1. ROLE BASED ACCESS CONTROL 1 Group 4 : Lê Qu ố c Thanh Tr ầ n Vi ệ t Tu ấ n Anh

2. 2 1)Introduction 2) Background 3)RBAC Reference Model 4) Components of RBAC Core RBAC Hierarchical RBAC Static Separation of Duty Relations Dynamic Separation of Duty Relations 5)Advantages and Disadvantages of RBAC 6)Demo OUTLINE

3. 3 INTRODUCTION - Role base access control :  is an access policy determined by the system, not by the owner  uses a centrally set of controls to determine how users and objects interact to each other. - The main point of RBAC is that permissions are associated with roles, and users are assigned to appropriate roles

4. 4 BACKGROUND Terms Definition: job functions  Roles are defined based on job functions and can be viewed as a set of permissions. authorities and responsibilities of a job  Permissions are defined based on authorities and responsibilities of a job.  Operations on an object are invocated based on the permissions.  Objects can be any system resources such as a files, database record, etc. based on the assigned role and  Users have access to an object based on the assigned role and can be easily reassigned from one role to another. RBAC differs from DAC in that DAC allows users to control access to their resources directly, while in RBAC, access is controlled at the system level, outside of the user's control.

5. 5 BACKGROUND (count) Non-role-based systems Role-Based Access Control Systems (RBAC) AliceBobCarlDaveEva Windows Account Linux Account Web service Account Oracle Account Users: Objects: AliceBobCarlDaveEva Windows Account Linux Account Web service Account Oracle Account DB AdminWeb AdminSoftware Developer Users: Roles: Objects:

6. 6 RBAC REFERENCE MODEL The RBAC model is defined in terms of four model components: Core RBAC Hierarchical RBAC Static Separation of Duty Relations Dynamic Separation of Duty Relations Each component is defined by subcomponents: Set of basic elements sets A set of RBAC relations involving those elements sets. A set of mapping functions that yield instances of members from one element set for a given instance from another element set.

7. 7 COMPONENTS OF RBAC 1) Core RBAC -Core RBAC: defines a minimum collection of RBAC elements, element sets, and relations in order to completely achieve a Role-Based Access Control system. This includes user-role assignment and permission-role assignment relations, considered fundamental in any RBAC system. is required in any RBAC system, but the other components are independent of each other and may be implemented separately. defines basic functionality, any implementation of the RBAC standard has to follow:  Creating and deleting users, roles and sessions  Creating and deleting permissions on resources

8. 8 COMPONENTS OF RBAC 1) Core RBAC Many-to-many relationship among individual users and roles Session is a mapping between a user and an activated subset of assigned roles user_sessionssession_roles (UA) User Assign- ment (PA) Permission Assignment USERSOBJECTSOPERATIONS SESSIONS ROLES PERMISSIONS one-to-many relationship many-to-many relationship

9. 9 COMPONENTS OF RBAC 2) Hierarchical RBAC Hierarchical RBAC:  is mathematically a partial order defining a inheritance relations between roles  adds relations for supporting role hierarchies. Two types of role hierarchies General Hierarchical: support for an arbitrary partial order to serve as role hierarchy, to include the concept of multiple inheritance of permissions and user membership among roles. Limited Hierarchical: impose restrictions resulting in a simpler tree structure

10. 10 COMPONENTS OF RBAC 2) Hierarchical RBAC Role hierarchies define an inheritance relation among roles Two types of hierarchies: - Limited hierarchies - General hierarchies user_sessions (RH) Role Hierarchy (UA) User Assignment (PA) Permission Assignment USERSOBJECTSOPERATIONS SESSIONS ROLES PERMISSIONS

11. 11 COMPONENTS OF RBAC 3) Static Separation of Duty Relations Static Separation of Duty Relations (SSD) :  Sets define two or more roles that cannot be assigned to the same user at any time  These restrictions are checked each time a user is assigned to a role  SSD relations define and place constraints on a user’s total permission space  SSD relations may exist within hierarchical RBAC

12. 12 COMPONENTS OF RBAC 3) Static Separation of Duty Relations SSD relations place constraints on the assignments of users to roles. Membership in one role may prevent the user from being a member of one or more other roles, depending on the SSD rules enforced. user_sessions (RH) Role Hierarchy (UA) User Assignment (PA) Permission Assignment USERSOBJECTSOPERATIONS SESSIONS ROLES PERMISSIONS STATIC SEPARATION OF DUTY

13. 13 COMPONENTS OF RBAC 4) Dynamic Separation of Duty Relations Dynamic separation of duty (DSD):  Restrictions are only checked when activating a role for a user's session  Active roles are assigned to a user's session  Users are allowed to be assigned to roles that exclude on another but they are not allowed to activate them at the same time

14. 14 COMPONENTS OF RBAC 4) Dynamic Separation of Duty Relations DSD relations place constraints on the roles that can be activated in a user’s session. If one role that takes part in a DSD relation is activated, the user cannot activate the related role in the same session (conflicting) user_sessions (RH) Role Hierarchy session_roles (UA) User Assignment (PA) Permission Assignment USERSOBJECTSOPERATIONS SESSIONS ROLES PERMISSIONS DYNAMIC SEPARATION OF DUTY

15. 15 ADVANTAGES OF RBAC Easy to enforce enterprise-specific security policies Security management is simplified Reduce administrative costs Ensure system integrity and availability by explicitly controlling not only which resources can be accessed but also how access can occur

16. 16 DISADVANTAGES OF RBAC Unsupported for applications where a user can have many complex roles In large systems, memberships, role inheritance, and the need for customized privileges make administration potentially unwieldy

17. 17 REFERENCES Ravi S. Sandhu “ Role-Based Access Control ” Gail - Joon Ahn and Ravi Sandhu “Role-Based Authorization Constraints Specification” Sandhu R. et. al. “Role-based Access Control Models”. IEEE Computer, 29(2):38-47 February 1996 Sandhu R. “Issues in RBAC”, 1st Workshop on Role-based Access Control, pp. 21-24, 1995. Sandhu R., Ferraiolo D. and Kuhn R. “The NIST Model for Role-Based Access Control”

18. 18 DEMO  SAP ERP 6.0 concepts Transaction code (Tcode): Program to be executed (SU01, SU53, PFCG) Single Role Composite Role  Create 1 User (DEMO) and 2 Role (Z_ROLE_DEMO & Z_ROLE_DEMO1)  Assign Z_ROLE_DEMO to user  Trying another Tcode which is not in Z_ROLE_DEMO

19. Thanks for listening 19