Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Information Sharing Using Attribute Certificates and Role Based Access Control Ganesh Godavari, C. Edward Chow 06/22/2005 University of Colorado.

Published byConrad Kelly Modified over 10 years ago

Similar presentations

Presentation on theme: "Secure Information Sharing Using Attribute Certificates and Role Based Access Control Ganesh Godavari, C. Edward Chow 06/22/2005 University of Colorado."— Presentation transcript:

1 Secure Information Sharing Using Attribute Certificates and Role Based Access Control Ganesh Godavari, C. Edward Chow 06/22/2005 University of Colorado at Colorado Springs International Conference of Security and Management 2005

2 Introduction to Information Sharing Information Sharing relates to the sharing of information between two or more entities. Synchronous Information Sharing  real-time communication  collaboration in "same time-different place”  Tools -- Instant messaging, Video conferencing... Asynchronous Information Sharing  Collaboration in “different time-different place”  Tools -- Discussion boards, E-mail …

3 Introduction to Information Sharing Steps for secure Information sharing  Authentication Username/password, pin #, X509 Certificates,  Authorization Group based authorization, role based authorization etc  Access Secure storage of Authorization policy is critical  Attribute Certificates (AC)

4 Secure Information Sharing Motivation  Paradigm Shift “Need to Know” to “Need to Share” Incidents like 9/11, natural disasters relief. Organizations are intertwined more so now then ever.  Rapid deployment of a secure information sharing system for a multi-agency taskforce has become critical issue for homeland security and defense Information Sharing relates to the sharing of information between multiple agencies or organization.

5 Role Based Access Control USERSROLES SESSIONS operationobjects PRMS session_rolesuser_session User Assignment (UA) Permission Assignment (PA) many-to-many relationship one-to-many relationship Gives roles activated by the session User is associated with a session NIST study shows user’s role less likely to change and roles are tightly related to access rights to information. File system operations: read, write and execute DBMS operations: Insert, delete, append and update

6 Attribute Certificates AC’s  Standardized in RFC-3281, “An Internet Attribute Certificate for Authorization”  no public key like Public Key Certificate (PKC)  used for storing short duration attributes Role, resource allocation, security clearance… AC in security  Strong identity of the holder is not required access control specification  Non-repudiation of the attributes by the issuer Privilege delegation, role allocation ….

7 Privilege Management Infrastructure (PMI) Privilege Management Infrastructure  Similar to Public Key Infrastructure  Function is to specify the policy for the attribute certificate issuance and management ConceptPKI entityPMI entity CertificatePublic Key Certificate (PKC) Attribute Certificate (AC) Certificate issuer Certification Authority (CA) Attribute Authority (AA) Certificate userSubjectHolder Certificate binding Subject’s Name to Public Key Holder’s Name to Privilege Attribute(s) RevocationCertificate Revocation List (CRL) Attribute Certificate Revocation List (ACRL) Root of trustRoot CA or Trust Anchor Source of Authority (SOA) Subordinate Authority Subordinate Certification Authority Attribute Authority (AA) Comparison of PKIs and PMIs [chad2-02]

8 Issues with large multi-agency Information System Issues  How can we authenticate users belonging to multiple organization?  Authorization policy specification encompassing multiple organizations Solutions  X509 certificates for identification of users  Authorization based on RBAC [] model Security Administration can be a management nightmare

9 Context Free Grammar of Authorization Policy Specification sisprivilegeset { := if ( ) do := | && | ( ) | ! ( ) := | || | ( ) := := > | >= | < | <= | == | != | # := grantAccess | rejectAccess | acquirePrivileges | contact } #: regular expression string matching operator

10 RBAC specification format administrator Info Share UCCS

11 Example – File Access Specification Privilege specification for administrator File access control specification sisprivilegeset administrator filematch { if ( ( url # “/etc/passwd” ) && ( requestAction # “get” ) ) do grantAccess # user accounts protection from get and post requests by administrator if ( ( url # “*~*/private/” ) && ( requestAction # “get” ) ) do rejectAccess if ( ( url # “*~*/private/” ) && ( requestAction # “post” ) ) do rejectAccess : } #: matching operator (A # B: if A contains B)

12 SIS system overview authorize Administration Tool Server RBAC Policy file User Access Control Decision and Enforcement Engine PKC User Role Specification AC Authenticate Mail Server Database Instant Msg Server Web Server Create/Change/ Revoke Attribute Certificates (ACDE)

13 Access Control and Decision Enforcement

14 Setup CA The coordinator of the task force from multiple agencies set up a rootCA-MA (root CA for Multiple Agencies).  Each agency requests a certificate to be signed by rootCA-MA.  Each agency issues a new PKC to each user in its organization involved in the task force.  At each server which providing secure information sharing service for this task force, add the rootCA-MA information into CABundle (file containing list of valid CA's).  Each client/user installs the certificate in the local browser or application's.

15 Choices for storing AC’s A user's AC can be stored  central repository of the taskforce with the agency's local administrator have control only over the AC's of the users belonging to that agency  locally at each agency that defines his role within that agency user's privileges are the result of the association of the user with a particular agency user's privileges are revoked  all the agencies must be notified  Prevent unauthorized access Trust relationship between organizations determines where the AC's are stored

16 Setup PMI Our approach  Store all the user privileges in the organization the user originally belongs to  Check user's privileges on every attempt to access the resources Setup PMI  The coordinator of the task force signs the AC’s of the members.  Agency members AC’s are distributed and installed on the LDAP server of the agency.  web servers and shared applications query the PMI for authorization and access control

17 Implementation Apache (v 1.3.31) + Mod_SSL(v 2.8.18-1.3.31) + openSSL (v 0.9.7d)  We modified mod_auth_ldap with AC based ACDE OpenLDAP (v 2.0.27-8)  Attribute Certificate's attribute definitions was added to inetorg-person.schema OpenSSL libraries used for generating X509 certificates we created AC generation utility using OpenSSL  For validation we use Markus Lorch’s code We created PKC generation utility based on EXPECT

18 SIS Test-bed ServerLDAP AccessTime (ms)AC retrieval/validation (ms) sis-nissc54.6296.88 sis-connecticut51.8493.77 sis-newjersey51.1993.31 Performance Access Time from a client at sis-canada All Machines Pentium-III, 500 MHz 256 MB RAM Redhat Linux-2.4.20-6

19 Conclusions 1. Developed efficient procedures and tools to set up Public Key Infrastructure for authentication and Privilege Management Infrastructure for authorization. 2. Created a multi-agency SIS test bed based on LDAP and web servers. 3. OpenLDAP servers were enhanced to accept attribute certificates. 4. LDAP module of the apache web server was extended to achieve secure web access.

20 PKC vs. AC PKC binds a subject (DN) to a public key AC's binds permission (attributes) to an entity Version Serial Number Signature ID Subject Issuer Validity Period Subject Public Key Info Extension’s S i g n a t u r e Version Serial Number Signature ID Holder Issuer Validity Period Attributes Extensions S i g n a t u r e Public Key Certificate (PKC) Attribute Certificate (AC)

Download ppt "Secure Information Sharing Using Attribute Certificates and Role Based Access Control Ganesh Godavari, C. Edward Chow 06/22/2005 University of Colorado."

Similar presentations

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Role Based Access control By Ganesh Godavari. Outline of the talk Motivation Terms and Definitions Current Access Control Mechanism Role Based Access.

Role Based Access control By Ganesh Godavari. Outline of the talk Motivation Terms and Definitions Current Access Control Mechanism Role Based Access.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)
Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.

Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Report on Attribute Certificates By Ganesh Godavari.

Report on Attribute Certificates By Ganesh Godavari.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Make Secure Information Sharing (SIS) Easy and an Reality C. Edward Chow, PI Osama Khaleel Bill Kretschmer C. Edward Chow, PI Osama Khaleel Bill Kretschmer.

Make Secure Information Sharing (SIS) Easy and an Reality C. Edward Chow, PI Osama Khaleel Bill Kretschmer C. Edward Chow, PI Osama Khaleel Bill Kretschmer.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
APNIC Trial of Certification of IP Addresses and ASes RIPE 52 Plenary George Michaelson Geoff Huston.

APNIC Trial of Certification of IP Addresses and ASes RIPE 52 Plenary George Michaelson Geoff Huston.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Similar presentations

Ads by Google