Presentation is loading. Please wait.

Presentation is loading. Please wait.

SECURING CYBERSPACE: THE OM-AM, RBAC AND PKI ROADMAP Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University

Similar presentations


Presentation on theme: "SECURING CYBERSPACE: THE OM-AM, RBAC AND PKI ROADMAP Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University"— Presentation transcript:

1 SECURING CYBERSPACE: THE OM-AM, RBAC AND PKI ROADMAP Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University sandhu@gmu.edu www.list.gmu.edu

2 2 © Ravi Sandhu 2000 INTERNET INSECURITY u Internet insecurity spreads at Internet speed l Morris worm of 1987 l Password sniffing attacks in 1994 l IP spoofing attacks in 1995 l Denial of service attacks in 1996 l Email borne viruses 1999 l Distributed denial of service attacks 2000 u Internet insecurity grows at super-Internet speed l security incidents are growing faster than the Internet (which has roughly doubled every year since 1988)

3 3 © Ravi Sandhu 2000 INTERNET INSECURITY u Its only going to get worse

4 4 © Ravi Sandhu 2000 INTERNET SECURITY u There are no clear cut boundaries in modern cyberspace l AOL-Microsoft instant messaging war of 1999 l Hotmail password bypass of 1999 l Ticketmaster deep web links l ebay versus auction aggregators

5 5 © Ravi Sandhu 2000 SECURITY OBJECTIVES INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure USAGE-CONTROL purpose

6 6 © Ravi Sandhu 2000 AUTHORIZATION, TRUST AND RISK u Information security is fundamentally about managing l authorization and l trust so as to manage risk

7 7 © Ravi Sandhu 2000 SECURITY DOCTRINE u Prevent u Detect u Correct u Accept

8 8 © Ravi Sandhu 2000 SECURITY DOCTRINE u absolute security is impossible does not mean absolute insecurity is acceptable u security is a journey not a destination

9 9 © Ravi Sandhu 2000 SOLUTIONS u OM-AM u RBAC u PKI u and others

10 10 © Ravi Sandhu 2000 THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance

11 11 © Ravi Sandhu 2000 LAYERS AND LAYERS u Multics rings u Layered abstractions u Waterfall model u Network protocol stacks u OM-AM

12 12 © Ravi Sandhu 2000 OM-AM AND MANDATORY ACCESS CONTROL (MAC) What? How? No information leakage Lattices (Bell-LaPadula) Security kernel Security labels AssuranceAssurance

13 13 © Ravi Sandhu 2000 OM-AM AND DISCRETIONARY ACCESS CONTROL (DAC) What? How? Owner-based discretion numerous ACLs, Capabilities, etc AssuranceAssurance

14 14 © Ravi Sandhu 2000 OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC) What? How? Policy neutral RBAC96 user-pull, server-pull, etc. certificates, tickets, PACs, etc. AssuranceAssurance

15 15 © Ravi Sandhu 2000 ROLE-BASED ACCESS CONTROL (RBAC) u A users permissions are determined by the users roles l rather than identity or clearance l roles can encode arbitrary attributes u multi-faceted u ranges from very simple to very sophisticated

16 16 © Ravi Sandhu 2000 RBAC SECURITY PRINCIPLES u least privilege u separation of duties u separation of administration and access u abstract operations

17 17 © Ravi Sandhu 2000 RBAC96 IEEE Computer Feb. 1996 u Policy neutral u can be configured to do MAC l roles simulate clearances (ESORICS 96) u can be configured to do DAC l roles simulate identity (RBAC98)

18 18 © Ravi Sandhu 2000 RBAC96 FAMILY OF MODELS RBAC0 BASIC RBAC RBAC3 ROLE HIERARCHIES + CONSTRAINTS RBAC1 ROLE HIERARCHIES RBAC2 CONSTRAINTS

19 19 © Ravi Sandhu 2000 RBAC0 ROLES USER-ROLE ASSIGNMENT PERMISSION-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS

20 20 © Ravi Sandhu 2000 RBAC1 ROLES USER-ROLE ASSIGNMENT PERMISSION-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE HIERARCHIES

21 21 © Ravi Sandhu 2000 HIERARCHICAL ROLES Health-Care Provider Physician Primary-Care Physician Specialist Physician

22 22 © Ravi Sandhu 2000 HIERARCHICAL ROLES Engineer Hardware Engineer Software Engineer Supervising Engineer

23 23 © Ravi Sandhu 2000 PRIVATE ROLES Engineer Hardware Engineer Software Engineer Supervising Engineer Hardware Engineer Software Engineer

24 24 © Ravi Sandhu 2000 EXAMPLE ROLE HIERARCHY Employee (E) Engineering Department (ED) Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Director (DIR) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1

25 25 © Ravi Sandhu 2000 EXAMPLE ROLE HIERARCHY Employee (E) Engineering Department (ED) Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1

26 26 © Ravi Sandhu 2000 EXAMPLE ROLE HIERARCHY Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Director (DIR) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1

27 27 © Ravi Sandhu 2000 EXAMPLE ROLE HIERARCHY Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1

28 28 © Ravi Sandhu 2000 RBAC3 ROLES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE HIERARCHIES CONSTRAINTS

29 29 © Ravi Sandhu 2000 CONSTRAINTS u Mutually Exclusive Roles l Static: The same individual can never hold both roles l Dynamic: The same individual can never activate both roles in the same context u Mutually Exclusive Permissions u Cardinality Constraints on User-Role Assignment u Cardinality Constraints on Permissions-Role Assignment

30 30 © Ravi Sandhu 2000 OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC) What? How? Policy neutral RBAC96 user-pull, server-pull, etc. certificates, tickets, PACs, etc. AssuranceAssurance

31 31 © Ravi Sandhu 2000 CLIENT-SERVER SERVER-PULL ARCHITECTURE ClientServer Authorization Server Authentication Server

32 32 © Ravi Sandhu 2000 CLIENT-SERVER USER-PULL ARCHITECTURE ClientServer Authorization Server Authentication Server

33 33 © Ravi Sandhu 2000 CLIENT-SERVER PROXY OR THREE-TIER ClientServer Authorization Server Authentication Server

34 34 © Ravi Sandhu 2000 OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC) What? How? Policy neutral RBAC96 user-pull, server-pull, etc. certificates, tickets, PACs, etc. AssuranceAssurance

35 35 © Ravi Sandhu 2000 Related Mechanisms u Cookies l in widespread current use for maintaining state of HTTP l becoming a standard l not secure u Public-Key Certificates (X.509) l support security on the Web based on PKI l standard l simply, bind users to keys l have the ability to be extended

36 36 © Ravi Sandhu 2000 Cookies

37 37 © Ravi Sandhu 2000 Security Threats to Cookies u Cookies are not secure l No authentication l No integrity l No confidentiality u can be easily attacked by l Network Security Threats l End-System Threats l Cookie Harvesting Threats

38 38 © Ravi Sandhu 2000 How to Use Secure Cookies

39 39 © Ravi Sandhu 2000 Secure Cookies on the Web

40 40 © Ravi Sandhu 2000 Applications of Secure Cookies u User Authentication u Electronic Transaction u Pay-Per-Access u Attribute-based Access Control

41 41 © Ravi Sandhu 2000 X.509 Certificate u Digitally signed by a certificate authority l to confirm the information in the certificate belongs to the holder of the corresponding private key u Contents l version, serial number, subject, validity period, issuer, optional fields (v2) l subjects public key and algorithm info. l extension fields (v3) l digital signature of CA u Binding users to keys u Certificate Revocation List (CRL)

42 42 © Ravi Sandhu 2000 X.509 Certificate

43 43 © Ravi Sandhu 2000 Smart Certificates u Short-Lived Lifetime l More secure n typical validity period for X.509 is months (years) n the longer-lived certificates have a higher probability of being attacked –users may leave copies of the corresponding keys behind l No Certificate Revocation List (CRL) n supports simple and less expensive PKI

44 44 © Ravi Sandhu 2000 Smart Certificates u Containing Attributes Securely l Web servers can use secure attributes for their purposes l Each authority has independent control on the corresponding information n basic certificate (containing identity information) n each attribute can be added, changed, revoked, or re-issued by the appropriate authority –e.g., role, credit card number, clearance, etc.

45 45 © Ravi Sandhu 2000 Applications of Smart Certificates u Very similar to applications of secure cookies

46 46 © Ravi Sandhu 2000 THE OM-AM WAY Objectives Model Architecture Mechanism What? How? AssuranceAssurance

47 47 © Ravi Sandhu 2000 INTERNET INSECURITY u Its only going to get worse u But security is a fun and profitable business and will get more so


Download ppt "SECURING CYBERSPACE: THE OM-AM, RBAC AND PKI ROADMAP Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University"

Similar presentations


Ads by Google