Download presentation
Presentation is loading. Please wait.
Published byChristian Stone Modified over 11 years ago
1
SECURING CYBERSPACE: THE OM-AM, RBAC AND PKI ROADMAP Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University sandhu@gmu.edu www.list.gmu.edu
2
2 © Ravi Sandhu 2000 INTERNET INSECURITY u Internet insecurity spreads at Internet speed l Morris worm of 1987 l Password sniffing attacks in 1994 l IP spoofing attacks in 1995 l Denial of service attacks in 1996 l Email borne viruses 1999 l Distributed denial of service attacks 2000 u Internet insecurity grows at super-Internet speed l security incidents are growing faster than the Internet (which has roughly doubled every year since 1988)
3
3 © Ravi Sandhu 2000 INTERNET INSECURITY u Its only going to get worse
4
4 © Ravi Sandhu 2000 INTERNET SECURITY u There are no clear cut boundaries in modern cyberspace l AOL-Microsoft instant messaging war of 1999 l Hotmail password bypass of 1999 l Ticketmaster deep web links l ebay versus auction aggregators
5
5 © Ravi Sandhu 2000 SECURITY OBJECTIVES INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure USAGE-CONTROL purpose
6
6 © Ravi Sandhu 2000 AUTHORIZATION, TRUST AND RISK u Information security is fundamentally about managing l authorization and l trust so as to manage risk
7
7 © Ravi Sandhu 2000 SECURITY DOCTRINE u Prevent u Detect u Correct u Accept
8
8 © Ravi Sandhu 2000 SECURITY DOCTRINE u absolute security is impossible does not mean absolute insecurity is acceptable u security is a journey not a destination
9
9 © Ravi Sandhu 2000 SOLUTIONS u OM-AM u RBAC u PKI u and others
10
10 © Ravi Sandhu 2000 THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance
11
11 © Ravi Sandhu 2000 LAYERS AND LAYERS u Multics rings u Layered abstractions u Waterfall model u Network protocol stacks u OM-AM
12
12 © Ravi Sandhu 2000 OM-AM AND MANDATORY ACCESS CONTROL (MAC) What? How? No information leakage Lattices (Bell-LaPadula) Security kernel Security labels AssuranceAssurance
13
13 © Ravi Sandhu 2000 OM-AM AND DISCRETIONARY ACCESS CONTROL (DAC) What? How? Owner-based discretion numerous ACLs, Capabilities, etc AssuranceAssurance
14
14 © Ravi Sandhu 2000 OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC) What? How? Policy neutral RBAC96 user-pull, server-pull, etc. certificates, tickets, PACs, etc. AssuranceAssurance
15
15 © Ravi Sandhu 2000 ROLE-BASED ACCESS CONTROL (RBAC) u A users permissions are determined by the users roles l rather than identity or clearance l roles can encode arbitrary attributes u multi-faceted u ranges from very simple to very sophisticated
16
16 © Ravi Sandhu 2000 RBAC SECURITY PRINCIPLES u least privilege u separation of duties u separation of administration and access u abstract operations
17
17 © Ravi Sandhu 2000 RBAC96 IEEE Computer Feb. 1996 u Policy neutral u can be configured to do MAC l roles simulate clearances (ESORICS 96) u can be configured to do DAC l roles simulate identity (RBAC98)
18
18 © Ravi Sandhu 2000 RBAC96 FAMILY OF MODELS RBAC0 BASIC RBAC RBAC3 ROLE HIERARCHIES + CONSTRAINTS RBAC1 ROLE HIERARCHIES RBAC2 CONSTRAINTS
19
19 © Ravi Sandhu 2000 RBAC0 ROLES USER-ROLE ASSIGNMENT PERMISSION-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS
20
20 © Ravi Sandhu 2000 RBAC1 ROLES USER-ROLE ASSIGNMENT PERMISSION-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE HIERARCHIES
21
21 © Ravi Sandhu 2000 HIERARCHICAL ROLES Health-Care Provider Physician Primary-Care Physician Specialist Physician
22
22 © Ravi Sandhu 2000 HIERARCHICAL ROLES Engineer Hardware Engineer Software Engineer Supervising Engineer
23
23 © Ravi Sandhu 2000 PRIVATE ROLES Engineer Hardware Engineer Software Engineer Supervising Engineer Hardware Engineer Software Engineer
24
24 © Ravi Sandhu 2000 EXAMPLE ROLE HIERARCHY Employee (E) Engineering Department (ED) Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Director (DIR) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1
25
25 © Ravi Sandhu 2000 EXAMPLE ROLE HIERARCHY Employee (E) Engineering Department (ED) Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1
26
26 © Ravi Sandhu 2000 EXAMPLE ROLE HIERARCHY Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Director (DIR) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1
27
27 © Ravi Sandhu 2000 EXAMPLE ROLE HIERARCHY Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1
28
28 © Ravi Sandhu 2000 RBAC3 ROLES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE HIERARCHIES CONSTRAINTS
29
29 © Ravi Sandhu 2000 CONSTRAINTS u Mutually Exclusive Roles l Static: The same individual can never hold both roles l Dynamic: The same individual can never activate both roles in the same context u Mutually Exclusive Permissions u Cardinality Constraints on User-Role Assignment u Cardinality Constraints on Permissions-Role Assignment
30
30 © Ravi Sandhu 2000 OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC) What? How? Policy neutral RBAC96 user-pull, server-pull, etc. certificates, tickets, PACs, etc. AssuranceAssurance
31
31 © Ravi Sandhu 2000 CLIENT-SERVER SERVER-PULL ARCHITECTURE ClientServer Authorization Server Authentication Server
32
32 © Ravi Sandhu 2000 CLIENT-SERVER USER-PULL ARCHITECTURE ClientServer Authorization Server Authentication Server
33
33 © Ravi Sandhu 2000 CLIENT-SERVER PROXY OR THREE-TIER ClientServer Authorization Server Authentication Server
34
34 © Ravi Sandhu 2000 OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC) What? How? Policy neutral RBAC96 user-pull, server-pull, etc. certificates, tickets, PACs, etc. AssuranceAssurance
35
35 © Ravi Sandhu 2000 Related Mechanisms u Cookies l in widespread current use for maintaining state of HTTP l becoming a standard l not secure u Public-Key Certificates (X.509) l support security on the Web based on PKI l standard l simply, bind users to keys l have the ability to be extended
36
36 © Ravi Sandhu 2000 Cookies
37
37 © Ravi Sandhu 2000 Security Threats to Cookies u Cookies are not secure l No authentication l No integrity l No confidentiality u can be easily attacked by l Network Security Threats l End-System Threats l Cookie Harvesting Threats
38
38 © Ravi Sandhu 2000 How to Use Secure Cookies
39
39 © Ravi Sandhu 2000 Secure Cookies on the Web
40
40 © Ravi Sandhu 2000 Applications of Secure Cookies u User Authentication u Electronic Transaction u Pay-Per-Access u Attribute-based Access Control
41
41 © Ravi Sandhu 2000 X.509 Certificate u Digitally signed by a certificate authority l to confirm the information in the certificate belongs to the holder of the corresponding private key u Contents l version, serial number, subject, validity period, issuer, optional fields (v2) l subjects public key and algorithm info. l extension fields (v3) l digital signature of CA u Binding users to keys u Certificate Revocation List (CRL)
42
42 © Ravi Sandhu 2000 X.509 Certificate
43
43 © Ravi Sandhu 2000 Smart Certificates u Short-Lived Lifetime l More secure n typical validity period for X.509 is months (years) n the longer-lived certificates have a higher probability of being attacked –users may leave copies of the corresponding keys behind l No Certificate Revocation List (CRL) n supports simple and less expensive PKI
44
44 © Ravi Sandhu 2000 Smart Certificates u Containing Attributes Securely l Web servers can use secure attributes for their purposes l Each authority has independent control on the corresponding information n basic certificate (containing identity information) n each attribute can be added, changed, revoked, or re-issued by the appropriate authority –e.g., role, credit card number, clearance, etc.
45
45 © Ravi Sandhu 2000 Applications of Smart Certificates u Very similar to applications of secure cookies
46
46 © Ravi Sandhu 2000 THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance
47
47 © Ravi Sandhu 2000 INTERNET INSECURITY u Its only going to get worse u But security is a fun and profitable business and will get more so
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.