Presentation is loading. Please wait.

Presentation is loading. Please wait.

Towards A Times-based Usage Control Model Baoxian Zhao 1, Ravi Sandhu 2, Xinwen Zhang 3, and Xiaolin Qin 4 1 George Mason University, Fairfax, VA, USA.

Published byAnthony Powers Modified over 10 years ago

Similar presentations

Presentation on theme: "Towards A Times-based Usage Control Model Baoxian Zhao 1, Ravi Sandhu 2, Xinwen Zhang 3, and Xiaolin Qin 4 1 George Mason University, Fairfax, VA, USA."— Presentation transcript:

1 Towards A Times-based Usage Control Model Baoxian Zhao 1, Ravi Sandhu 2, Xinwen Zhang 3, and Xiaolin Qin 4 1 George Mason University, Fairfax, VA, USA 2 Institute for Cyber-Security Research at the University of Texas, San Antonio, USA 3 Samsung Information Systems America, San Jose, CA, USA 4 Nanjing University of Aeronautics and Astronautics, Nanjing, China presented by Baoxian Zhao

2 Outline Reviewing access control models –Traditional access control models –Temporal access control models Construction of the TUCON model –Preliminaries of the TUCON model –Times-based authorizations –Authorization rules –The implementation of access control Conclusion and Future work

3 Reviewing existing access control models Traditional access control models >Discretionary Access Control (DAC) >Mandatory Access Control (MAC) >Role-based Access Control (RBAC) Temporal access control models > The temporal authorization models suggested by E.Bertino et al 94,96,98 »Only applied to the DAC model >Temporal Data Authorization Model (TDAM), A. Gal et al 02 »Adding transaction time and valid time >TRBAC 01, GTRBAC 05 >> Adding temporal constraints to RBAC Model

4 Limitations of existing access control models Primary consider authorization decisions constrained by certain time periods Authorizations are static authorization decisions > Authorizations are made at the requested time and hardly recognize ongoing controls for times constrained access or for immediate revocation > Once an authorization decision is made, the object can be accessed without limitation during a valid period!

5 Requirements of new access control Usage of a digital object can not only be time- independent, like read and write But also temporal and times-consuming, such as payment-based online reading, or a downloadable music file that can only be played 10 times within a valid period. It means that authorization can be updated during ongoing usage

6 The principle of the TUCON model Keeping the time periods »Authorizations are still constrained by the time periods Introducing usage times »Times are consumed, to meet the request that the usage of digital objects can be consumed and limited »Times are decreased by 1, to update authorization during a single access process New features of the TUCON model »Authorizations can be updated during ongoing usage. »Authorizations can be consumed »Effectively prevent systems from the attacks of DoS, such as nimda and red codes.

7 Difference From UCON In UCON model, it uses ABC (Authorization, oBligation, Condition) core models to solve these problems In TUCON model, we consider temporal and consumed factors as attributes of Authorizations rather than attributes of subjects or objects Support delegation TUCON is simple to be implemented.

8 Preliminaries of TUCON Definition 1 (Periodic expression) [ Bertino et al. 98] A periodic expression is defined as, where, and are calendars for and. Here let D present the set of all valid periods. Example : From 9:00 AM to 12:00PM during workdays Definition 2 (Times) Times are a set of natural numbers, formally defined as

9 Times-based Authorizations Definition 3 (Times Authorization) A times authorization is a 6-tuple pt,s, o, priv, pn, g, where, Example : Mary grants Bob 5 read privilege on the book of Sun (5, Bob, Sun, read, +, Mary) Definition 4 (Non-Times Authorization) When pt= -1 in a tuple of times authorization, we call this kind of times authorization non-times authorization.

10 Times-based Authorizations (cont) Definition 5 (Times-based Authorization) A times- based authorization is a 3-tuple (time, period, auth) where time represents a time interval, period is a periodical expression, and auth is a 6- tuple authorization. ( ) Example : Between Jan. 12, 2001 and Dec. 24, 2005, Tom has 6 times of privilege read on object file, but he can operate this privilege only on Tuesday each week. [1/12/2001, 12/24/2005] Weaks+2.days,(6,Tom, file, read,+, Sam) )

11 Authorization rules Definition 6 (Grant Rule) A grant rule is defined as the form of: Li can be a trigger condition expression. Example 1 In an application system Business_system, if a registered user Bob pre-pays $1000, he can enjoy a certain super-value service m for 6 times during every Friday since the time 09/12/2006. Let this privilege be super. access( [09/12/2006,+ ], Weeks+5.days, (6, Bob, m, super, +, Business_system)) prepay(Bob,1000) & register (Bob)

12 Authorization rules (cont) Definition 7 (Derived Rule) A derived rule is defined as the form of: Li can be access with conditional expressions Example 2 Now Bob wants to transfer 3 times for enjoying the service m to another user Alice. deraccess( [09/12/2006,+ ], Weeks+5.days, (3, Alice, m, super, +, Business_system)) access ( [09/12/2006,+ ], Weeks+5.days, (6, Bob, m, super,+, Business system)) & give(3, Alice, m, super, Bob) & less(3,6) deraccess( [09/12/2006,+ ], Weaks+5.days, (3, Bob, m, super, +, Business_system)) access ( [09/12/2006,+ ], Weeks+5.days, (6, Bob, m, super,+, Business system)) & give(3, Alice, m, super, Bob) & less(3,6)

13 Authorization rules (cont) Definition 8 (Resolution Rule) A resolution rule is defined as the form of: Li can be access or deraccess or condition expressions specified by security policy Example 3 In example 2, if Alice has 4 times super right on service m. force_access( [09/12/2006,+ ], Weaks+5.days, (7, Alice, m, super, +, Business_system)) access ( [09/12/2006,+ ], Weeks+5.days, (4, Alice, m, super, +, Business system)) & deraccess ( [09/12/2006,+ ], Weeks+5.days, (3, Alice, m, super, +, Business system))

14 THEOREM 1 ( Completeness) The policy in TUCON can be specified by a non-empty set of TUCON rules. Proof: 1 no conflict decisions 2 specifying all possible decisions Completeness of rules

15 The Implementation of Access control Grant privileges Access objects Revoke privileges

16 Grant privileges Times-based authorization >here, pt >0 and pn= + Unlimited authorization >pt=-1 and pn = + How about Times-based authorization &Unlimited authorization?

17 Access objects Times-based Authorization Base (TAB) > A set of authorizations, in which there is no conflict authorizations. Valid Access Function > A function to check every access request against the current TAB to determine whether the access is authorized.

18 Revoke privileges Time intervals > time intervals is expired! Usage Times > pt=0 Other factors > Abusing privileges > Breaking security policies

19 Conclusion and Future Work Wide applications, especially in times- metered systems Viewed as a solution to some specific problems of mutable attributes in modern access control Extend the model by considering different intervals and different periods. Develop the administration of authorization in UCON Using temporal logic to express?

20 Any Question? Thank you !

Download ppt "Towards A Times-based Usage Control Model Baoxian Zhao 1, Ravi Sandhu 2, Xinwen Zhang 3, and Xiaolin Qin 4 1 George Mason University, Fairfax, VA, USA."

Similar presentations

INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.

INSTITUTE FOR CYBER SECURITY 1 Trusted Computing Models Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security University.
INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Cyber-Identity, Authority and Trust in an Uncertain World

Cyber-Identity, Authority and Trust in an Uncertain World
1 Formal Model and Analysis of Usage Control Dissertation defense Student: Xinwen Zhang Director: Ravi S. Sandhu Co-director: Francesco Parisi-Presicce.

1 Formal Model and Analysis of Usage Control Dissertation defense Student: Xinwen Zhang Director: Ravi S. Sandhu Co-director: Francesco Parisi-Presicce.
Cyber-Identity, Authority and Trust in an Uncertain World

Cyber-Identity, Authority and Trust in an Uncertain World
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Cyber-Identity and Authorization in an Uncertain World Ravi Sandhu Laboratory for Information Security Technology www.list.gmu.edu Department of Information.

Cyber-Identity and Authorization in an Uncertain World Ravi Sandhu Laboratory for Information Security Technology Department of Information.
QUN NI 1, SHOUHUAI XU 2, ELISA BERTINO 1, RAVI SANDHU 2, AND WEILI HAN 3 1 PURDUE UNIVERSITY USA 2 UT SAN ANTONIO USA 3 FUDAN UNIVERSITY CHINA PRESENTED.

QUN NI 1, SHOUHUAI XU 2, ELISA BERTINO 1, RAVI SANDHU 2, AND WEILI HAN 3 1 PURDUE UNIVERSITY USA 2 UT SAN ANTONIO USA 3 FUDAN UNIVERSITY CHINA PRESENTED.
Attribute Mutability in Usage Control July 26, 2004, IFIP WG11.3 Jaehong Park, University of Maryland University College Xinwen Zhang, George Mason University.

Attribute Mutability in Usage Control July 26, 2004, IFIP WG11.3 Jaehong Park, University of Maryland University College Xinwen Zhang, George Mason University.
A New Modeling Paradigm for Dynamic Authorization in Multi-Domain Systems MMM-ACNS, September 13, 2007 Manoj Sastry, Ram Krishnan, Ravi Sandhu Intel Corporation,

A New Modeling Paradigm for Dynamic Authorization in Multi-Domain Systems MMM-ACNS, September 13, 2007 Manoj Sastry, Ram Krishnan, Ravi Sandhu Intel Corporation,
1 Safety Analysis of Usage Control (UCON) Authorization Model Xinwen Zhang, Ravi Sandhu, and Francesco Parisi-Presicce George Mason University AsiaCCS.

1 Safety Analysis of Usage Control (UCON) Authorization Model Xinwen Zhang, Ravi Sandhu, and Francesco Parisi-Presicce George Mason University AsiaCCS.
Towards Usage Control Models: Beyond Traditional Access Control 7 th SACMAT, June 3, 2002 Jaehong Park and Ravi Sandhu Laboratory for Information Security.

Towards Usage Control Models: Beyond Traditional Access Control 7 th SACMAT, June 3, 2002 Jaehong Park and Ravi Sandhu Laboratory for Information Security.
Towards a VMM-based Usage Control Framework for OS Kernel Integrity Protection Min Xu George Mason University Xuxian Jiang George Mason University Ravi.

Towards a VMM-based Usage Control Framework for OS Kernel Integrity Protection Min Xu George Mason University Xuxian Jiang George Mason University Ravi.
Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu www.list.gmu.edu.

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
11 World-Leading Research with Real-World Impact! A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu.

11 World-Leading Research with Real-World Impact! A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu.
Institute for Cyber Security

Institute for Cyber Security
A Usage-based Authorization Framework for Collaborative Computing Systems Xinwen Zhang George Mason University Masayuki Nakae NEC Corporation Michael J.

A Usage-based Authorization Framework for Collaborative Computing Systems Xinwen Zhang George Mason University Masayuki Nakae NEC Corporation Michael J.
Usage Control: UCON Ravi Sandhu. © Ravi Sandhu2 Problem Statement Traditional access control models are not adequate for todays distributed, network-

Usage Control: UCON Ravi Sandhu. © Ravi Sandhu2 Problem Statement Traditional access control models are not adequate for todays distributed, network-
Logical Model and Specification of Usage Control Xinwen Zhang, Jaehong Park Francesco Parisi-Presicce, Ravi Sandhu George Mason University.

Logical Model and Specification of Usage Control Xinwen Zhang, Jaehong Park Francesco Parisi-Presicce, Ravi Sandhu George Mason University.
ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.

ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.

Similar presentations

Ads by Google