We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byTrinity Willis
Modified over 2 years ago
INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio September © Ravi Sandhu * Abstraction, Separation, Containment, Automation, Accountability Advertised title
INSTITUTE FOR CYBER SECURITY 2 A Perspective on Usage Control and its Future Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at San Antonio September © Ravi Sandhu Alternate title
INSTITUTE FOR CYBER SECURITY Outline Security trends and change drivers Foundational security assumptions Usage: a fundamental security objective The Usage Control or UCON model The PEI (Policy, Enforcement, Implementation) framework The ASCAA principles (Abstraction, Separation, Containment, Automation, Accountability) © Ravi Sandhu3
INSTITUTE FOR CYBER SECURITY Security Trends and Change Drivers © Ravi Sandhu4 Stand-alone computersInternet Enterprise security Mutually suspicious yet mutually dependent security VandalsCriminals, Nation states, Terrorists Few standard services Many and new innovative services We are at an inflection point
INSTITUTE FOR CYBER SECURITY Diffie on Information Security … 2007 Now we face a new challenge to security, a world of shared computing and web services. As with radio, this technology is too valuable to go unused, By contrast with radio, which could be protected with cryptography, there may be no technology that can protect shared computation to the degree we would call secure today. In a decade or a generation, there may be no secure computing. © Ravi Sandhu5 Need to be realistic in our security expectations
INSTITUTE FOR CYBER SECURITY Butler Lampson Paraphrased (I think) Computer scientists could never have designed the web because they would have tried to make it work. But the Web does work. What does it mean for the Web to work? Security geeks could never have designed the ATM network because they would have tried to make it secure. But the ATM network is secure. What does it mean for the ATM network to be secure? © Ravi Sandhu6
INSTITUTE FOR CYBER SECURITY Foundational Security Assumptions Information needs to be protected In motion At rest In use Absolute security is impossible and unnecessary Trying to approximate absolute security is a bad strategy Good enough security is feasible and meaningful Security is meaningless without application context Cannot know we have good enough without this context Models and abstractions are all important Without a conceptual framework it is hard to separate what needs to be done from how we do it © Ravi Sandhu7 We are not very good at doing any of this
INSTITUTE FOR CYBER SECURITY Security Objectives 8 INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure USAGE purpose USAGE © Ravi Sandhu
INSTITUTE FOR CYBER SECURITY Usage Control Scope © Ravi Sandhu9 Security Objectives Security Architectures
INSTITUTE FOR CYBER SECURITY Access Control Models Discretionary Access Control (DAC) Owner controls access but only to the original, not to copies Mandatory Access Control (MAC) Access based on security labels Labels propagate to copies Role-Based Access Control (RBAC) Access based on roles Can be configured to do DAC or MAC Attribute-Based Access Control (ABAC) Access based on attributes, to possibly include roles, security labels and whatever © Ravi Sandhu10
INSTITUTE FOR CYBER SECURITY Usage Control Model (UCON) © Ravi Sandhu11 unified model integrating authorization obligation conditions and incorporating continuity of decisions mutability of attributes
INSTITUTE FOR CYBER SECURITY PEI Models: 3 Layers/5 Layers © Ravi Sandhu12
INSTITUTE FOR CYBER SECURITY Policy Model © Ravi Sandhu13 Initial state: Never been a member State I Currently a member State II Past member State III enrolldis- enroll enroll 1. Straight-forward. User has no access to any group documents. 1. Access to current documents only (or) 2. Access to current documents and past documents 3. Access can be further restricted with rate and/or usage limits 4. Access can be further restricted on basis of individual user credentials 1. Past member loses access to all documents (or) 2. can access any document created during his membership (or) 3. can access documents he accessed during membership (or) 4. can access all documents created before he left the group (this includes the ones created before his join time) 5. all subject to possible additional rate, usage and user credential restrictions 1. No rejoin of past members is allowed, rejoin with new ID (or) 2. Past members rejoin the group just like any other user who has never been a member 3. The same access policies defined during his prior membership should again be enforced (or) 4. access policies could vary between membership cycles
INSTITUTE FOR CYBER SECURITY Enforcement Model © Ravi Sandhu Group-AdminMember Joining Member Control Center (CC) 7 Ideal Model: steps 3 and 4 are coupled Approximate Model: steps 3 and 4 are de-coupled D-Member 6 Member enroll and dis-enroll (steps 1-2, 5) Document add and remove (step 6, 7) Read policy enforcement (step 3) Attribute update (step 4) Two sets of attributes Authoritative: as known to the CC Local: as known on a members computer
INSTITUTE FOR CYBER SECURITY Implementation Model © Ravi Sandhu15 Use TC mechanisms to bind group key + attributes to TRM
INSTITUTE FOR CYBER SECURITY Founding Principles of RBAC Abstraction of Privileges Credit is different from Debit even though both require read and write Separation of Administrative Functions Separation of user-role assignment from role-permission assignment Least Privilege Right-size the roles Dont activate all roles all the time Separation of Duty Static separation: purchasing manager versus accounts payable manager Dynamic separation: cash-register clerk versus cash-register manager © Ravi Sandhu16
INSTITUTE FOR CYBER SECURITY ASCAA Principles Abstraction of Privileges Credit vs debit Personalized permissions Separation of Administrative Functions Containment Least Privilege Separation of Duties Usage Limits Automation Revocation Assignment: (i) Self-assignment, (ii) Attribute-based Context and environment adjustment Accountability Re-authentication/Escalated authentication Click-through obligations Notification and alerts © Ravi Sandhu17
INSTITUTE FOR CYBER SECURITY Conclusion Security trends and change drivers Foundational security assumptions Usage: a fundamental security objective The Usage Control or UCON model The PEI (Policy, Enforcement, Implementation) framework The ASCAA principles (Abstraction, Separation, Containment, Automation, Accountability) © Ravi Sandhu18 Questions?? Comments!!
INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Institute for Cyber Security ASCAA Principles for Next- Generation Role-Based Access Control Ravi Sandhu Executive Director & Endowed Professor Institute.
INSTITUTE FOR CYBER SECURITY 1 Access Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University of Texas at.
1 PEI Models towards Scalable, Usable and High-assurance Information Sharing Ram Krishnan Laboratory for Information Security Technology George Mason University.
© Ravi Sandhu The Secure Information Sharing Problem and Solution Approaches Ravi Sandhu Professor of Information Security and Assurance.
The Future: Evolution of the Technology Ravi Sandhu Chief Scientist TriCipher, Inc. Los Gatos, California Executive Director and Chaired Professor Institute.
INSTITUTE FOR CYBER SECURITY 1 The PEI + UCON Framework for Application Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
INSTITUTE FOR CYBER SECURITY 1 The PEI Framework for Application-Centric Security Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for.
© 2004 Ravi Sandhu Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology.
1/25/ ISI-AIS Workshop1 TIUPAM: A Framework for Trustworthiness-centric Information Sharing Shouhuai Xu Univ. Texas at San Antonio Joint work with.
1 Security and the Cloud: Cloud Trust Brokers Ravi Ganesan* Founder, SafeMashups
Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University.
E-Procurement for Improving Governance Session 5: Integrity Protection of eProcurement systems A World Bank live e-learning event addressing the design.
Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University
© Ravi Sandhu Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology.
Presenter Mohamed K. Kamara. Presentation Topic Improving the Granularity of Access Control for Windows 2000 Granularity: Relative fineness to which an.
Secure Dependable Stream Data Management Vana Kalogeraki (UC Riverside) Dimitrios Gunopulos (UC Riverside) Ravi Sandhu (UT San Antonio) Bhavani Thuraisingham.
INSTITUTE FOR CYBER SECURITY 11 Research Opportunities at the Institute for Cyber Security (ICS) Ravi Sandhu Executive Director and Endowed Professor
SharePoint Governance Questions January 2014 ©2014 SUSAN HANLEY LLC.
ROLE BASED ACCESS CONTROL MODELS Dr. Saeed Rajput & Reena Cherukuri.
1 Trust Evidence in Heterogeneous Environments: Towards a Research Agenda Ravi Sandhu Executive Director and Endowed Professor May 2010
7- Sicurezza delle basi di dati. 2 Sommario 1 Database Security and Authorization 1.1 Introduction to Database Security Issues 1.2 Types of Security 1.3.
© 2006 Ravi Sandhu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)
1 An Attribute Based Framework for Risk-Adaptive Access Control Models Ravi Sandhu Executive Director and Endowed Professor August 2011
Windows 2008 Active Directory Configuration – Week 4 of 6 Microsoft Test: Mark McCoy MCSE, CNE, CISSP.
Using VO based federation model for dynamic resource provisioning or VO devirtualised TF-EMC2 – 8-9 September 2005, Barcelona Yuri Demchenko Advanced Internet.
© 2016 SlidePlayer.com Inc. All rights reserved.