1 1 Interoperating: MIT’s Fusion Center Prototype & JHU/APL’s Back End Attribute Exchange (Identity Management Testbed) January 2013.

Slides:



Advertisements
Similar presentations
Enabling Secure Internet Access with ISA Server
Advertisements

Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun Ionut Constandache Daniel Olmedilla.
Internet Security Protocols
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research
1 Security Assertion Markup Language (SAML). 2 SAML Goals Create trusted security statements –Example: Bill’s address is and he was authenticated.
Grid Security. Typical Grid Scenario Users Resources.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.
Core Web Service Security Patterns
For info, contact: kkw”at”mit.edu K. Krasnow Waterman 1 Accountable Systems: Fusion Center Prototype Spring 2010.
Introduction To Windows NT ® Server And Internet Information Server.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Peoplesoft: Building and Consuming Web Services
Beyond HIPAA, Protecting Data Key Points from the HIPAA Security Rule.
Service Broker Lesson 11. Skills Matrix Service Broker Service Broker, provides a solution to common problems with message delivery and consistency that.
July 25, 2005 PEP Workshop, UM A Single Sign-On Identity Management System Without a Trusted Third Party Brian Richardson and Jim Greer ARIES Lab.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
PKI in Higher Education: Dartmouth PKI Lab Update Internet2 Virtual Meeting 5 October 2001.
Implementing Secure Shared File Access
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
HIPAA PRIVACY AND SECURITY AWARENESS.
Copyright 2000 eMation SECURITY - Controlling Data Access with
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.
Distributed systems – Part 2  Bluetooth 4 Anila Mjeda.
Module 9 Configuring Messaging Policy and Compliance.
Shib-Grid Integrated Authorization (Shintau) George Inman (University of Kent) TF-EMC2 Meeting Prague, 5 th September 2007.
Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
1 DataSpace MIT Decentralized Information Group Tim Berners-LeeDanny Weitzner Lalana KagalGerry Sussman Hal Abelson Visitors: Joe Pato (HP)Latanya Sweeney.
Secure Credential Manager Claes Nilsson - Sony Ericsson
HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.
1 Emergency Alerts as RSS Feeds with Interdomain Authorization Filippo Gioachin 1, Ravinder Shankesi 1, Michael J. May 1,2, Carl A. Gunter 1, Wook Shin.
February 8, 2005IHE Europe Educational Event 1 Integrating the Healthcare Enterprise Basic Security Robert Horn Agfa Healthcare.
A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.
Database Design and Management CPTG /23/2015Chapter 12 of 38 Functions of a Database Store data Store data School: student records, class schedules,
Managing and communicating uncertainty in geospatial web service workflows Richard Jones, Dan Cornford, Lucy Bastin, Matthew Williams Computer Science,
1 CS 502: Computing Methods for Digital Libraries Lecture 19 Interoperability Z39.50.
Supporting further and higher education The Akenti Authorisation System Alan Robiette, JISC Development Group.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
Shibboleth: An Introduction
Module 7 Planning and Deploying Messaging Compliance.
S imple O bject A ccess P rotocol Karthikeyan Chandrasekaran & Nandakumar Padmanabhan.
INRIA - Progress report DBGlobe meeting - Athens November 29 th, 2002.
Status Update on Other GFIPM Activity Threads GFIPM Delivery Team Meeting November 2011.
The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.
HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.
XACML Showcase RSA Conference What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation logic n.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
Basic Security Cor Loef Philips Medical Systems Co-Chair IHE Radiology Technical Committee.
1 Auditing Your Fusion Center Privacy Policy. 22 Recommendations to the program resulting in improvements Updates to privacy documentation Informal discussions.
Grid Security.
Data and Applications Security Developments and Directions
S/MIME T ANANDHAN.
An Introduction to Cloud Computing
Policy reasoning A policy is a set of norms that define optimal behavior of agents in a system What does policy reasoning usually entail ? Proving that.
Dashboard eHealth services: actual mockup
THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,
Chinese wall model in the internet Environment
Presentation transcript:

1 1 Interoperating: MIT’s Fusion Center Prototype & JHU/APL’s Back End Attribute Exchange (Identity Management Testbed) January 2013

2 Agenda What is the MIT prototype? – Accountable Systems concept – Prototype mechanism – Scenario #1 Integrating with JHU/APL IdM Testbed – Goals – Achievements – Observations 2

3 MIT Massachusetts Institute of Technology Computer Science & Artificial Intelligence Lab Decentralized Information Group The Decentralized Information Group explores the consequences of information on the Web: where it comes from, what happens to it, and what are the rules for using it. We build tools to help people control the policies governing information, and we build automated reasoning systems to help determine whether information use complies with policy. 3

4 Accountable Systems 4 Ability for systems to: Determine whether each use of data is/was permitted by the relevant rules for the particular data, party, and circumstance Make that decision available to access control, audit, and other technology for real-time enforcement, retrospective reporting, redress, and risk modeling.

5 Prototype Prior project built a working prototype of an accountable system technology Funded by DHS Use cases were “fusion centers” – Attempting to retrieve or send information protected by privacy statutes 5

6 Prototype: Principles Real rules (e.g., statutes & regulations) require more information to reach a decision than traditional access control mechanisms provide An accountable system must be able to access all decision-relevant information Since decision-relevance varies by rule and situation, it would be unreasonable to work towards placing all such data in a centralized repository Therefore, an accountable system must be able to reach data in its pre-existing decentralized locations Real rules require more complex reasoning than traditional access control mechanisms provide Rules are expressed in terms of conditions, exceptions, and context Rules are not limited to access, but express many restrictions and permissions in the context of use Therefore, an accountable system must be able to express, manipulate, and reason across a broad range of concepts 6

7 Prototype Concept 7 Internet Sender Organization Recipient’s Organization User Profiles User Docs SENDER Reasoner Data Policies User Profiles User Docs Data Policies RECIPIENT

8 Transitioning from Prototype to Pilot The Prototype mechanism had limited decentralization of data – Directories on the same server were used to model different servers 8

9 Prototype First Implementation 9 Internet Sender Organization SENDER Reasoner Data Policies User Profiles User Docs Recipient Organization Data Policies User Profiles User Docs RECIPIENT

10 Transitioning from Prototype to Pilot More closely modeling the “real world”: – Implementing a level of decentralization – Interoperating with and external security mechanism to more closely model the “real world” Reasoner and Sender organization data on the MIT server Back end Attribute Exchange (BAE) authenticating and serving user profiles on the JHU/APL server 10

11 Web Sender’s Organization (MIT) Sender’s Organization (MIT) Recipient’s Organization User SSL Certificates User Docs SENDER Reasoner Data Policies User Docs Data Policies Project Concept RECIPIENT User Profiles User SSL Certificates (JHU/APL) BAE

12 Project Implementation 12 Web Sender Organization SENDER Reasoner Data Policies User Docs Recipient Organization Data Policies User Docs RECIPIENT User Profiles (JHU/APL) BAE User SSL Certificates (MIT)

13 Demonstration Use Case Mia (Massachusetts Fusion Center analyst) wants to send a Request for Information (containing protected Criminal Record Information) to Feddy Agenti (DHS). 13

14 Step #1: Prototype URL 14 Mia types in the URL for the IdM version of the MIT Prototype and presses “Enter”

15 Step #1 - Under the Hood: User SSL Certificate The tool finds Mia’s SSL certificate …. 15

16 Step #2: The UI 16 ….and uses it to auto-populate the UI

17 Step #2 – Under the Hood: URI is a cgi Script to Fetch Attributes 17 The URI for Mia is a cgi script which will cause her attributes to be fetched from JHU: – The link “location” is 20Police&cn=Mia%20Analysa#me 20Police&cn=Mia%20Analysa#me In the prior demo, the link was a literal: –

18 Step #2 – Under the Hood: Attributes Served 18 The URI for Mia is a cgi script which will cause her attributes to be fetched from JHU: – The link “location” is 20Police&cn=Mia%20Analysa#me 20Police&cn=Mia%20Analysa#me c (Country) = US st (State) = Massachusetts o (organization) = Massachusetts State Police cn (Common Name) = Mia Analysa

19 Step #3: Sender’s Attributes JHU authenticates the “Massachusetts State Police” certificate it previously issued to MIT, and provides Mia’s attributes. 19

20 Step #3: Sender’s Attributes For reference, this is a quite different profile from the one in the MIT prototype: 20

21 Step #3 - Under the Hood: SSL & XML SOAP -> RDF The cgi script calls a python script that serves the SSL key, issues an encrypted SOAP query and retrieves the “Distinguished Name” (DN) from the JHU/APL store, and converts from XML SOAP (the JHU format) to RDF (the MIT format). 21

22 Step #4: Request for Information (RFI) Mia chooses the document she wishes to send. 22

23 Step #4 – Under the Hood: Data - Request for Information (RFI) As in the original prototype, Mia identifies a pdf document that she wishes to send (the document was embedded with tags in xmp), and the UI populates the URL for the document. 23

24 Step #5: Recipient’s Attributes Mia identifies the person to whom she wishes to send the RFI, and the UI populates URI for the cgi script again, this time seeking Feddy’s DN. 24

25 Step #5 – Under the Hood: Recipient’s Attributes JHU’s server returns Feddy’s attributes for use. 25

26 Step #6: Compliance Result The reasoner is able to process all of the input, and return its compliance result. 26

27 Achievements MIT Prototype able to Interoperate with JHU Back End Attribute Exchange – Able to serve appropriate certificates, create appropriate signatures – Able to fetch the Distinguished Name from JHU – Able to convert RDF -> SOAP and SOAP -> RDF – MIT able to use the JHU served sender and receiver attributes in the reasoning to achieve decisions 27

28 Observations JHU does not appear to control access to individual profiles – Access to the Policy Information Point (PIP) is restricted on what appears to be an organizational/server-basis through the use of client certificates granted to the organization – Once access to the PIP is achieved, there appear to be no restrictions on access to the information contained within (e.g., all profiles are accessible) MIT prototype looking for enhanced functionality from the BAE – Pattern matching for the authenticator – Ability to serve URIs for attribute names or values – Elimination of requirement to populate the attributes in canonical order

29 Lalana Kagal: lkagal “at” csail.mit.edu K. Krasnow Waterman: kkw “at” mit.edu Questions? 29

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.