We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byJack Moran
Modified over 4 years ago
ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University
2 © Ravi Sandhu SECURITY OBJECTIVES INTEGRITY less studied AVAILABILITY least studied CONFIDENTIALITY most studied USAGE newest
3 © Ravi Sandhu SECURITY TECHNOLOGIES u Access Control u Cryptography u Audit and Intrusion Detection u Authentication u Assurance u Risk Analysis u.......................
4 © Ravi Sandhu CRYPTOGRAPHY LIMITATIONS u Cryptography cannot protect confidentiality and integrity of l data, keys, software in end systems u Prevent or detect use of covert channels
5 © Ravi Sandhu AUDIT AND INTRUSION DETECTION LIMITATIONS u Intrusion detection cannot by itself l protect audit data and audit collection and analysis software l prevent security breaches l protect against covert channels
6 © Ravi Sandhu ACCESS CONTROL LIMITATIONS u Access control cannot by itself l protect data in transit or storage on an insecure medium l safeguard against misuse by authorized users l protect against covert channels
7 © Ravi Sandhu AUTHENTICATION LIMITATIONS u By itself authentication does very little but what it does is critical u pre-requisite for effective l cryptography l access control l intrusion detection
8 © Ravi Sandhu A MIX OF MUTUALLY SUPPORTIVE TECHNOLOGIES AUTHENTICATION INTRUSION DETECTION CRYPTOGRAPHY ACCESS CONTROL ASSURANCE RISK ANALYSIS SECURITY ENGINEERING & MANAGEMENT
9 © Ravi Sandhu CLASSICAL ACCESS CONTROL DOCTRINE u Lattice-based mandatory access control (MAC) l strong l too strong l not strong enough u Owner-based discretionary access control (DAC) l too weak l too confused
10 © Ravi Sandhu ISSUES IN LATTICE-BASED MAC u MAC enforces one-directional information flow in a lattice of security labels u can be used for aspects of l confidentiality l integrity l aggregation (Chinese Walls)
11 © Ravi Sandhu PROBLEMS WITH LATTICE- BASED MAC u does not protect against covert channels and inference l not strong enough u inappropriate l too strong
12 © Ravi Sandhu ISSUES IN OWNER-BASED DAC u negative rights u inheritance of rights l interaction between positive and negative rights u grant flag u delegation of identity u temporal and conditional authorization
13 © Ravi Sandhu PROBLEMS WITH OWNER- BASED DAC u does not control information flow l too weak u inappropriate in many situations l too weak l too confused
14 © Ravi Sandhu BEYOND OWNER-BASED DAC u separation between ability l to use a right l to grant a right u non-discretionary elements l user who can use a right should not be able to grant it and vice versa
15 © Ravi Sandhu NON-DISCRETIONARY (BEYOND LATTICE-BASED MAC) u control of administrative scope l rights that can be granted l to whom rights can be granted u rights that cannot be simultaneously granted to same user u rights that cannot be granted to too many users
16 © Ravi Sandhu WHAT IS THE POLICY IN NON- DISCRETIONARY ACCESS CONTROL? u Non-discretionary access control is a means to articulate policy u does not incorporate policy but does support security principles l least privilege l abstract operations l separation of duties
17 © Ravi Sandhu ISSUES IN NON-DISCRETIONARY ACCESS CONTROL u models for non-discretionary propagation of access rights u role-based access control (RBAC) u task-based authorization (TBA)
18 © Ravi Sandhu u HRU, 1976 u TAKE-GRANT, 1976-82 u SPM/ESPM, 1985-92 u TAM/ATAM, 1992 onwards NON-DISCRETIONARY PROPAGATION MODELS
19 © Ravi Sandhu NON-DISCRETIONARY PROPAGATION MODELS u type-based non-discretionary controls u rights that authorize propagation can be separate or closely related to right being propagated u testing for absence of rights is essential for dynamic separation policies
20 © Ravi Sandhu ROLE-BASED ACCESS CONTROL: RBAC 0 ROLES USER-ROLE ASSIGNMENT PERMISSION-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS
21 © Ravi Sandhu ROLE-BASED ACCESS CONTROL: RBAC 1 ROLES USER-ROLE ASSIGNMENT PERMISSION-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE HIERARCHIES
22 © Ravi Sandhu HIERARCHICAL ROLES Health-Care Provider Physician Primary-Care Physician Specialist Physician
23 © Ravi Sandhu HIERARCHICAL ROLES Engineer Hardware Engineer Software Engineer Supervising Engineer
24 © Ravi Sandhu ROLE-BASED ACCESS CONTROL: RBAC 3 ROLES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE HIERARCHIES CONSTRAINTS
25 © Ravi Sandhu RBAC MANAGEMENT ROLES USERS PERMISSIONS... ADMIN ROLES ADMIN PERMISSIONS CAN- MANAGE
26 © Ravi Sandhu RBAC MANAGEMENT S T1 T2 S3 T4 T5 P3 P ADMINISTRATIVE ROLE HIERARCHY CSO SO1SO2SO3 ROLE HIERARCHY
27 © Ravi Sandhu ROLES AND LATTICES u RBAC can enforce classical lattice- based MAC H L HR LR LW HW LATTICE ROLES
28 © Ravi Sandhu ROLES AND LATTICES u RBAC can accommodate variations of classical lattice-based MAC H L HR LR LW HW LATTICE ROLES
29 © Ravi Sandhu TASK-BASED AUTHORIZATION (TBA) u beyond subjects and objects u authorization is in context of some task u transient use-once permissions instead of long-lived use-many-times permissions
30 © Ravi Sandhu TRANSACTION CONTROL EXPRESSIONS (TCEs) u TCEs are an example of TBA prepare clerk; approve supervisor; issue clerk;
31 © Ravi Sandhu CONCLUSION u access control is important u there are many open issues
Advanced Piloting Cruise Plot.
Cyber-Identity, Authority and Trust in an Uncertain World
George Mason University
1 Framework for Role-Based Delegation Models (RBDMs) By: Ezedin S.Barka and Ravi Sandhu Laboratory Of Information Security Technology George Mason University.
© 2004 Ravi Sandhu A Perspective on Graphs and Access Control Models Ravi Sandhu Laboratory for Information Security Technology George.
INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.
Ravi Sandhu Venkata Bhamidipati
© 2006 Ravi Sandhu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)
1 A Model of OASIS Role-Based Access Control and Its Support for Active Security Rick Murphy, IT 862, Spring 2005.
ARBAC 97 (ADMINISTRATIVE RBAC)
1 TRANSACTION CONTROL EXPRESSIONS (TCEs) Ravi Sandhu.
Logical Model and Specification of Usage Control Xinwen Zhang, Jaehong Park Francesco Parisi-Presicce, Ravi Sandhu George Mason University.
ROLE HIERARCHIES AND CONSTRAINTS FOR LATTICE-BASED ACCESS CONTROLS
SECURING CYBERSPACE: THE OM-AM, RBAC AND PKI ROADMAP Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University
Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.
Future Directions in Role-Based Access Control Models Ravi Sandhu Co-Founder and Chief Scientist SingleSignOn.Net & Professor of Information Technology.
ENGINEERING AUTHORITY AND TRUST IN CYBERSPACE: A ROLE-BASED APPROACH Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
A Logic Specification for Usage Control Xinwen Zhang, Jaehong Park Francesco Parisi-Presicce, Ravi Sandhu George Mason University SACMAT 2004.
© 2018 SlidePlayer.com Inc. All rights reserved.