Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Access Control and Trust Management Daniel Trivellato.

Published byLizbeth Whitehead Modified over 8 years ago

Similar presentations

Presentation on theme: "Introduction to Access Control and Trust Management Daniel Trivellato."— Presentation transcript:

1 Introduction to Access Control and Trust Management Daniel Trivellato

2 04/09/2009Minor project course2 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

3 04/09/2009Minor project course3 Authentication vs. Access Control Authentication: establishing who you are (of whether you possess a certain pseudonym) Access Control: establishing if you have the right of doing a certain action Authentication is often necessary for access control

4 04/09/2009Minor project course4 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

5 04/09/2009Minor project course5 Basics: Subject, Object, Action Subjects Alice, Bob, Alice’s program Objects a file, the printer Actions read, write, execute, modify, send

6 04/09/2009Minor project course6 Discretionary Access Control Goal: prevent illegitimate access to resources Access is granted to users, or user groups Ownership: Users have all the rights about the objects they create Delegation: Users can grant the rights they have to others Users that have control can remove rights

7 04/09/2009Minor project course7 DAC Models Take-grant model Lampson (1974) Graham-Denning (1972) Harrison-Rizzo-Ullman (1976) Griffiths-Wade (1976) Originator control (1989)

8 04/09/2009Minor project course8 Lampson’s Access Matrix Set of objects O Set of users U Access Matrix A (UxU and UxO) Entries are sets of allowed actions (read, write, call,…) Plus owns for administration of rights * flag for delegation right

9 04/09/2009Minor project course9 Access Matrix - Example File 1File 2File 3Program 1 Alice owns read write read write Bobread* read write execute Charlieread execute read

10 04/09/2009Minor project course10 Mandatory Access Control Goal: prevent illegitimate flow (leakage) of information Attach security labels to subjects and objects Users, processes are given a clearance Objects, resources are given a label Information can not flow to lower or incomparable security classes

11 04/09/2009Minor project course11 MAC – Example SUBJECTSOBJECTS ……..... TS S C U Information flow TS S C U write read write read write read write read Bell-La Padula: NO READ UP NO WRITE DOWN

12 04/09/2009Minor project course12 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

13 04/09/2009Minor project course13 Role-Based Access Control Users are assigned to roles Roles are assigned rights File 1File 2File 3Program 1 Tester writeread, write Programmerread, write Group memberreadexecute TesterProgrammerGroup member Alice xx Bobxx File 1File 2File 3Program 1 Alice read, write execute Bobreadread, writeexecute

14 04/09/2009Minor project course14 RBAC Roles can be hierarchical Rights are inherited Project leader Project member TesterProgrammer

15 04/09/2009Minor project course15 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

16 04/09/2009Minor project course16 Trust Management Typical access control mechanism TM alternative authorizationsubjectID showslookup authorizationsubjectattributes hasinfers

17 04/09/2009Minor project course17 Distributed Trust Management Deals with authorizations in a distributed system (e.g., the Internet) need to interact with people you don’t know 2 types of DTM Reputation-based TM Rule-based TM

18 04/09/2009Minor project course18 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

19 04/09/2009Minor project course19 Reputation-based TM (concrete) community of cooks (200 people) to establish trust: you ask your friends  and friends of friends ... some recommendations are better than others you check the record (if any) after success trust increases

20 04/09/2009Minor project course20 Reputation-based TM (virtual) eBay (hundreds of millions of users)

21 04/09/2009Minor project course21 Reputation-based TM (virtual) Buyers and sellers rate each other after a transaction Positive (r(i,j) = 1) Neutral (r(i,j) = 0) Negative (r(i,j) = -1)

22 04/09/2009Minor project course22 Key features open system (different security domains) trust is a measure & changes in time essential risk component recommendation based (NOT identity-based) peers are not continuously available Algorithms (e.g., EigenTrust)

23 04/09/2009Minor project course23 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

24 04/09/2009Minor project course24 Rule-based TM (concrete) Bart is entitled to a discount If he is a student of the local university

25 04/09/2009Minor project course25 Rule-based TM (virtual) When is Bart now entitled to a discount?

26 04/09/2009Minor project course26 Bart is entitled to a discount… If he is a student of any accredited University. But perhaps also… If he is an employee of any governmental organization If he is a member of the library club If he is a veteran …. Too many to mention Which problems does this raise? Scalability Knowing where and what to search

27 04/09/2009Minor project course27 Reputation vs. Rules open system (different security domains) trust is a measure & changes in time risk-based no delegation recommendation based (NOT identity-based) peers are not continuously available scalability open system (different security domains) trust is boolean & less time- dependent no risk delegation rule (credential) based (NOT identity-based) peers are not continuously available scalability

28 04/09/2009Minor project course28 Credentials A credential is a statement Signed by the issuer about a subject Containing info about the subject Requirements Unforgeable (!) Verifiable (that it belongs to the subject asking for the service) Signed (e.g. X509)

29 04/09/2009Minor project course29 Credential Chains Bart TU/e Accreditation Bureau Shop Is student of Is accredited by Is accepted by We have a chain of credentials The subject of one is the issuer of the other one

30 04/09/2009Minor project course30 Languages for TM A good language for TM must be able to express: Decentralized attributes Delegation of attribute authority Inference of attributes Attribute fields (e.g., age) Attribute-based delegation of authority

31 04/09/2009Minor project course31 Decentralized Attributes An entity asserts that another entity has a certain attribute e.g., student(TU/e,Alice) The TU/e asserts that Alice is a student Issuer: TU/e Subject: Alice Where is it stored?

32 04/09/2009Minor project course32 Delegation of Attribute Authority An entity delegates (i.e. trusts) the authority over an attribute to another entity e.g., student(DSA,X)  student(TU/e,X) The “Dutch Students Association” considers as students all the students of the TU/e Operationally: anyone showing a TU/e student credential can get a student credential from the DSA Issuers: DSA, TU/e Subject: X

33 04/09/2009Minor project course33 Inference of Attributes An entity uses one attribute to make inferences about another attribute e.g., employee(TU/e,X)  professor(TU/e,X) The TU/e asserts that every TU/e professor is also a TU/e employee

34 04/09/2009Minor project course34 Attribute Fields Credentials may carry field values e.g. student(DSA,Alice,university=TU/e) Field values can be used to infer additional attributes and for conditional delegation e.g. ccard(VISA,X)  client(ABN,X,credit=Y) AND Y > 2000 VISA releases credit cards only to ABN clients with more than 2000€ in their account

35 04/09/2009Minor project course35 Attribute-based Delegation of Authority An entity may delegate the authority to another entity depending on its attributes e.g. ccard(VISA,X)  client(Y,X) AND certified(EB,Y) VISA releases a credit card only to clients of banks which are certified by the “European Bank” By doing so, VISA does not need to explicitly mention all the banks which are trusted VISA trusts EB’s opinion about banks

36 04/09/2009Minor project course36 Credential Storage Every credential can be stored by its issuer, its subject, or a third party When we try to build a credential chain, we must be able to retrieve the appropriate credentials Credential chain discovery algorithms suggest storage schemas according to which credentials are retrieved RT: backward and forward search algorithm TuLiP POLIPO

37 04/09/2009Minor project course37 In the next lecture… The POLIPO framework a rule-based TM language a reputation system an algorithm for credential chain discovery

38 04/09/2009Minor project course38 Thank you for your attention! Questions? n.zannone@tue.nl d.trivellato@tue.nl

Download ppt "Introduction to Access Control and Trust Management Daniel Trivellato."

Similar presentations

Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun. 2005 Ionut Constandache Daniel Olmedilla.

Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun Ionut Constandache Daniel Olmedilla.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Decentralized Trust Management Sandro Etalle Jerry den Hartog.

Decentralized Trust Management Sandro Etalle Jerry den Hartog.
Functional component terminology - thoughts C. Tilton.

Functional component terminology - thoughts C. Tilton.
Certificates Last Updated: Aug 29, 2013. A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.

Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
RBAC and Usage Control System Security. Role Based Access Control Enterprises organise employees in different roles RBAC maps roles to access rights After.

RBAC and Usage Control System Security. Role Based Access Control Enterprises organise employees in different roles RBAC maps roles to access rights After.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Database Management System

Database Management System
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.

Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.
Security Fall 2009McFadyen ACS-49021 How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.

Security Fall 2009McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.

Similar presentations

Ads by Google