Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vijayalakshmi Atluri MSIS Department and CIMIC Rutgers University - USA Automatic Enforcement of Access Control Policies Among Dynamic Coalitions.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Vijayalakshmi Atluri MSIS Department and CIMIC Rutgers University - USA Automatic Enforcement of Access Control Policies Among Dynamic Coalitions."— Presentation transcript:

1 Vijayalakshmi Atluri MSIS Department and CIMIC Rutgers University - USA Automatic Enforcement of Access Control Policies Among Dynamic Coalitions

2 24-Dec-2004V. Atluri 2 Coalition Resource Sharing Dynamic and Ad-hoc – members may leave and new members may join Dynamic and Ad-hoc – members may leave and new members may join Examples: Examples: –Natural Disaster: government agencies (e.g., local police and fire departments), non-government organizations (e.g., Red Cross) and private organizations (e.g. Doctors without Borders) may share data about victims, supplies and logistics. –Homeland Security: Information collected by various governmental agencies shared for comprehensive data mining –Virtual Enterprises: Collaboration between companies

3 24-Dec-2004V. Atluri 3 Current Sharing Approaches are Either Administratively Prohibitive or Insecure Current Approaches: User ids given to each external member of the coalition and access control is provisioned on these ids. User ids given to each external member of the coalition and access control is provisioned on these ids. Problem: administratively burdensome and requires explicit revocation upon coalition termination or when user is no longer affiliated with coalition entity Single access id provided to each external coalition entity Single access id provided to each external coalition entity Problem: Fine-grained access control is not possible Resources are copied to external coalition member Resources are copied to external coalition member Problem: Updates are difficult and may result in uncontrolled sharing

4 24-Dec-2004V. Atluri 4 Translation of coalition level policies to implementation level Need to transform higher level (coalition level) security policies on data sharing among agencies to implementation level and vice versa Need to transform higher level (coalition level) security policies on data sharing among agencies to implementation level and vice versa –percolation of low level details to organization level Agreements between agencies A and B (coalition level) are not at the level that specify fine-grained access control policies Agreements between agencies A and B (coalition level) are not at the level that specify fine-grained access control policies –E.g., “a user Alice of agency B can access a file on immigrants of agency A.” Trivial solution: Trivial solution: –form teams (workgroups) comprising of employees at the corresponding levels of both agencies –not practical and scalable, may result in delays

5 24-Dec-2004V. Atluri 5 Translation of coalition level policies to implementation level (continued) Develop a formal model Develop a formal model –enables handshaking of relevant information by appropriate levels of the agencies –similar to the layers in the TCPIP network protocol –will enable the implementation level details be piggy- backed as the access control policy percolates to the coalition level, The coalition level policies trickle down to the implementation level

6 24-Dec-2004V. Atluri 6 Principles of Our Model Principle 1:Existing access control mechanisms within each entity should remain intact. Principle 2:A common access control model will best facilitate automation of policy decisions. Principle 3:Administration of the coalition access control model should be decentralized and remain in the hands of the resource users.

7 24-Dec-2004V. Atluri 7  role segment  user-object request  Layered CBAC Model User-Object Level Role Level Coalition Level  user-object request   role segment  user-object request  Entity AEntity B User-Object Level Role Level Coalition Level  user-object request   coalition segment  role segment  user-object request 

8 24-Dec-2004V. Atluri 8 Essential Formalisms Objects (OBJS) Objects (OBJS) –Each belongs to an object type which have object-type ids (ot_id) and attributes. –Described by the triple (ot_id, obj_id, obj-attr-values) –Permissions can be assigned on individual objects or object types to allow for aggregation. Credentials (c) Credentials (c) –An instance of a credential type (ct) –Described by a 4-tuple (ct_id, c_id, user_id, user-profile) –User-profile is a set of attributes values for the user

9 24-Dec-2004V. Atluri 9 Essential Formalisms Coalition (C) Coalition (C) –Described by a tuple (coalition_id, E) where E = {e 1, e 2, …} is a set of coalition entities that have unique identifiers. Coalition Level Policy Specification (p) Coalition Level Policy Specification (p) –p = (coalition_id, source_entity_id, destination_entity_id, source_object_type) –One or more p can apply to a coalition C –Statement of object types allows the policy to be stated at a more abstract level, facilitating the dynamic addition of new objects w/o having to change p

10 24-Dec-2004V. Atluri 10 Mapping Credentials to Objects Each subject is associated with one or more credentials. Each subject is associated with one or more credentials. The credentials associated with a role r is the union of all the credentials associated with the subjects assigned to a role r. The credentials associated with a role r is the union of all the credentials associated with the subjects assigned to a role r. –At the destination, the credentials associated with a role r d assigned to the requesting user u d are extracted to submit with the request for the object. The set of required credential attributes to access an object (obj) is defined as the credentials associated with a role r that has permission to access obj. The set of required credential attributes to access an object (obj) is defined as the credentials associated with a role r that has permission to access obj. –At the source, the required credential attributes for the requested object are compared against the submitted credentials.

11 24-Dec-2004V. Atluri 11 Policy Translation Key Idea: Users are not mapped to a specific role at the source entity. Instead, their credential attributes are matched with those required to access an object. Key Idea: Users are not mapped to a specific role at the source entity. Instead, their credential attributes are matched with those required to access an object. Algorithm Algorithm 1.User requests access to remote object. (user-object level) 2.User’s potential local role set is identified. (role level) 3.Credentials associated with local roles are extracted. (role level) 4.Request message containing the credentials are sent to the object source based on policy p. (coalition level) 5.Credential attributes necessary to access object extracted from examining local source roles that have permission and compared with destination credentials. (role level) 6.If destination credentials are sufficient, access to object is permitted. (user-object level)

12 24-Dec-2004V. Atluri 12 Example Scenario Dr. Roberts, a member of Doctors Without Borders, wishes to access data on infection diseases in the area of an earthquake (Turkey) in a database maintained by the International Red Cross. Dr. Roberts is a member of the internal role “doctor” He has a credential “medical-doctor” which has attributes: –affiliation: Doctors without Borders –speciality: Immunology

13 24-Dec-2004V. Atluri 13 Object Hierarchy Outbreak Reports (OID=510) Nepal-october1999 (OID=720) Turkey-july2004 (OID=730) Brazil-0202 (OID= 514) Red Cross Emergency Response Info System Infectious Diseases (OID=500) Incident Data (OID=700) ……. Turkey-0503 (OID= 517) bloodtests (OID= 722) Case reports (OID= 729) bloodtests (OID= 731) Case reports (OID= 735) ….

14 24-Dec-2004V. Atluri 14 Objects Relevant to the Coalition Outbreak Reports (OID=510) Nepal-october1999 (OID=720) Turkey-july2004 (OID=730) Brazil-0202 (OID= 514) Red Cross Emergency Response Info System Infectious Diseases (OID=500) Incident Data (OID=700) ……. Turkey-0503 (OID= 517) bloodtests (OID= 722) Case reports (OID= 729) bloodtests (OID= 731) Case reports (OID= 735) ….

15 24-Dec-2004V. Atluri 15 Example Scenario Role Interpreter User-Object Access Controller Doctors Without Borders International Red Cross 1  roberts, concept: infectious diseases  Dr. Roberts 2  doctor, ( location: Turkey, specialty: immunology)  concept: infectious diseases   Coalition-level Policy interpreter Role Interpreter User-Object Access Controller Coalition-level Policy interpreter 3  555444555, DB99, RC11,  doctor, (location:Turkey, speciality: immunology)  concept: infectious diseases     doctor, ( location: Turkey, specialty: immunology)  concept: infectious diseases   4  934, 527, 777, 1112  5 6

16 24-Dec-2004V. Atluri 16 CBAC System Architecture Collaborative Interface Credential Issuer Entity 1 Existing Systems (DBs, File systems, Workflow systems) Role Hierarchy Object Hierarchy Entity 1 Coalition Control System RBAC Module Policy Interpretor Role Mediator User-Object Controller RBAC Module Entity 2 Existing Systems (DBs, File systems, Workflow systems) Role Hierarchy Object Hierarchy Policy Interpretor Role Mediator User-Object Controller Entity 2 Coalition Control System

17 24-Dec-2004V. Atluri 17 CBAC Components Role Hierarchy Role Hierarchy –Identifies objects in the object db that can be accessed by defined roles. –Specifies credentials that are to be associated with the role. –Indicates actions allowed on the objects or actions specifically denied –Tracks roles granted to coalition members and roles received from coalition members

18 24-Dec-2004V. Atluri 18 CBAC Components Object Hierarchy DB: Object Hierarchy DB: –Contains description of resources that can be externally shared within coalitions –Is arranged in a hierarchy so that permissions can be given at different levels –Stores attributes of objects including object types, keywords, concepts. –Includes the physical location of objects –Contains conditions on sharing with external organizations

19 24-Dec-2004V. Atluri 19 Future Research Shared Ownership of Objects Shared Ownership of Objects Formation of Coalitions Based on Published Policies Rather than High Level Agreements Formation of Coalitions Based on Published Policies Rather than High Level Agreements Separation of Duty and other Constraints Separation of Duty and other Constraints Delegation Delegation Implementation Implementation

Download ppt "Vijayalakshmi Atluri MSIS Department and CIMIC Rutgers University - USA Automatic Enforcement of Access Control Policies Among Dynamic Coalitions."

Similar presentations

UDDI v3.0 (Universal Description, Discovery and Integration)

UDDI v3.0 (Universal Description, Discovery and Integration)
Database Systems: Design, Implementation, and Management Tenth Edition

Database Systems: Design, Implementation, and Management Tenth Edition
Administrative Policies in XACML Erik Rissanen Swedish Institute of Computer Science.

Administrative Policies in XACML Erik Rissanen Swedish Institute of Computer Science.
OASIS Reference Model for Service Oriented Architecture 1.0

OASIS Reference Model for Service Oriented Architecture 1.0
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
DGC Paris 4.03.02 Community Authorization Service (CAS) and EDG Presentation by the Globus CAS team & Peter Kunszt, WP2.

DGC Paris Community Authorization Service (CAS) and EDG Presentation by the Globus CAS team & Peter Kunszt, WP2.
CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.
1 SYSTEM and MODULE DESIGN Elements and Definitions.

1 SYSTEM and MODULE DESIGN Elements and Definitions.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
1 Lecture 13: Database Heterogeneity Debriefing Project Phase 2.

1 Lecture 13: Database Heterogeneity Debriefing Project Phase 2.
Introduction to Databases Transparencies

Introduction to Databases Transparencies
An Attribute Graph Based Approach to Map Local Access Control Policies to Credential Based Access Control Policies Janice Warner and Vijayalakshmi Atluri.

An Attribute Graph Based Approach to Map Local Access Control Policies to Credential Based Access Control Policies Janice Warner and Vijayalakshmi Atluri.
A Credential-Based Approach for Facilitating Automatic, Secure Resource Sharing Among Ad-hoc Dynamic Coalitions Janice Warner and Vijayalakshmi Atluri.

A Credential-Based Approach for Facilitating Automatic, Secure Resource Sharing Among Ad-hoc Dynamic Coalitions Janice Warner and Vijayalakshmi Atluri.
Information Technology in Organizations

Information Technology in Organizations
Lecture 7 Access Control

Lecture 7 Access Control
Distributed Computer Security 8.2 Discretionary Access Control Models - Sai Phalgun Tatavarthy.

Distributed Computer Security 8.2 Discretionary Access Control Models - Sai Phalgun Tatavarthy.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
Academic Year 2014 Spring.

Academic Year 2014 Spring.
Understanding Active Directory

Understanding Active Directory

Similar presentations

Ads by Google