Introduction to Access Control and Trust Management Daniel Trivellato.

Slides:



Advertisements
Similar presentations
Policy Based Dynamic Negotiation for Grid Services Authorization Infolunch, L3S Research Center Hannover, 29 th Jun Ionut Constandache Daniel Olmedilla.
Advertisements

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Decentralized Trust Management Sandro Etalle Jerry den Hartog.
Functional component terminology - thoughts C. Tilton.
Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
RBAC and Usage Control System Security. Role Based Access Control Enterprises organise employees in different roles RBAC maps roles to access rights After.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Database Management System
Access Control Intro, DAC and MAC System Security.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.
Security Fall 2009McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
Using Digital Credentials On The World-Wide Web M. Winslett.
Security Fall 2006McFadyen ACS How do we protect the database from unauthorized access? Who can see employee salaries, student grades, … ? Who can.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
21 June 2006Copyright 2006 University of Kent1 Delegation of Authority (DyVOSE project) David Chadwick University of Kent.
A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.
An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 4: Access Control.
Policy, Models, and Trust 1. Security Policy A security policy is a well-defined set of rules that include the following: Subjects: the agents who interact.
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.
Lecture 7 Access Control
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Understanding Active Directory
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
14 May 2002© TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.
Access Control in Data Management Systems Dr. Bhavani Thuraisingham The University of Texas at Dallas Access Control and Policies in Data Management Systems.
Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.
Secure Electronic Transaction (SET)
Security Policy What is a security policy? –Defines what it means for a system to be secure Formally: Partition system into –Secure (authorized) states.
© G. Dhillon, IS Department Virginia Commonwealth University Principles of IS Security Formal Models.
Switch off your Mobiles Phones or Change Profile to Silent Mode.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Rule based Trust management using RT Sandro Etalle thanks to Ninghui Li - Purdue William H. Winsborough – University of Texas S. Antonio. The DTM team.
POLIPO: Policies & OntoLogies for Interoperability, Portability, and autOnomy Daniel Trivellato.
D ISCRETIONARY A CCESS C ONTROLS Truong Quynh Chi Faculty of Computer Science & Engineering HCMC University of Technology
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 4 – Access Control.
G53SEC 1 Access Control principals, objects and their operations.
JISC Middleware Security Workshop 20/10/05© 2005 University of Kent.1 The PERMIS Authorisation Infrastructure David Chadwick
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Legion - A Grid OS. Object Model Everything is object Core objects - processing resource– host object - stable storage - vault object - definition of.
Lattice-based Access Control Models 2 Daniel Trivellato.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Policies September 7, 2010.
Software Security II Karl Lieberherr. What is Security Enforcing a policy that describes rules for accessing resources. Policy may be explicit or implicit.
Policy, Models, and Trust
Academic Year 2014 Spring Academic Year 2014 Spring.
Access Control Lesson Introduction ●Understand the importance of access control ●Explore ways in which access control can be implemented ●Understand how.
Privilege Management Chapter 22.
Computer Security: Principles and Practice
Database Security. Introduction to Database Security Issues (1) Threats to databases Loss of integrity Loss of availability Loss of confidentiality To.
Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.
Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Security and Trust Software Architecture.
Chapter 4 Access Control. Access Control Principles RFC 4949 defines computer security as: “Measures that implement and assure security services in a.
22 feb What is Access Control? Access control is the heart of security Definitions: * The ability to allow only authorized users, programs or.
Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.
Database System Implementation CSE 507
Access Control Model SAM-5.
OGF PGI – EDGI Security Use Case and Requirements
Cryptography and Network Security
Authentication Applications
OS Access Control Mauricio Sifontes.
Presentation transcript:

Introduction to Access Control and Trust Management Daniel Trivellato

04/09/2009Minor project course2 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

04/09/2009Minor project course3 Authentication vs. Access Control Authentication: establishing who you are (of whether you possess a certain pseudonym) Access Control: establishing if you have the right of doing a certain action Authentication is often necessary for access control

04/09/2009Minor project course4 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

04/09/2009Minor project course5 Basics: Subject, Object, Action Subjects Alice, Bob, Alice’s program Objects a file, the printer Actions read, write, execute, modify, send

04/09/2009Minor project course6 Discretionary Access Control Goal: prevent illegitimate access to resources Access is granted to users, or user groups Ownership: Users have all the rights about the objects they create Delegation: Users can grant the rights they have to others Users that have control can remove rights

04/09/2009Minor project course7 DAC Models Take-grant model Lampson (1974) Graham-Denning (1972) Harrison-Rizzo-Ullman (1976) Griffiths-Wade (1976) Originator control (1989)

04/09/2009Minor project course8 Lampson’s Access Matrix Set of objects O Set of users U Access Matrix A (UxU and UxO) Entries are sets of allowed actions (read, write, call,…) Plus owns for administration of rights * flag for delegation right

04/09/2009Minor project course9 Access Matrix - Example File 1File 2File 3Program 1 Alice owns read write read write Bobread* read write execute Charlieread execute read

04/09/2009Minor project course10 Mandatory Access Control Goal: prevent illegitimate flow (leakage) of information Attach security labels to subjects and objects Users, processes are given a clearance Objects, resources are given a label Information can not flow to lower or incomparable security classes

04/09/2009Minor project course11 MAC – Example SUBJECTSOBJECTS ……..... TS S C U Information flow TS S C U write read write read write read write read Bell-La Padula: NO READ UP NO WRITE DOWN

04/09/2009Minor project course12 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

04/09/2009Minor project course13 Role-Based Access Control Users are assigned to roles Roles are assigned rights File 1File 2File 3Program 1 Tester writeread, write Programmerread, write Group memberreadexecute TesterProgrammerGroup member Alice xx Bobxx File 1File 2File 3Program 1 Alice read, write execute Bobreadread, writeexecute

04/09/2009Minor project course14 RBAC Roles can be hierarchical Rights are inherited Project leader Project member TesterProgrammer

04/09/2009Minor project course15 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

04/09/2009Minor project course16 Trust Management Typical access control mechanism TM alternative authorizationsubjectID showslookup authorizationsubjectattributes hasinfers

04/09/2009Minor project course17 Distributed Trust Management Deals with authorizations in a distributed system (e.g., the Internet) need to interact with people you don’t know 2 types of DTM Reputation-based TM Rule-based TM

04/09/2009Minor project course18 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

04/09/2009Minor project course19 Reputation-based TM (concrete) community of cooks (200 people) to establish trust: you ask your friends  and friends of friends ... some recommendations are better than others you check the record (if any) after success trust increases

04/09/2009Minor project course20 Reputation-based TM (virtual) eBay (hundreds of millions of users)

04/09/2009Minor project course21 Reputation-based TM (virtual) Buyers and sellers rate each other after a transaction Positive (r(i,j) = 1) Neutral (r(i,j) = 0) Negative (r(i,j) = -1)

04/09/2009Minor project course22 Key features open system (different security domains) trust is a measure & changes in time essential risk component recommendation based (NOT identity-based) peers are not continuously available Algorithms (e.g., EigenTrust)

04/09/2009Minor project course23 Outline Introduction to Access Control Discretionary and Mandatory Access Control Role-Based Access Control Distributed Trust Management Reputation-based TM Rule-based TM

04/09/2009Minor project course24 Rule-based TM (concrete) Bart is entitled to a discount If he is a student of the local university

04/09/2009Minor project course25 Rule-based TM (virtual) When is Bart now entitled to a discount?

04/09/2009Minor project course26 Bart is entitled to a discount… If he is a student of any accredited University. But perhaps also… If he is an employee of any governmental organization If he is a member of the library club If he is a veteran …. Too many to mention Which problems does this raise? Scalability Knowing where and what to search

04/09/2009Minor project course27 Reputation vs. Rules open system (different security domains) trust is a measure & changes in time risk-based no delegation recommendation based (NOT identity-based) peers are not continuously available scalability open system (different security domains) trust is boolean & less time- dependent no risk delegation rule (credential) based (NOT identity-based) peers are not continuously available scalability

04/09/2009Minor project course28 Credentials A credential is a statement Signed by the issuer about a subject Containing info about the subject Requirements Unforgeable (!) Verifiable (that it belongs to the subject asking for the service) Signed (e.g. X509)

04/09/2009Minor project course29 Credential Chains Bart TU/e Accreditation Bureau Shop Is student of Is accredited by Is accepted by We have a chain of credentials The subject of one is the issuer of the other one

04/09/2009Minor project course30 Languages for TM A good language for TM must be able to express: Decentralized attributes Delegation of attribute authority Inference of attributes Attribute fields (e.g., age) Attribute-based delegation of authority

04/09/2009Minor project course31 Decentralized Attributes An entity asserts that another entity has a certain attribute e.g., student(TU/e,Alice) The TU/e asserts that Alice is a student Issuer: TU/e Subject: Alice Where is it stored?

04/09/2009Minor project course32 Delegation of Attribute Authority An entity delegates (i.e. trusts) the authority over an attribute to another entity e.g., student(DSA,X)  student(TU/e,X) The “Dutch Students Association” considers as students all the students of the TU/e Operationally: anyone showing a TU/e student credential can get a student credential from the DSA Issuers: DSA, TU/e Subject: X

04/09/2009Minor project course33 Inference of Attributes An entity uses one attribute to make inferences about another attribute e.g., employee(TU/e,X)  professor(TU/e,X) The TU/e asserts that every TU/e professor is also a TU/e employee

04/09/2009Minor project course34 Attribute Fields Credentials may carry field values e.g. student(DSA,Alice,university=TU/e) Field values can be used to infer additional attributes and for conditional delegation e.g. ccard(VISA,X)  client(ABN,X,credit=Y) AND Y > 2000 VISA releases credit cards only to ABN clients with more than 2000€ in their account

04/09/2009Minor project course35 Attribute-based Delegation of Authority An entity may delegate the authority to another entity depending on its attributes e.g. ccard(VISA,X)  client(Y,X) AND certified(EB,Y) VISA releases a credit card only to clients of banks which are certified by the “European Bank” By doing so, VISA does not need to explicitly mention all the banks which are trusted VISA trusts EB’s opinion about banks

04/09/2009Minor project course36 Credential Storage Every credential can be stored by its issuer, its subject, or a third party When we try to build a credential chain, we must be able to retrieve the appropriate credentials Credential chain discovery algorithms suggest storage schemas according to which credentials are retrieved RT: backward and forward search algorithm TuLiP POLIPO

04/09/2009Minor project course37 In the next lecture… The POLIPO framework a rule-based TM language a reputation system an algorithm for credential chain discovery

04/09/2009Minor project course38 Thank you for your attention! Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.