Presentation is loading. Please wait.

Presentation is loading. Please wait.

ARBAC 97 (ADMINISTRATIVE RBAC) Ravi Sandhu Venkata Bhamidipati Ed Coyne Srinivas Ganta Qamar Munawer Charles Youman.

Similar presentations


Presentation on theme: "ARBAC 97 (ADMINISTRATIVE RBAC) Ravi Sandhu Venkata Bhamidipati Ed Coyne Srinivas Ganta Qamar Munawer Charles Youman."— Presentation transcript:

1 ARBAC 97 (ADMINISTRATIVE RBAC) Ravi Sandhu Venkata Bhamidipati Ed Coyne Srinivas Ganta Qamar Munawer Charles Youman

2 2 © Ravi Sandhu 1997 ARBAC97 DECENTRALIZES u user-role assignment (URA97) u permission-role assignment (PRA97) u role-role hierarchy n groups or user-only roles (extend URA97) n abilities or permission-only roles (extend PRA97) n UP-roles or user-and-permission roles (RRA97)

3 3 © Ravi Sandhu 1997 ADMINISTRATIVE RBAC ROLES USERS PERMISSIONS... ADMIN ROLES ADMIN PERMISSIONS CAN- MANAGE

4 4 © Ravi Sandhu 1997 ADMINISTRATIVE RBAC RBAC2RBAC1 RBAC0 RBAC3 ARBAC2ARBAC1 ARBAC0 ARBAC3

5 5 © Ravi Sandhu 1997 EXAMPLE ROLE HIERARCHY Employee (E) Engineering Department (ED) Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Director (DIR) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1

6 6 © Ravi Sandhu 1997 EXAMPLE ADMINISTRATIVE ROLE HIERARCHY Senior Security Officer (SSO) Department Security Officer (DSO) Project Security Officer 1 (PSO1) Project Security Officer 2 (PSO2)

7 7 © Ravi Sandhu 1997 USER-ROLE ASSIGNMENT CAN-ASSIGN-USER ARolePrereq RoleRole Range PSO1ED[E1,PL1) PSO2ED[E2,PL2) DSOED(ED,DIR) SSOE[ED,ED] SSOED(ED,DIR]

8 8 © Ravi Sandhu 1997 USER-ROLE ASSIGNMENT CAN-ASSIGN-USER ARolePrereq CondRole Range PSO1ED[E1,E1] PSO1ED & ¬ P1[Q1,Q1] PSO1ED & ¬ Q1[P1,P1] PSO2ED[E2,E2] PSO2ED & ¬ P2[Q2,Q2] PSO2ED & ¬ Q2[P2,P2]

9 9 © Ravi Sandhu 1997 USER-ROLE ASSIGNMENT CAN-REVOKE-USER ARoleRole Range PSO1[E1,PL1) PSO2[E2,PL2) DSO(ED,DIR) SSO[ED,DIR]

10 10 © Ravi Sandhu 1997 USER-ROLE ASSIGNMENT REVOCATION u WEAK REVOCATION l revokes explicit membership only u STRONG REVOCATION l revokes explicit and implicit membership l revocation propagates upwards to senior roles l defined in terms of weak revoke

11 11 © Ravi Sandhu 1997 PERMISSION-ROLE ASSIGNMENT u dual of user-role assignment u can-assign-permission can-revoke-permission u weak revoke strong revoke (propagates down)

12 12 © Ravi Sandhu 1997 PERMISSION-ROLE ASSIGNMENT CAN-ASSIGN-PERMISSION ARolePrereq CondRole Range PSO1PL1[E1,PL1) PSO2PL2[E2,PL2) DSOE1 E2[ED,ED] SSOPL1 PL2 [ED,ED] SSOED[E,E]

13 13 © Ravi Sandhu 1997 PERMISSION-ROLE ASSIGNMENT CAN-REVOKE-PERMISSION ARoleRole Range PSO1[E1,PL1] PSO2[E2,PL2] DSO(ED,DIR) SSO[ED,DIR]

14 14 © Ravi Sandhu 1997 RRA97 Group roles Users only UP-roles Users and Permissions Ability roles Permissions only Extended URA97RRA97Extended PRA97

15 15 © Ravi Sandhu 1997 RRA97 u OBJECTIVE l Decentralization of role-role relationships l Administrative role autonomy within a range. l Encapsulation of authority Ranges.

16 16 © Ravi Sandhu 1997 EXAMPLE ROLE HIERARCHY Employee (E) Engineering Department (ED) Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Director (DIR) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1

17 17 © Ravi Sandhu 1997 Range Hierarchy Range Create Range Encap. Range Authority Range

18 18 © Ravi Sandhu 1997 RRA97 - Definitions u Range: l (x, y) = {r : Roles | x < r < y} u Authority Range: l A range referenced in can-modify relation u Junior Authority range: The range (x, y) is junior to range (x, y) if ( x x y y) ( x > x y > y) l The range (x, y) is a senior range

19 19 © Ravi Sandhu 1997 RRA97 - Definitions u Partial Overlap of Ranges: l The ranges Y and Y partially overlap if Y Y and Y Y Y Y

20 20 © Ravi Sandhu 1997 RRA97 - Definitions u Encapsulated Authority Range: l The authority range (x, y) is said to be encapsulated if r1 (x, y) and r2 (x, y) – r2 > r1 r2 > y – r2 < r1 x < r2

21 21 © Ravi Sandhu 1997 Encapsulated Range (x, y) x y r1r2 r3 x y r4

22 22 © Ravi Sandhu 1997 Non-encapsulated Range (x, y) x y r1r2 r3 x y r4

23 23 © Ravi Sandhu 1997 RRA97 - Definitions u Set of Authority Ranges: { x, y : roles | (x, y) is an authority range} u Immediate Authority Range of role r: The authority range (x, y) is immediate authority range of role r (x, y) if (x, y) set of AR | (x, y) (x, y) r (x, y)

24 24 © Ravi Sandhu 1997 RRA97 - Definitions u Create Range: l The range (x, y) is a create range if (a) AR immediate (x) = AR immediate (y) (b) x = End point of AR immediate (y) n (c) y = End point of AR immediate (x) u Immediate Senior roles: l r1 > immediate r2 if r roles r > r2 ( r r1)

25 25 © Ravi Sandhu 1997 Create Range x y r1r2 r3 x y r4 A B

26 26 © Ravi Sandhu 1997 RRA97 - Definitions u Immediate Junior Roles: l r1 < immediate r2 r roles r > r1 ( r < r2) u Inactive Roles: l A user associated to it cannot use it. l Inheritance of permissions is not affected. l Permissions and users can be revoked.

27 27 © Ravi Sandhu 1997 INSERT ROLE u Role is inserted one at a time. u Roles can be inserted only in create range. u Create-role(r, (x, y)) inserts a role r in create range (x, y) such that it is junior to y and senior to x.

28 28 © Ravi Sandhu 1997 Example: Create-role(r, (r1, r2)) x y rr1r2

29 29 © Ravi Sandhu 1997 DELETE ROLE u Roles referred in can-assign,can- revoke and can-modify cannot be deleted. u Roles can be deleted only if they are empty.

30 30 © Ravi Sandhu 1997 DELETE ROLE (Continued) u RELAXATIONS: u Roles referred in can-assign,can- revoke and can-modify can be made inactive. u Role is deleted only after its permissions are assigned to immediate senior and users to immediate junior roles.

31 31 © Ravi Sandhu 1997 INSERTION OF AN EDGE u Implied edges are not considered. u Inserted only between incomparable roles (No Cycles) u Inserted one at a time. u The edge AB is inserted if l (a) AR immediate (A) = AR immediate (B) and l (b) For a junior authority range (x, y): (A = y B > x) or (B = x A < y) must ensure encapsulation of (x, y).

32 32 © Ravi Sandhu 1997 DELETION OF AN EDGE u Deleted one at a time. u Implied edges are no considered. u The edges in transitive reduction are candidates for deletion. u Edges connecting the end points of an authority range cannot be deleted. u When edges AB is deleted then necessary edges must be inserted to preserve implications.

33 33 © Ravi Sandhu 1997 System Calls u To create a role in create range Y create-role(r, Y) u To delete a role r delete-role(r) u To add edge AB add-edge(A, B) u To delete an edge AB delete-edge(A, B) u To inactivate a role r inactivate-role (r) u To activate a role r Activate-role (r)

34 34 © Ravi Sandhu 1997 Strong Deletions u Strong deletion of role. u Strong deletion of an edge.


Download ppt "ARBAC 97 (ADMINISTRATIVE RBAC) Ravi Sandhu Venkata Bhamidipati Ed Coyne Srinivas Ganta Qamar Munawer Charles Youman."

Similar presentations


Ads by Google