1. Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student

2. Problems Mandatory Access Control (MAC)  Central authority determines access control Discretionary Access Control (DAC)  Decentralized  Access control decisions lie with the owner of an object Access control on a per user basis Access control needs are unique Existing products lack flexibility

3. Solution Role Based Access Control  Permission associated with roles and users assigned to appropriate roles Motivation  Organization style Competency Authority and responsibility Duty assignments - Security administration and review - Simple role-permission relationship - Ability to meet the changing needs of an organization

4. Role related concepts What is the difference between roles and groups?  User – permission distinction  Eg. Unix operating system RBAC is policy neutral but supports  Least privilege  Separation of duties  Data Abstraction

5. Four Reference Models

6. Base Model (RBAC 0 ) User  Typically a human being Role  Job title Permission  Approval of a mode of access to some object  Variety of permissions from coarse grain to fine grain  Depends on implementation details of the system Session  Mapping of one user to many roles  Multiple sessions  Each session may map single or multiple roles of the users subset

7. RBAC Models

8. Role Hierarchies (RBAC 1 ) Reflects an organization’s role structure Supports inheritance of permissions Hierarchies are a partial order Useful to limit scope of inheritance  Private roles

9. Role Hierarchy Examples

10. Role Hierarchy Examples Continued

11. Constraints (RBAC 2 ) Argued to be the principal motivation Is a convenience when RBAC is centralized When decentralized becomes a mechanism for restriction Types of Constraints  Mutually exclusive roles/ permissions  Cardinality constraints  Prerequisite roles Effective only if suitable discipline is observed  Mapping one user to more than one u-id  Mapping one permission to more than one p-id Role Hierarchies can be considered a constraint

12. Consolidated Model (RBAC 3 ) Combines Constraints and Role Hierarchies Issues raised  Constraints can apply to the role hierarchy itself  Violation of mutual exclusion constraint may be acceptable  Specify mutual exclusion of private roles without any conflict

13. Management Model Till now, we assumed the presence of a single security officer Normally have a small administrative team to mange RBAC Propagation of rights

14. Management Model

15. Management Model Proposed Administrative roles and permissions are disjoint from regular roles and permissions Administrative authority can be viewed as the ability to modify user assignments, permissions, assignment and role hierarchy relations. Mirror copy of the top half with ARBAC 0-3 for different levels of sophistication Issues  How to scope administrative authority in administrative roles  Scope permissions and users of an administrative role

16. Management Model Continued

17. Critique Was published in 1996 and a lot of improvements have been proposed to these models Issues are raised in the consolidated and management models but no solution is proposed Lacked a related work section giving us an overview of similar work done and how the proposed model is superior

18. Questions