1. 1 ACSAC 2002 © Mohammad al-Kahtani 2002 A Model for Attribute-Based User-Role Assignment Mohammad A. Al-Kahtani Ravi Sandhu George Mason University SingleSignOn.net, Inc. & malkahta@gmu.edu George Mason University sandhu@gmu.edu

2. 2 ACSAC 2002 © Mohammad al-Kahtani 2002 Presentation Roadmap 1.Introduction 2.Problem Description 3.Suggested Solution 4.Case Study 5.Expressing MAC

3. 3 ACSAC 2002 © Mohammad al-Kahtani 2002 Introduction Role-Based Access Control (RBAC): A proven alternative to DAC and MAC RBAC basic components: 1. Users 2. Roles 3. Permissions

4. 4 ACSAC 2002 © Mohammad al-Kahtani 2002 Introduction Simplified RBAC Model Role Hierarchy Users (UA) User Assignment (PA) Permission Assignment Roles Permiss- ions

5. 5 ACSAC 2002 © Mohammad al-Kahtani 2002 Presentation Roadmap 1.Introduction 2.Problem Description 3.Suggested Solution 4.Case Study 5.Expressing MAC

6. 6 ACSAC 2002 © Mohammad al-Kahtani 2002 Problem Description In RBAC, user-to-role assignment is done manually Many enterprises have huge customer bases: Banks Utilities companies Popular web sties Manual assignment becomes a formidable task

7. 7 ACSAC 2002 © Mohammad al-Kahtani 2002 Presentation Roadmap 1.Introduction 2.Problem Description 3.Suggested Solution 4.Case Study 5.Expressing MAC

8. 8 ACSAC 2002 © Mohammad al-Kahtani 2002 Suggested Solution Modify RBAC to allow automatic user-role assignment Introducing Authorization Rules Authorization rule structure: Constraints Attributes Expression Roles

9. 9 ACSAC 2002 © Mohammad al-Kahtani 2002 Suggested Solution Rule-Based RBAC (RB-RBAC) Attributes Expressions Users Roles Permissions Constraints Attributes values

10. 10 ACSAC 2002 © Mohammad al-Kahtani 2002 Suggested Solution Attributes Values: 1. Stored locally 2. Provided by users 3. Other means Attributes Expressions Users Roles Permissions Constraints Attributes values

11. 11 ACSAC 2002 © Mohammad al-Kahtani 2002 Suggested Solution Attributes Expressions: 1. Expressed in RB-RBAC language 2. Constitute LHS of authorization rules RB-RBAC production rules are in BNF notation. Attributes Expressions Users Roles Permissions Constraints Attributes values

12. 12 ACSAC 2002 © Mohammad al-Kahtani 2002 Suggested Solution Constraints: Future work Attributes Expressions Users Roles Permissions Constraints Attributes values

13. 13 ACSAC 2002 © Mohammad al-Kahtani 2002 Suggested Solution Seniority Levels Relations among authorization rules Rule i: Rule j: Rule i is senior to Rule j Attributes Expression Roles Attributes Expression Roles Logically implies

14. 14 ACSAC 2002 © Mohammad al-Kahtani 2002 Suggested Solution Seniority Levels Anomalies 1. Redundancy Rule i is senior to Rule j Rule i Rule j Role 1 Role 1 & Role 2

15. 15 ACSAC 2002 © Mohammad al-Kahtani 2002 Suggested Solution Seniority Levels anomalies 1. Redundancy Rule i is senior to Rule j Rule i Rule j Role 1 Role 2 Role 1 is senior to Role 2

16. 16 ACSAC 2002 © Mohammad al-Kahtani 2002 Suggested Solution Seniority Levels anomalies 2. Inconsistency Rule i is senior to Rule j Rule i Rule j Role 1 Role 2 Role 1 and 2 are mutually exclusive

17. 17 ACSAC 2002 © Mohammad al-Kahtani 2002 Presentation Roadmap 1.Introduction 2.Problem Description 3.Suggested Solution 4.Case Study 5.Expressing MAC

18. 18 ACSAC 2002 © Mohammad al-Kahtani 2002 Case Study Online Entertainment Store Suggested rating system Attributes Age Country Rating LevelsRoles StrictChild Less StrictJuvenile LiberalAdolescent GraphicAdult

19. 19 ACSAC 2002 © Mohammad al-Kahtani 2002 Case Study Attributes: Age 1.Rule 1:: (Age 3) Child 2.Rule 2:: (Age 11) Juvenile 3.Rule 3:: (Age 16) Adolescent 4.Rule 4:: (Age 18) Adult AgeRole 3 Child 11 Juvenile 16 Adolescent 18 Adult

20. 20 ACSAC 2002 © Mohammad al-Kahtani 2002 Case Study Attributes: Country 1. Rule 1:: (Country IN {A..Z}) Juvenile 2. Rule 2:: (Country IN {{A..Z} – {Saudi, Sudan}}) Adolescent 3. Rule 3:: (Country IN {{A..Z} – {China, India, Saudi, Sudan, Egypt, Indonesia, Malaysia, Singapore}}) Adult CountryRole Country in {A..Z}Juvenile Country in {{A..Z} – {Saudi, Sudan}} Adolescent Country in {{A..Z} – {China, India, Saudi, Sudan, Egypt, Indonesia, Malaysia, Singapore}} Adult

21. 21 ACSAC 2002 © Mohammad al-Kahtani 2002 Case Study Authorization rules for the 2 attributes: 1.Rule 1:: (Age 3) AND (country IN {A..Z}) Child 2.Rule 2:: (Age 11) AND (country IN {A..Z}) Juvenile 3.Rule 3:: (Age 16) AND (country IN {{A..Z} – {Saudi, Sudan}}) Adolescent 4.Rule 4:: (Age 18) AND (Country IN {{A..Z} – {China, India, Saudi, Sudan, Egypt, Indonesia, Malaysia, Singapore }}) Adult

22. 22 ACSAC 2002 © Mohammad al-Kahtani 2002 Presentation Roadmap 1.Introduction 2.Problem Description 3.Suggested Solution 4.Case Study 5.Expressing MAC

23. 23 ACSAC 2002 © Mohammad al-Kahtani 2002 Expressing MAC Adult Adolescent Juvenile Child Adult Write (AW) Adolescent Write (DW) Juvenile Write (JW) Child Write (CW) Security Lattice Role Hierarchies Adolescent Read (DR) Juvenile Read (JR) Child Read (CR) Adult Read (AR)

24. 24 ACSAC 2002 © Mohammad al-Kahtani 2002 Expressing MAC Authorization Rules: Rule 1:: (Age 3) AND (country IN {A..Z}) CR AND CW Rule 2:: (Age 11) AND (country IN {A..Z}) JR AND JW Rule 3:: (Age 16) AND (country IN {{A..Z} – {Saudi, Sudan}}) DR AND DW Rule 4:: (Age 18) AND (Country IN {{A..Z} –{China, India, Saudi, Sudan, Egypt, Indonesia, Malaysia, Singapore}}) AR AND AW