A Flexible Access Control Service for Java Mobile Code HPCC lab 문 정 아.

Slides:

Advertisements

Similar presentations

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.

Advertisements

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu

Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.

Architecture Representation

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee

Lab Information Security Using Java (Review) Lab#0 Omaima Al-Matrafi.

1 JAC : Aspect Oriented Programming in Java An article review by Yuval Nir and Limor Lahiani.

H Apr-01 Clark Thomborson Software Security CompSci 725 Handout 28: Report Writing #2 (Sample Titles & Abstracts) Clark Thomborson University of.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Lab#1 (14/3/1431h) Introduction To java programming cs425

Model-Driven Design and Administration of Access Control in Enterprise Applications April 2005.

Component Patterns – Architecture and Applications with EJB copyright © 2001, MATHEMA AG Component Patterns Architecture and Applications with EJB JavaForum.

8th Workshop "Software Engineering Education and Reverse Engineering", Durres RFAgent – an eLearning Supporting Tool Asya Stoyanova-Doycheva University.

SEERE, Neum 2009 Runtime verification of Java programs using ITL Vladimir Valkanov, Damyan Mitev Plovdiv, Bulgaria.

LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.

1 Extensible Security Architectures for Java Authors: Dan S.Wallch, Dirk Balfanz Presented by Moonjoo Kim.

Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.

Confined Types Encapsulation and modularity Seminar November, 2005 presented by: Guy Gueta.

Complex Security Policies Dave Andersen Advanced Operating Systems Georgia State University.

1 Subspace: Secure Cross Domain Communication for Web Mashups Collin Jackson and Helen J. Wang Mamadou H. Diallo.

Process-oriented System Automation Executable Process Modeling & Process Automation.

Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

© Drexel University Software Engineering Research Group (SERG) 1 Based on the paper by Philippe Kruchten from Rational Software.

IBM Rhapsody Simulation of Distributed PACS and DIR systems Krupa Kuriakose, MASc Candidate.

C++ Code Analysis: an Open Architecture for the Verification of Coding Rules Paolo Tonella ITC-irst, Centro per la Ricerca Scientifica e Tecnologica

1 Security and Agent Based Computing Environment Presented by: Feng Zhang, Markus Kaiser, Hien Nguyen, and Shu Wang.

Co-design Environment for Secure Embedded Systems Matt Eby, Janos L. Mathe, Jan Werner, Gabor Karsai, Sandeep Neema, Janos Sztipanovits, Yuan Xue Institute.

1 22 August 2001 The Security Architecture of the M&M Mobile Agent Framework P. Marques, N. Santos, L. Silva, J. Silva CISUC, University of Coimbra, Portugal.

Announcements Assignment 3 due. Invite friends, co-workers to your presentations. Course evaluations on Friday.

Proof Carrying Code Zhiwei Lin. Outline Proof-Carrying Code The Design and Implementation of a Certifying Compiler A Proof – Carrying Code Architecture.

Java Security Nathan Moore CS 665. Overview Survey of Java Inherent Security Properties Java Runtime Environment Java Virtual Machine Java Security Model.

Java 2 security model Valentina Casola. Components of Java the development environment –development lifecycle –Java language features –class files and.

WSMX Execution Semantics Executable Software Specification Eyal Oren DERI

Task Achieving Agents on the World Wide Web An Introduction Sharif Univ. of Tech. Computer Eng. Dep. Semantic Web Course Mohsen Lesani 13 Ord 1374.

Open Service Gateway Initiative (OSGi) Reporter : 林學灝侯承育 1.

Class 5 Architecture-Based Self-Healing Systems David Garlan Carnegie Mellon University.

Chapter 16 Applying UML and Patterns Craig Larman

Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.

System.Security.Policy namespace Chinmay Lokesh.NET Security CS 795 Summer 2010.

Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.

Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.

Introducing Allors Applications, Tools & Platform.

Mobile Agent Security Presented By Sayuri Yonekawa October 17, 2000.

SQL Based Knowledge Representation And Knowledge Editor UMAIR ABDULLAH AFTAB AHMED MOHAMMAD JAMIL SAWAR (Presented by Lei Jiang)

Application Ontology Manager for Hydra IST Ján Hreňo Martin Sarnovský Peter Kostelník TU Košice.

The Laboratory of Information Integration, Security and Privacy ● University of North Carolina at Charlotte URL: 306, UNC Charlotte.

Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.

Dispatching Java agents to user for data extraction from third party web sites Alex Roque F.I.U. HPDRC.

Conceptualization Relational Model Incomplete Relations Indirect Concept Reflection Entity-Relationship Model Incomplete Relations Two Ways of Concept.

Behavioral Framework Background & Terminology. Behavioral Framework: Introduction  Background..  What was the goal..

Common Language Runtime Introduction  The common language runtime is one of the most essential component of the.Net Framework.  It acts.

Concepts and Realization of a Diagram Editor Generator Based on Hypergraph Transformation Author: Mark Minas Presenter: Song Gu.

Protection & Security Greg Bilodeau CS 5204 October 13, 2009.

Class Diagrams. Terms and Concepts A class diagram is a diagram that shows a set of classes, interfaces, and collaborations and their relationships.

The Execution System1. 2 Introduction Managed code and managed data qualify code or data that executes in cooperation with the execution engine The execution.

1 XACML for RBAC and CADABRA Constrained Delegation and Attribute-Based Role Assignment Brian Garback © Brian Garback 2005.

Reliable Web Service Execution and Deployment in Dynamic Environments * Markus Keidl, Stefan Seltzsam, and Alfons Kemper Universität Passau Passau,

1 Example Uses of Java Reflection Explained Simply.

1 Security and Dependability Organizational Patterns - A Proof of Concept Demo for SERENITY A. Saidane, F. Dalpiaz, V.H. Nguyen, F. Massacci.

Context-Aware Middleware for Resource Management in the Wireless Internet US Lab 신현정.

Talk Outline Motivation and Background. Policy Contexts.

Topic: Java Security Models

State your reasons or how to keep proofs while optimizing code

Building Systems That Flexibly Control Downloaded Executable Content

Automated Analysis and Code Generation for Domain-Specific Models

Evaluating the Flexibility of the Java Sandbox

Dotri Quoc†, Kazuo Kobori†, Norihiro Yoshida

Ponder policy toolkit Jovana Balkoski, Rashid Mijumbi

Presentation transcript:

A Flexible Access Control Service for Java Mobile Code HPCC lab 문 정 아

MC (Mobile Code) Tech in Internet Security Concern  design & development of comprehensive access control frameworks Static & Dynamic 1. Introduction

2. How To Control Mobile Code - To control MC behavior Development time control  “Safe” programming languages  Proof Carrying Code Run-time access control mechanism  Sandbox technique  JDK 1.2 security architecture  Safe-Tcl security framework Simple access control lists (ACLs)

. 2. How To Control Mobile Code - Lan-based solutions (to separate policy from access control implementation) Logic-based declarative languages Procedural languages Other languages (combining procedural & declarative rules)

3. Flexible Access Control Requirements for Mobile Code In mobile applications, MA is automatic tasks  retrieval, processing of patient records Patient records retrieval initiated from Mobile system Strict controls on the interactions between MAs & medical DB

A patient’s primary physician is allowed to read & modify the patient’s records; A physician collaborating with the patient primary physician can read (but not modify) the records only if the patient has explicitly authorized him; A hospital nurse can view only the records of patients currently in the ward where she is on duty, and only during duty hours ; 3. Examples of healthcare applications

4. The Ponder Language for Flexible Access Control Policies For Policy specification Expressiveness Simplicity Analysability Policy Authorisation

Ex> auth+ RecordAccess { subjects = primary_physicians; target r = patient_records; Action view, modify; When member(s, r.caring_physicians()); } 4.1. Authorisations

Ex> Type auth+ RecordAccess(subject s, target t) { action view, modify; When member(s, r.caring_physicians()); } inst auth+r1 = RecordAccess(hospital1/physicians, hospital1/records); r2 = RecordAccess(hospital2/paediatricians, hospital2/child-records); }

4.2. Filtering Type auth+ FilteredRecordAccess(subject s, target t) { action view() if containsExternalNodes(s.itinerary){ result = reject({“PatientName”, “Address”}, result); }

4.3. Policy Groups and Roles Type role surgery_nurse (ward) extends nurse(ward) { constraint workHours = time.between(0800,1700); Attended_patient(p) = member(p, ward) ; inst auth+nurse_access{ action view(p); target patient_records; when workHours and attended_patient(p); }

5. A Flexible Access Control Service for Mobile Code Policy Specification Component (PSC) Policy Retrieval Component (PRC) Permission Checking Component (PCC) Filtering Executor Component (FEC)

5.1 The Java Access Control Architecture Java security architecture relies on building components Policy object Class Loader Access controller Security manager

5.2 How to Map Ponder Policies into Java Policy Editor Policy compiler Analysis Tool Browser Tool Structuring Tool Analysis Tool Semantic Analyzer Code Generator Java Policies

5.3 The Enforcement of Ponder Policies MA loading : permission assignment MA access resource : run-time permission evaluation

5.3 The Enforcement of Ponder Policies Permission assignment Current agent execution env. class loader PRC Coordinate with 발견된 모든 policy 를 Appropriate protection domain 에 insert!! 발견된 모든 policy 를 Appropriate protection domain 에 insert!!

5.3 The Enforcement of Ponder Policies Run-time permission evaluation Proxy-based mechanism  Incoming agents provides instead access proxies & same resource interface. Proxy coordinate with the PCC & FEC  MCcheckPermission  MCfilter

5.4 Implementation Issues MCcheckPermission Access Controller Class checkPermission PonderPermission implies Call

5.4 Implementation Issues i.e> in application MA calls new(FileInputStream(FileName)) JDK 1.2 package FileInputStream constructor PonderFilePermission checkPermission Call Solution (to support constraints with java & appropriate constraint checking): Customisability property of the java SecurityManager class. ( i.e. checkPermission method ) Solution (to support constraints with java & appropriate constraint checking): Customisability property of the java SecurityManager class. ( i.e. checkPermission method )

6. Conclusion

THANK YOU FOR YOUR ATTENTION !