We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byClaire McCurdy
Modified over 2 years ago
4 June 2002© TrueTrust Ltd1 PMI Components Oleksandr Otenko Research Student ISSRG, University of Salford
4 June 2002© TrueTrust Ltd2 Traditional Applications Authentication and Authorisation are Internal to the Application UserName/ Password Lists Access Control Lists Multiple passwords Multiple usernames Confusion!! Multiple Administrators High cost of administration No overall Security Policy
4 June 2002© TrueTrust Ltd3 Enter PKI Authentication is External to the Application Access Control Lists One password or pin to access private key Happy Users! Multiple Administrators High cost of administration No overall Security Policy Digital Signature Public Key Infrastructure Application Gateway
4 June 2002© TrueTrust Ltd4 Enter PMI Authentication and Authorisation are External to the Application One password or pin to access private key Happy Users! Fewer Administrators Lower cost of admin Overall Security Policy Digital Signature Public Key Infrastructure Application Gateway Privilege Management Infrastructure
4 June 2002© TrueTrust Ltd5 X.812|ISO Access Control Framework ADF Initiator Target Submit Access Request Present Access Request Decision Request Decision AEF
4 June 2002© TrueTrust Ltd6 ADF API Decision Request Decision AEF ADF Examples: OpenGroup AZN API IETF GAA API PERMIS API Application specific Application independent
4 June 2002© TrueTrust Ltd7 PERMIS API System Structure ADF The PERMIS PMI API Initiator Target Submit Signed Access Request Present Access Request Decision Request Decision LDAP Directory Retrieve Policy and Role ACs AEF Authentication Service Application Gateway PERMIS API Implementation PKI
4 June 2002© TrueTrust Ltd8 PERMIS PMI Components Privilege Policy Schema/DTD –This defines the rules that govern the creation of the Privilege Policy (Access Control Policy) Privilege Allocator –This tool allows an administrator to create and sign Attribute Certificates, including a Policy AC (this is a signed version of the Privilege Policy), and store them in an LDAP directory The PERMIS PMI Implementation –This grants or denies Initiators access to resources, based on the Privilege Policy and the ACs of the Initiator. The ADF is accessed via the PERMIS API
4 June 2002© TrueTrust Ltd9 Application Specific Components The Access Enforcement Function –Its task is to ensure the Initiator is authenticated by the PKI, then to call the ADF, and give access to the target if allowed The PKI –Any standard conforming PKI can be used Java PKCS#11-like Interface to the PERMIS PMI The Privilege Policy in XML –This must be written according to the schema/DTD LDAP Directory –To store the Policy and Initiator ACs
4 June 2002© TrueTrust Ltd10 Permis RBAC Users Roles Targets/ Actions Subject Policy + SOA Policy Bill Mary Fred Jane Manager Project Leader Team Leader Employee Role Hierarchy Policy Role Assignment Policy + Delegation Policy Target Policy + Action Policy Salary Increases Access Building Delete Files Read Files Sign Orders Role Specification Policy (Target Access Policy )
4 June 2002© TrueTrust Ltd11 PERMIS X.509 PMI RBAC Policy Role Based Access Control Policy written in XML Initiators are given Role Assignment ACs A role is loosely defined as any Attribute Type and Attribute Value Role values can form a hierarchy, where superiors inherit the privileges of their subordinates e.g. CTO>PM>TL>TM ACs can be issued by any trusted AA Access is based on the Roles
4 June 2002© TrueTrust Ltd12 An Example Set of Roles Chartered Architect ISO 9000 Chief Architect SOA= Royal College of Architects SOA= BSI Architect Junior Architect SOA= Company Managing Director
4 June 2002© TrueTrust Ltd13 Role Assignment Policy Components SOA Policy –Specifies who is trusted to issue ACs Subject Policy Role Hierarchy Policy Role Assignment Policy
4 June 2002© TrueTrust Ltd14 Subject Policy Users Roles Targets/ Actions Subject Policy + SOA Policy Bill Mary Fred Jane Manager Project Leader Team Leader Employee Role Hierarchy Policy Role Assignment Policy + Delegation Policy Target Policy + Action Policy Salary Increases Access Building Delete Files Read Files Sign Orders Role Specification Policy (Target Access Policy ) –Specifies subject domains based on LDAP subtrees
4 June 2002© TrueTrust Ltd15 An Example Subject Policy
4 June 2002© TrueTrust Ltd16 Role Hierarchy Policy Users Roles Targets/ Actions Subject Policy + SOA Policy Bill Mary Fred Jane Manager Project Leader Team Leader Employee Role Hierarchy Policy Role Assignment Policy + Delegation Policy Target Policy + Action Policy Salary Increases Access Building Delete Files Read Files Sign Orders Role Specification Policy (Target Access Policy ) –Specifies hierarchy of role values
4 June 2002© TrueTrust Ltd17 An Example Role Hierarchy Policy TenderOfficer TenderClerk Tenderer
4 June 2002© TrueTrust Ltd18 Role Assignment Policy Users Roles Targets/ Actions Subject Policy + SOA Policy Bill Mary Fred Jane Manager Project Leader Team Leader Employee Role Hierarchy Policy Role Assignment Policy + Delegation Policy Target Policy + Action Policy Salary Increases Access Building Delete Files Read Files Sign Orders Role Specification Policy (Target Access Policy ) –Says which roles can be given to which subjects by which SOAs, with which validity times and whether delegation is allowed
4 June 2002© TrueTrust Ltd19 An Example Role Assignment Policy
4 June 2002© TrueTrust Ltd20 Target Access Policy Components Target Policy –Specifies the target domains covered by this policy, using LDAP subtrees Action Policy –Specifies the actions (operations) supported by the targets, along with their allowed operands Target Access Policy
4 June 2002© TrueTrust Ltd21 Target Access Conditions A condition comprises: –a comparison operator –the LHS operand(variable), described by its source, name and type, and variable source is the action or the environment Eg. Source Read action, Name filename, Type string Eg. Source environment, Name time of day, Type time –a series of one or more variables or constant values against which the LHS operand is to be compared Conditions may be combined using AND, OR, NOT
4 June 2002© TrueTrust Ltd22 Target Access Policy Users Roles Targets/ Actions Subject Policy + SOA Policy Bill Mary Fred Jane Manager Project Leader Team Leader Employee Role Hierarchy Policy Role Assignment Policy + Delegation Policy Target Policy + Action Policy Salary Increases Access Building Delete Files Read Files Sign Orders Role Specification Policy (Target Access Policy ) –Specifies which roles are needed to access which targets for which actions, and under what conditions
4 June 2002© TrueTrust Ltd23 An Example Target Access Policy
4 June 2002© TrueTrust Ltd24 An Example Condition Statement
4 June 2002© TrueTrust Ltd25 Creating Your Own Policy If an XML expert, simply use your favourite text editor Or use an XML tool such as Xeena from IBM Alphaworks
4 June 2002© TrueTrust Ltd26 The Privilege Allocator A tool for creating Attribute Certificates
4 June 2002© TrueTrust Ltd27 The PERMIS API Three Simple Methods: getCreds, decision, finalize and a Constructor Written in Java and based on the OpenGroups AZN API Constructing the API object –Pass the name of the administrator, the OID of the policy and the URLs of the LDAP repositories –During construction, the API reads in the Policy AC and verifies its signature and OID
4 June 2002© TrueTrust Ltd28 The PERMIS API (cont) GetCreds –Pass the authenticated name (LDAP DN) of the subject –Pull mode, GetCreds retrieves the subjects ACs –Push mode, ACs are passed to GetCreds –ACs are validated and roles extracted Decision –Pass the target name, the action, and the parameters of the subjects request –Decision checks the request against the policy and returns Granted or Denied Finalize –Terminates the use of this policy
4 June 2002© TrueTrust Ltd29 Privilege Allocator LDAP directory Attribute Certificates + ACRLs SOA Remote Application User Privilege Policy INTERNET INTRANET PKI Certifies PK Certs+ PKCRLs Authorises Putting it altogether - Allocating Privileges LDAP directory
4 June 2002© TrueTrust Ltd30 Privilege Creation Steps SOA defines Privilege Policy using Privilege Allocator Privilege Policy is stored in LDAP directory as self signed Attribute Certificate SOA allocates privileges to user, in accordance with the Privilege Policy SOA can revoke user privileges SOA can update Privilege Policy
4 June 2002© TrueTrust Ltd31 E- Commerce Application Server LDAP directory Privilege Policy ACs + ACRLs + PK CRLs Remote Application User Digitally Signed Request (SSL or S/MIME) Privilege Verifier INTERNET INTRANET Granting User Access Application Gateway Accesses using privileges granted the user LDAP directory
4 June 2002© TrueTrust Ltd32 Example Applications Salford City Council - Electronic Tendering Barcelona Municipality - Car Parking Fines Bologna Comune - architects submitting building plans Electronic Prescription Processing
4 June 2002© TrueTrust Ltd33 Thank you! Alex Otenko Our site: PERMIS project:
AHM 2006 September 2006 DyVOSE Project: Experiences in Applying Advanced Authorisation Infrastructures John Watt (
University of Murcia (Spain) New Security Services Based on PKI Antonio F. Gómez Skarmeta University of Murcia SPAIN.
NIST PKI workshop Mary Thompson Srilekha Mudumbai Abdelilah Essiari Willie Chin Lawrence Berkeley National Laboratory Authorization Policy in a PKI Environment.
International Telecommunication Union Workshop on Standardization in E-health Geneva, May 2003 The Use of X.509 in E-Healthcare Professor David W.
Active Directory Federation Services How does it really work? John Craddock
Windows 2008 Active Directory Configuration – Week 4 of 6 Microsoft Test: Mark McCoy MCSE, CNE, CISSP.
Tecnologia dei Servizi Grid e cloud computing - Lezione 005b 0 Lezione 5B - 18 Novembre 2009 Il materiale didattico usato in questo corso è stato mutuato.
Windows 2008 Active Directory Configuration – Week 3 of 6 Microsoft Test: Mark McCoy MCSE, CNE, CISSP.
Enabling Secure Internet Access with ISA Server. Enabling Secure Access to Internet Resources What Is Secure Access to Internet Resources? –Users can.
Integrated... Interoperable... Institutional... Implementation... Institutional VLE - Library Integration at University of Ulster.
Seminar: Solutions and Infrastructure to ensure Trust in E-Commerce Marco Casassa Mont Trusted E-Services Laboratory Hewlett-Packard.
Prof.Dr.Victor PATRICIU, ROMANIA ITU- E-Commerce Centers for the CEE, CIS & Baltic States Regional Seminar on E-Commerce May, 14-17, 2002, Bucharest, ROMANIA.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 4: There’s more to it than RACF.
Business Objects Web Intelligence Business Objects Web Intelligence.
©Silberschatz, Korth and Sudarshan8.1Database System Concepts, 5 th Ed, slide version 5.0, August Chapter 8: Application Design and Development.
Internet2 Shibboleth Project TERENA Networking Conference 2002, Limerick, Ireland RL Bob Morgan, Washington Steven Carmody, Brown Scott Cantor, Ohio.
Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.
A Federated Single Sign-On architecture with multi factor authentication A high level yet somewhat technical presentation.
Auditing Oracle Lisa Outlaw CISA, CISSP, ITIL Foundation IS Audit Supervisor, North Carolina State Auditor.
Project Management in Team Software Projects The primary challenge of project management is to achieve all of the goals of the project charter while adhering.
DITA Enterprise Content Metamodel. Introduction Objectives Develop a universal metamodel to describe typical business document content Identify reusable.
Day 2: Hands-on UML Using UML to put MITA to work to solve the immediate process improvement needs of states.
7- Sicurezza delle basi di dati. 2 Sommario 1 Database Security and Authorization 1.1 Introduction to Database Security Issues 1.2 Types of Security 1.3.
Working with Data Managers Renee Woodten Frost Internet2 Middleware Initiative University of Michigan Copyright Renee Woodten Frost This work is.
Research and NeSC Applications Prof Richard Sinnott Technical Director National e-Science Centre 26 th October 2006.
Of An Expert System. Introduction What is AI? Intelligent in Human & Machine? What is Expert System? How are Expert System used? Elements of ES Who are.
Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
Grid Security Alvaro Arenas e-Science Centre, RAL, UK CoreGRID Summer School 2006.
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice. Overcoming the SOA Network Fallacy Roberto Medrano.
COS Web Application Architectures Lecture 10 Access Control.
© 2017 SlidePlayer.com Inc. All rights reserved.