1 SACMAT 2002 © Oh and Sandhu 2002 A Model for Role Administration Using Organization Structure Sejong Oh Ravi Sandhu * George Mason University.

Slides:



Advertisements
Similar presentations
TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Advertisements

You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…
Advanced Piloting Cruise Plot.
Role Based Access Control
1 ACSAC 2002 © Mohammad al-Kahtani 2002 A Model for Attribute-Based User-Role Assignment Mohammad A. Al-Kahtani Ravi Sandhu George Mason University SingleSignOn.net,
1 Framework for Role-Based Delegation Models (RBDMs) By: Ezedin S.Barka and Ravi Sandhu Laboratory Of Information Security Technology George Mason University.
FRAMEWORK FOR AGENT-BASED ROLE DELEGATION Presentation by: Ezedin S. Barka UAE University.
INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.
Role-Based Access Control Prof. Ravi Sandhu George Mason University and NSD Security SACMAT 2003.
ARBAC99 (Model for Administration of Roles)
Ravi Sandhu Venkata Bhamidipati
ARBAC 97 (ADMINISTRATIVE RBAC)
Role Activation Hierarchies Ravi Sandhu George Mason University.
ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.
ROLE HIERARCHIES AND CONSTRAINTS FOR LATTICE-BASED ACCESS CONTROLS
SECURING CYBERSPACE: THE OM-AM, RBAC AND PKI ROADMAP Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University
Future Directions in Role-Based Access Control Models Ravi Sandhu Co-Founder and Chief Scientist SingleSignOn.Net & Professor of Information Technology.
ENGINEERING AUTHORITY AND TRUST IN CYBERSPACE: A ROLE-BASED APPROACH Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
ISA 662 RBAC-MAC-DAC Prof. Ravi Sandhu. 2 © Ravi Sandhu RBAC96 ROLES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE.
An ORACLE Implementation of the PRA97 Model for Permission-Role Assignment Ravi Sandhu Venkata Bhamidipati George Mason University.
A Role-Based Delegation Model and some extensions By: Ezedin S.Barka Ravi Sandhu George Mason University.
ROLE-BASED ACCESS CONTROL: A MULTI-DIMENSIONAL VIEW Ravi Sandhu, Edward Coyne, Hal Feinstein and Charles Youman Seta Corporation McLean, VA Ravi Sandhu.
A THREE TIER ARCHITECTURE FOR ROLE-BASED ACCESS CONTROL Ravi Sandhu and Hal Feinstein Seta Corporation McLean, VA Ongoing NIST-funded project Other Project.
INFS 767 Fall 2003 Administrative RBAC
© 2005 Ravi Sandhu Administrative Scope (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George.
© 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
Flexible access control policy specification with constraint logic programming Steve Barker, Peter J. Stuckey Presenter: Vijayant Dhankhar.
© 2005 Ravi Sandhu Access Control Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
Chapter 1 The Study of Body Function Image PowerPoint
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
September 2013 ASTM Officers Training Workshop September 2013 ASTM Officers Training Workshop Membership & Roster Maintenance September 2013 ASTM Officers.
1 The Academic Profession and the Managerial University: An International Comparative Study from Japan Akira Arimoto Research Institute for Higher Education.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.
My Alphabet Book abcdefghijklm nopqrstuvwxyz.
0 - 0.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Addition Facts
Year 6 mental test 5 second questions
Learning to show the remainder
ZMQS ZMQS
ABC Technology Project
1 Undirected Breadth First Search F A BCG DE H 2 F A BCG DE H Queue: A get Undiscovered Fringe Finished Active 0 distance from A visit(A)
VOORBLAD.
1 Breadth First Search s s Undiscovered Discovered Finished Queue: s Top of queue 2 1 Shortest path from s.
MHAP IETF-55 ipv6mh Michel Py -
Squares and Square Root WALK. Solve each problem REVIEW:
Do you have the Maths Factor?. Maths Can you beat this term’s Maths Challenge?
© 2012 National Heart Foundation of Australia. Slide 2.
Lets play bingo!!. Calculate: MEAN Calculate: MEDIAN
Lecture plan Outline of DB design process Entity-relationship model
Understanding Generalist Practice, 5e, Kirst-Ashman/Hull
Chapter 5 Test Review Sections 5-1 through 5-4.
GG Consulting, LLC I-SUITE. Source: TEA SHARS Frequently asked questions 2.
Addition 1’s to 20.
25 seconds left…...
Januar MDMDFSSMDMDFSSS
Week 1.
We will resume in: 25 Minutes.
©Brooks/Cole, 2001 Chapter 12 Derived Types-- Enumerated, Structure and Union.
Database Administration
A SMALL TRUTH TO MAKE LIFE 100%
PSSA Preparation.
Traktor- og motorlære Kapitel 1 1 Kopiering forbudt.
Role-Based Access Control George Mason University and
Presentation transcript:

1 SACMAT 2002 © Oh and Sandhu 2002 A Model for Role Administration Using Organization Structure Sejong Oh Ravi Sandhu * George Mason University

2 SACMAT 2002 © Oh and Sandhu 2002 Contents Introduction of ARBAC97 model Problems of URA97 Problems of PRA97 Solution : ARBAC02 model Conclusion

3 SACMAT 2002 © Oh and Sandhu 2002 ARBAC97 model Main point of decentralized RBAC administration –How to control proper administration range (or boundary) of each administrative role ARBAC97 model : use role range and prerequisite condition URA97, PRA97

4 SACMAT 2002 © Oh and Sandhu 2002 Director (DIR) Project lead 1 (PL1) Production Engineer 1 (PE1) Quality Engineer 1 (QE1) Engineer 1 (E1) Project lead 2 (PL2) Production Engineer 2 (PE2) Quality Engineer 2 (QE2) Engineer 2 (E2) Engineering Department (ED) Employee (E) Senior Security Officer (SSO) Department Security Officer (DSO) Project Security Officer 1 (PSO1) Project Security Officer 2 (PSO2) Project 1Project 2 Example of RH and administrative RH

5 SACMAT 2002 © Oh and Sandhu 2002 Admin. RolePrereq. ConditionRole Range PSO1 PSO2 DSO SSO ED E1 QE1 E1 PE1 ED E2 QE2 E2 PE2 ED PL2 ED PL1 ED E ED [E1, E1] [PE1, PE1] [QE1, QE1] [E2, E2] [PE2, PE2] [QE2, QE2] [PL1, PL1] [PL2, PL2] (ED, DIR) [ED,ED] (ED, DIR] Can-assign Admin. RolePrereq. ConditionRole Range DSO PSO1 PSO2 DIR PL1 QE1 PL1 PE1 PL2 QE2 PL2 PE2 [PL1, PL1] [PL2, PL2] [PE1, PE1] [QE1, QE1] [PE2, PE2] [QE2, QE2] Can-assignp ARBAC97 model Example of can-assign and can-assignp

6 SACMAT 2002 © Oh and Sandhu 2002 Problems of URA97 Characteristics of user-role assignment –Security officer SO1 can assign user U1 to role R2 provided U1 is already member of prerequisite role R1. –Assigned users in R1 are a user pool for SO1 to assign to R2. –R2 can be prerequisite role for other security officers. R2 User pool R1 Can-assign Admin. Role Prerequiste Condition Role Range SO1R1[R2,R2] ………

7 SACMAT 2002 © Oh and Sandhu 2002 Problems of URA97 Characteristics of user-role assignment –Consequently users should be assigned from lowest prerequisite role to higher prerequisite role in the role hierarchy –From can-assign table, we can depict the first URA step as follows : E ED E1 E2 : User pool

8 SACMAT 2002 © Oh and Sandhu 2002 Problems of URA97 URA97 brings about : –UA1. Multi step assign Suppose that new employed engineer John will be assigned to QE1 role. Assign step : assign John to E assign John to ED assign John to E1 assign John to QE1 Higher roles may require more assign step. This may lead to work of two or more security officers.

9 SACMAT 2002 © Oh and Sandhu 2002 Problems of URA97 URA97 brings about : –UA2. Duplicated UA information Suppose that Tom is a member of QE1 role. It means that Tom is a explicit member of E, ED, E1, and QE1. Removing tuple,, and has no effect to Toms access rights. They are need only for administrative purpose. E ED E1 Tom QE1 Tom RoleAssigned user UA table E.. ED.. E1.. QE1 Tom.. Tom.. Tom.. Tom

10 SACMAT 2002 © Oh and Sandhu 2002 Problems of URA97 URA97 brings about : –UA3. Restricted user pool Suppose the company in the example wants to maintain human resource pool H1, H2, and H3. And new policy requires that Production Engineer should be picked from H1 and Quality Engineer should be picked from H2. It is impossible to realize new policy without changing the Role Hierarchy.

11 SACMAT 2002 © Oh and Sandhu 2002 Problems of URA97 URA97 brings about : –UA3. Restricted user pool (cont.) In the URA97 model, the user pool is based on the prerequisite roles, and prerequisite roles belong to role hierarchy. Consequently user pool is restricted by role hierarchy. Accommodating real world needs results in complicating the Role Hierarchy

12 SACMAT 2002 © Oh and Sandhu 2002 Problems of PRA97 Characteristics of permission-role assignment –Permission-role assignment step is similar to delegation. –The permissions of highest role on the role hierarchy spread down to lower roles by security officer. –Security officer SO1 can assign permission P1 to role R1 when P1 is already member of prerequisite role R2 that is for SO1. –Assigned permissions in R2 are a permission pool for SO1. R2 permission pool R1 Can-assign

13 SACMAT 2002 © Oh and Sandhu 2002 Problems of PRA97 Characteristics of permission-role assignment –From can-assignp table, we can represent the first PRA step as follows : Permission pool DIR PL1 PL2 PE1QE1PE2QE2

14 SACMAT 2002 © Oh and Sandhu 2002 Problems of PRA97 PRA97 brings about : –PA1. Multi step assign –PA2. Duplicated PA information –PA3. Restricted composition of permission pool Similar to UA1, UA2, and UA3

15 SACMAT 2002 © Oh and Sandhu 2002 Problems of PRA97 PRA97 brings about : –PA4. No restriction for permission pool Suppose there exist can-assignp(SO1, R2, [R1,R1]). Then SO1 can assign in R2s any permissions to R1. There is no restriction. How to specify some of permissions are only for R2 ? cannot solve in PRA97 In PRA99 model, it can be solved by immobile membership concept. But it requires additional information about permission pool. permission pool R2 All can be assigned by SO1 R1

16 SACMAT 2002 © Oh and Sandhu 2002 Problems of PRA97 PRA97 brings about : –PA5. Lead to undesirable perm i ss i on flow PSO1 can move some permissions of PL1 to QL. But QL is out of range of PSO1. DIR PL1 PE1 QE1 PL2 QE2 PE2 QL Role Range Of PSO1 Role Range Of DSO illegal flow : A Permission

17 SACMAT 2002 © Oh and Sandhu 2002 Solution : ARBAC02 Direction –Choosing new base for user pool and permission pool (role hierarchy independent organization structure) –Organization unit is a good container for user pool and permission pool –Organization unit : A group of people and functions (permissions) for achieving given missions. RH user /permission pool RH user /permission pool Org. structure

18 SACMAT 2002 © Oh and Sandhu 2002 Solution : ARBAC02 Organization structure as a user pool –Basic organization structure is predefined before access control –Users are pre-assigned to basic organization structure. (by HR officer) Engineering Department (ED) Project 1 (PJ1) Project 2 (PJ2) Production Division (PRD) Purchasing Department (PD) Manufacturing Department (MD) Quality Control (QC) Stock Control (SC)

19 SACMAT 2002 © Oh and Sandhu 2002 Organization structure as a permission pool –Permissions are pre-assigned to basic organization structure. (by IT officer) Solution : ARBAC02 Engineering Department (ED) Project1 (PJ1) Project 2 (PJ2) Production Division (PRD) Purchasing Department (PD) Manufacturing Department (MD) Quality Control (QC) Stock Control (SC)

20 SACMAT 2002 © Oh and Sandhu 2002 Solution : ARBAC02 Assigned by human resource (HR) group Assigned by information technology (IT) group Users System Resources Org. structure for user pool Org. structure for permission pool Role hierarchy Assign user to role by security admin. group Assign permission to role by security admin. group HR and IT Area Security admin. Area

21 SACMAT 2002 © Oh and Sandhu 2002 Solution : ARBAC02 Modification of prerequisite condition –Suppose can-assign(PSO1, E1 QE1, [PE1,PE1]) Redefined in terms of org. unit : QE1, [PE1,PE1]) PSO can assign users, who are in org. unit PJ1 and not in role QE1, to PE1 To distinguish role and Org. unit name, we in front of Org. unit name

22 SACMAT 2002 © Oh and Sandhu 2002 Solution : ARBAC02 Modification of prerequisite condition –Redefine of can-assign table Admin. RolePrereq. ConditionRole Range PSO1 PSO2 DSO SSO ED E1 QE1 E1 PE1 ED E2 QE2 E2 PE2 ED PL2 ED PL1 ED E ED [E1, E1] [PE1, PE1] [QE1, QE1] [E2, E2] [PE2, PE2] [QE2, QE2] [PL1, PL1] [PL2, PL2] (ED, DIR) [ED,ED] (ED, DIR] Can-assign (ARBAC97) Admin. RolePrereq. ConditionRole Range PSO1 PSO2 DSO [PE1, PE1] [QE1, QE1] [PE2, PE2] [QE2, QE2] [PL1, PL1] [PL2, PL2] (ED, DIR) (ED, DIR] Can-assign (ARBAC02)

23 SACMAT 2002 © Oh and Sandhu 2002 Solution : ARBAC02 Proposed model solves problems UA1 and UA2 –Avoid multi-step user assignment –Avoid duplicated user assignment information E ED E1 Tom QE1 Tom E ED E1 QE1 PJ1 Tom (ARBAC02) (ARBAC97)

24 SACMAT 2002 © Oh and Sandhu 2002 Solution : ARBAC02 Proposed model solves problems UA3 –Suppose the company in the example want to maintain human resource pool H1, H2, and H3. And new policy requires that Production Engineer should be picked from H1 and Quality Engineer should be picked from H2. –In the proposed model, new org. Unit H1, H2, and H3 can be added at proper positions in org. structure. Then change prerequisite condition such like : can-assign(PSO1, PJ1 QE1, [PE1, PE1]) [PE1, PE1]) –Requires no change of role hierarchy !

25 SACMAT 2002 © Oh and Sandhu 2002 Solution : ARBAC02 Proposed model solves problems PA1~ PA4 Proposed model solves problems PA5 –In the proposed model, common permissions are assigned to lower roles in the role hierarchy, and higher roles get their special permissions. (bottom-up) –This bottom-up style permission-role assignment prevents undesirable permission flows in PA5. DIR PL1 PE1 QE1 PL2 QE2 PE2 QL Role Range Of PSO1 Role Range Of DSO PSO1 cannot assign PL1s any explicitly assigned permissions to QL

26 SACMAT 2002 © Oh and Sandhu 2002 Solution : ARBAC02 Users Roles Admini- strative Roles Permi- ssions Admin. Permi- ssions Constraints Sessions Role hierarchy Administrative Role hierarchy User Pool unit Permission Pool unit OS-U OS-P

27 SACMAT 2002 © Oh and Sandhu 2002 Conclusion ARBAC02 overcomes shortcomings of ARBAC97 ARBAC02 supports flexible user pool and permission pool structure independent from role hierarchy. –In the ARBAC97 model, user pool and permission pool are tightly coupled with role hierarchy. This leads to various problems. ARBAC02 supports bottom-up oriented permission- role assignment –PRA97 model follows top-down approach. It leads to undesirable permission flow.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.