5 Success is largely unrecognized by the security community Security SuccessesOn-line bankingOn-line tradingAutomatic teller machines (ATMs)GSM phonesSet-top boxes…………………….Success is largely unrecognizedby the security community
6 Business models dominate Good enough securityReal-world usersSecurity geeksSECUREEASYend usersoperations staffhelp deskwhose securityperception or reality of securitySystem ownerBusiness models dominatesecurity modelsCOSTsystem solutionoperational costopportunity costcost of fraud
7 Good enough security COST L M H Entrepreneurial mindset H 1 2 3 AcademicmindsetRISK234ML345
8 RBAC96 model (Currently foundation of a NIST/ANSI/ISO standard) ROLE HIERARCHIESUSER-ROLEASSIGNMENTPERMISSIONS-ROLEASSIGNMENTUSERSROLESPERMISSIONS...SESSIONSCONSTRAINTS
9 Fundamental Theorem of RBAC RBAC can be configured to do MACMAC is Mandatory Access Control as defined in the Orange BookRBAC can be configured to do DACDAC is Discretionary Access Control as defined in the Orange BookRBAC is policy neutral
10 THE OM-AM WAY A What? s u Objectives r Model a n Architecture c MechanismHow?
11 OM-AM AND MANDATORY ACCESS CONTROL (MAC) uranceWhat?How?No information leakageLattices (Bell-LaPadula)Security kernelSecurity labels
12 OM-AM AND DISCRETIONARY ACCESS CONTROL (DAC) uranceWhat?How?Owner-based discretionnumerousACLs, Capabilities, etc
13 OM-AM AND ROLE-BASED ACCESS CONTROL (RBAC) uranceWhat?How?Objective neutralRBAC96, ARBAC97, etc.user-pull, server-pull, etc.certificates, tickets, PACs, etc.
14 RBAC96 Model ... ROLES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE USERS SESSIONSROLE HIERARCHIESCONSTRAINTSThis is a somewhat busy slideIt shows a bird’s eye view of RBACThere are many details that need to be debated and filled inSome of these will be discussed in the subsequent panelFor our purpose the bird’s eye view will suffice
18 Usage Control (UCON) Coverage Protection ObjectivesSensitive information protectionIPR protectionPrivacy protectionProtection ArchitecturesServer-side reference monitorClient-side reference monitorSRM & CRM
19 Core UCON (Usage Control) Models ongoingN/AContinuityDecision can be made during usage for continuous enforcementMutabilityAttributes can be updated as side-effects of subjects’ actions
20 Examples Long-distance phone (pre-authorization with post-update) Pre-paid phone card (ongoing-authorization with ongoing-update)Pay-per-view (pre-authorization with pre-updates)Click Ad within every 30 minutes (ongoing-obligation with ongoing-updates)Business Hour (pre-/ongoing-condition)
21 Good enough security COST Entrepreneurial Mindset 80% problem soft, informalordinary consumersLMHAcademicMindset120% problemhard, informaltechno-geeksH123RISK234ML345