Transaction (eg. Message M ) Senderintermediaryreceiver Policy defines what data is tied to what entity and who has access to that data. It is determined by negotiation or agreed upon rules Follows policy specified

Goals of Work Provide a unified view of attributes and attribution – Code to manage attributes – Code to help specify policy negotiation (but understanding that humans will be involved in this) – Ontology of terminology to help mediate and reconcile different work

Benefits Make assumptions explicit – Users of the services understand exactly what you are offering – You don't get criticized for not meeting what you weren't trying to do, but others thought you were Extensibility – Can adapt your services with minimal effort to work with other services and to provide higher or lower levels of authentication/identity/authorization/etc. when new folks come on line and need them Support your services, experiments – Attribution framework provides ways to negotiate policies, manage attributes Consistent ontology – So meaning of terms is clear

Other Work GENI projects related to attribution – ABAC (authorization for GENI) – NetKarma (provenance) – Shibboleth (identity management) – ORCA (trust structure) – May be others …

Questions What are the entities that you need or want attribution for? What sort of policies do you need for your experiments and/or services? – What organizational agreements are needed? What attributes do you need? – What level of assurance do you need?

Questions Can this view of attribution support your framework? – If not, what elements of an attribution framework that would help you are missing? – What would encourage developers to use this framework? – What types of attribution will be most useful to you (individual, host, organization, ISP, etc)?

Backup Slides

Shibboleth Authentication of User by Local Institution Authorization for Resource Access by Service Provider Policy Specification Transaction Local Institution Authenticates User Defines local identity or access management for user Service Provider Authorizes User Defines P(1) P(1) specifies attributes A(1) required to determine authorization to access resource R(1) P(1) Authenticates U Provides attributes A(1, U) required by P(1) A(1, U) Authorizes U Access to R(1) according to P(1) Receives A(1,U)

ABAC Attribute Based Access Control Attributes can be assigned or delegated DD BB Policy Specification Transaction Principal: entity assigned attributes Attribute: what a principal is authorized to do (or what determines what a principal is authorized to do?) Credentials: used to assign attributes and create delegation rules BBNAdmin now has access and administrator rights to a slice credential GENI.CTFaccessGENI.CTFad min BBNADMIN Negotiation is out of band Principals not involved in transaction

NetKarma Provenance-Based Record of Experiment Attributes can be assigned or delegated DD Policy Specification Transaction Workflow of GENI slice creation Data collected in experiments Negotiation is out of band ExperimentNetKarma record Policy pre-specified