Responding to Policies at Runtime in TrustBuilder Bryan Smith, Kent E. Seamons, and Michael D. Jones Computer Science Department Brigham Young University.

Slides:

Advertisements

Similar presentations

An Adaptive Policy-Based Framework for Network Service Management Leonidas Lymberopoulos Emil Lupu Morris Sloman Department of Computing Imperial College.

Advertisements

Hybrid BDD and All-SAT Method for Model Checking Orna Grumberg Joint work with Assaf Schuster and Avi Yadgar Technion – Israel Institute of Technology.

The Role of Trust Management in Distributed Systems Authors Matt Blaze, John Feigenbaum, John Ioannidis, Angelos D. Keromytis Presented By Akshay Gupte.

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Secure Context-sensitive Authorization Kazuhiro Minami and David Kotz Dartmouth College.

Trust, Security and Privacy in Learning Networks Daniel Olmedilla L3S Research Center / Hannover University Learning Networks in Practice 10 th May, 2007.

Access Control Methodologies

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Lecture 23 Internet Authentication Applications

8.2 Discretionary Access Control Models Weiling Li.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.

Privacy-Preserving Trust Negotiations Mikhail Atallah Department of Computer Science Purdue University.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Pervasive Enablement of Business Process 徐天送 2004/11/2.

1 of 10 April 25, 2001 Minimizing System Modification in an Incremental Design Approach Paul Pop, Petru Eles, Traian Pop, Zebo Peng Department of Computer.

The Traust Authorization Service A. Lee, M. Winslett, J. Basney, and V. Welch University of Illinois at Urbana-Champaign Goal: A scalable.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

Using Entropy to Trade Privacy for Trust Yuhui Zhong Bharat Bhargava {zhong, Department of Computer Sciences Purdue University This work.

Security Management.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

TOWARDS IDENTITY ANONYMIZATION ON GRAPHS. INTRODUCTION.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

Detection and Resolution of Anomalies in Firewall Policy Rules

Brian Padalino Sammy Lin Arnold Perez Helen Chen

1 Role-Based Cascaded Delegation: A Decentralized Delegation Model for Roles Roberto Tamassia Danfeng Yao William H. Winsborough Brown University Brown.

Pushing the Security Boundaries of Ubiquitous Computing ACSF 2006 —————— 13 th July 2006 —————— David Llewellyn-Jones, Madjid Merabti, Qi Shi, Bob Askwith.

Adaptive Trust Negotiation and Access Control Tatyana Ryutov, et.al. Presented by: Carlos Caicedo.

TRUST NEGOTIATION IN ONLINE BUSINESS TRANSACTIONS BY CHANDRAKANTH REDDY.

Patient Protection and Affordable Care Act March 23, 2010.

Proof Carrying Code Zhiwei Lin. Outline Proof-Carrying Code The Design and Implementation of a Certifying Compiler A Proof – Carrying Code Architecture.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

Privacy-Preserving Trust Negotiations* Mikhail Atallah CERIAS and Department of Computer Sciences Purdue University * Joint work with Keith Frikken and.

Boolean Algebra and Computer Logic Mathematical Structures for Computer Science Chapter 7.1 – 7.2 Copyright © 2006 W.H. Freeman & Co.MSCS Slides Boolean.

23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.

A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.

ACM CCS 2005 CPOL: High-Performance Policy Evaluation Kevin Borders Xin Zhao Atul Prakash University of Michigan.

An Analysis of Trust Requirements and Design Choices for Trust Management in Web Services Based Service Oriented Architectures Bienvenida Pagdanganan Supervisor:

Chapter 4 Using Encryption in Cryptographic Protocols & Practices.

22/01/2004Daniel Olmedilla1 INTEGRATING PROLOG IN TRUST NEGOTIATION Software Project / Summer Semester /04/2004 Daniel Olmedilla L3S / University.

Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Automatic Trust Negotiation Rajesh Gangam

Hidden Access Control Policies with Hidden Credentials Keith Frikken, Mikhail Atallah, Jiangtao Li CERIAS and Department of Computer Sciences Purdue University.

Policy Evaluation Testbed Vincent Hu Tom Karygiannis Steve Quirolgico NIST ITL PET Report May 4, 2010.

Policy-Based Dynamic Negotiation for Grid Services Authorization Ionut Constandache, Daniel Olmedilla, Wolfgang Nejdl Semantic Web Policy Workshop, ISWC’05.

Encryption Extensions Model based on Hidden Attribute Certificate LI Yu 1,2,3, ZHAO Yong 1,2,3, GONG Bei 1 1 College of Computer Science and Technology,

Security Hannes Tschofenig. Goal for this Meeting Use the next 2 hours to determine what the security consideration section of the OAuth draft(s) should.

Disjunctive Bottom Set and Their Computation Dr Wenjin Lu & Dr Ross King Department of Computer Science, The University of Wales, Aberystwyth

1 Token–based Dynamic Trust Establishment for Web Services Zhengping Wu and Alfred C. Weaver Department of Computer Science University of Virginia March.

IBM Labs in Haifa © 2005 IBM Corporation Assumption-based Pruning in Conditional CSP Felix Geller and Michael Veksler.

Advanced Client/Server Authentication in TLS

Trust Profiling for Adaptive Trust Negotiation

Hybrid BDD and All-SAT Method for Model Checking

Simple Authentication for the Web

Kent Seamons Brigham Young University Marianne Winslett, Ting Yu

Providing Access to Your Data: Handling sensitive data

Module 8: Securing Network Traffic by Using IPSec and Certificates

THE STEPS TO MANAGE THE GRID

CS691 M2009 Semester Project PHILIP HUYNH

CS691 M2009 Semester Project PHILIP HUYNH

Tim van der Horst, Tore Sundelin, Kent Seamons, and Charles Knutson

Ting Yu and Marianne Winslett Presented by Korporn Panyim

Module 8: Securing Network Traffic by Using IPSec and Certificates

A Distributed Tabling Algorithm for Rule Based Policy Systems

Protecting Privacy During On-line Trust Negotiation

WS Standards – WS-* Specifications

Policy Language Requirements for Trust Negotiation

Hidden Credentials Jason E. Holt, Robert Bradshaw, Kent E. Seamons

Presentation transcript:

Responding to Policies at Runtime in TrustBuilder Bryan Smith, Kent E. Seamons, and Michael D. Jones Computer Science Department Brigham Young University IEEE 5th International Workshop on Policies for Distributed Systems and Networks (POLICY 2004) June 7-9, 2004 IBM Thomas J Watson Research Center Yorktown Heights, New York

2 Outline  Trust Negotiation  Policy Exchange  Compliance Checker –Limitations of current implementation –Adaptations for demands of trust negotiation  Conclusions

3 Trust Negotiation  The process of establishing trust between strangers in open systems based on the non- identity attributes of the participants  One approach: The incremental disclosure of credentials and access control policies

4 Step 1: Alice requests enrollment service from Bob Step 2: Bob discloses his policy P2 2 Step 4: Bob grants service Service Bob – Community College Server Service 2 Trust Negotiation Example Step 3: Alice discloses her driver’s license credential Alice 1 3

5 Type-1 Compliance Checker 2 False True Type-1 Compliance Checker Bob’s Enrollment Policy Alice’s Disclosed Credentials  Traditional Trust Management compliance checker  Determines whether a set of credentials satisfy a policy

6 Type-2 Compliance Checker 2 False with justification False True with set of satisfying credentials Type-2 Compliance Checker Bob’s Disclosed Policy Alice’s Local Credentials  Determines whether a policy is satisfied and how a policy is satisfied, but only produces a single satisfying set.  IBM Trust Establishment (TE) and REFEREE produce a set of local credentials that satisfy the received policy.

7 Step 1: Alice requests enrollment service from Bob Step 2: Bob discloses his policy P2 2 Bob – Community College Server Service 2 Trust Negotiation Example Alice 1 3 Step 3: Alice discloses her policy P3 3 Step 4: Bob responses with an empty message Failure

8 Type-3 Compliance Checker 2 False with justification False True with set of satisfying credential sets Type-3 Compliance Checker Bob’s Disclosed Policy Alice’s Local Credentials  Only PSPL [Bonatti-Samarati] and RT [Li et al.] return all the sets of satisfying credentials.  PSPL has no available implementation.  RT is currently under development.

9 TrustBuilder  Prototype system for trust negotiation currently under develop at the Internet Security Research Lab at BYU  Utilizes the IBM TE (Haifa Research Lab) system –Trust Policy Language (TPL) –Supports X.509v3 certificates –Type-2 compliance checker

10 Completeness in Trust Negotiation  Goal: Obtain all satisfying sets with a type- 2 compliance checker  Two approaches –Policy Modification –Credential Set Modification

11 Policy Modification Type-2 Compliance Checker Local Credentials Satisfying Set Policy Modifier, P AND NOT (P1)  P1 = a conjunction of all the credentials in the satisfying set  Policy language specific

12 Policy Modification  Process continues until the compliance checker returns an empty set  N+1 invocations of the compliance checker, where N is the number of satisfying sets Type-2 Compliance Checker Local Credentials, Satisfying Set Policy Modifier,,

13 Performance Results: Policy Modification  Test Scenarios –50 local credentials –Policies with 4 or 5 satisfying sets –Each satisfying set consisting of 2 to 3 credentials  Added overhead negligible

14 Credential Set Modification  Modify the input credential set each time the compliance checker is invoked  Two implementations –Brute Force –SSgen Algorithm

15 SSgen Algorithm: Definitions  A minimal satisfying set is a set of credentials that satisfies the policy such that no proper subset also satisfies the policy.  A policy P is a disjunction of rules, where rules are conjunctions of credentials. A rule specifies a minimal satisfying set.  A compliance checker is a function f : {C,P} => S –C is a set of credentials –P is a policy –S is a subset of C that minimally satisfies P, or the empty set

16 SSgen Algorithm

17 SSgen Algorithm  Finds all satisfying sets  O(2 |U| ) complexity, where U is the union of all satisfying sets

18 Performance Results: Credential Set Modification

19 Utilizing a Type-3 Compliance Checker during Trust Negotiation  Generate all the satisfying sets immediately –Sets can be ordered using a heuristic –Sets can be merged into a set containing unique satisfying credentials  Generate some of the satisfying sets –Limit resources used to generate satisfying sets  Generate satisfying sets one at a time –Avoids generating all satisfying sets unnecessarily

20 Contributions  An trust negotiation system with the completeness property using existing trust management languages and compliance checkers.  First example of a trust negotiation system that generates potential solutions and prioritizes them according to a specific criteria.

21 Questions? For further information, go to