Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Future of Access Control: Attributes, Automation and Adaptation

Published byColleen Ramsey Modified over 5 years ago

Similar presentations

Presentation on theme: "The Future of Access Control: Attributes, Automation and Adaptation"— Presentation transcript:

1 The Future of Access Control: Attributes, Automation and Adaptation
Institute for Cyber Security The Future of Access Control: Attributes, Automation and Adaptation Prof. Ravi Sandhu Executive Director and Endowed Chair NSS 2012 November 21, 2012 © Ravi Sandhu World-Leading Research with Real-World Impact!

2 Prognosis: Cyberspace
Cyberspace will become orders of magnitude more complex and confused very quickly Overall this is a very positive development and will enrich human society It will be messy but need not be chaotic! Cyber security research and practice are loosing ground © Ravi Sandhu World-Leading Research with Real-World Impact! 2

3 Cyber Security Goal Enable system designers and operators to say:
This system is secure There is an infinite supply of low-hanging attacks Not attainable © Ravi Sandhu World-Leading Research with Real-World Impact! 3

4 Cyber Security Goal Enable system designers and operators to say:
This system is secure enough Mass scale, not very high assurance ATM network On-line banking E-commerce One of a kind, extremely high assurance US President’s nuclear football Many successful examples © Ravi Sandhu World-Leading Research with Real-World Impact! 4

5 Cyber Security Paradox
Our successes are not studied as success stories Our successes are not attainable via current cyber security science, engineering, doctrine © Ravi Sandhu World-Leading Research with Real-World Impact! 5

6 Cyber Security is all about
tradeoffs and adjustments automation (in future) Productivity Security Let’s build it Cash out the benefits Next generation can secure it Let’s not build it Let’s bake in super-security to make it unusable/unaffordable Let’s sell unproven solutions There is a sweet spot in the middle We don’t know how to predictably find it and maintain position there © Ravi Sandhu World-Leading Research with Real-World Impact! 6

7 Prognosis: Access Control
Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ???? © Ravi Sandhu World-Leading Research with Real-World Impact! 7

8 Prognosis: Access Control
Fixed policy Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ???? Flexible policy © Ravi Sandhu World-Leading Research with Real-World Impact! 8

9 Prognosis: Access Control
Human Driven Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Attribute Based Access Control (ABAC), ???? Automated Adaptive © Ravi Sandhu World-Leading Research with Real-World Impact! 9

10 Prognosis: Access Control
Discretionary Access Control (DAC), 1970 Mandatory Access Control (MAC), 1970 Role Based Access Control (RBAC), 1995 Messy or Chaotic? Attribute Based Access Control (ABAC), ???? © Ravi Sandhu World-Leading Research with Real-World Impact! 10

11 Cyber Security Technologies
AUTHENTICATION RISK ANALYSIS ASSURANCE CRYPTOGRAPHY ACCESS CONTROL INTRUSION DETECTION AND AUDIT SECURITY ENGINEERING & MANAGEMENT © Ravi Sandhu World-Leading Research with Real-World Impact! 11

12 Access Control Limitations
Analog Hole Inference Covert Channels Side Channels Phishing Safety Usability Privacy Attack Asymmetry Compatibility Federation …. © Ravi Sandhu World-Leading Research with Real-World Impact! 12

13 Access Control Limitations
Analog Hole Inference Covert Channels Side Channels Phishing Safety Usability Privacy Attack Asymmetry Compatibility Federation …. Can manage Cannot eliminate © Ravi Sandhu World-Leading Research with Real-World Impact! 13

14 Access Control Models Discretionary Access Control (DAC), 1970
Owner controls access But only to the original, not to copies Grounded in pre-computer policies of researchers Mandatory Access Control (MAC), 1970 Synonymous to Lattice-Based Access Control (LBAC) Access based on security labels Labels propagate to copies Grounded in pre-computer military and national security policies Role-Based Access Control (RBAC), 1995 Access based on roles Can be configured to do DAC or MAC Grounded in pre-computer enterprise policies Numerous other models but only 3 successes: SO FAR © Ravi Sandhu World-Leading Research with Real-World Impact! 14

15 The RBAC Story NIST-ANSI Standard Adopted NIST-ANSI Standard Proposed
model © Ravi Sandhu World-Leading Research with Real-World Impact! 15

16 RBAC96 Model Constraints
© Ravi Sandhu World-Leading Research with Real-World Impact! 16

17 Fundamental Theorem of RBAC
RBAC can be configured to do MAC RBAC can be configured to do DAC RBAC is policy neutral RBAC is neither MAC nor DAC! © Ravi Sandhu World-Leading Research with Real-World Impact! 17

18 RBAC Shortcomings Role granularity is not adequate leading to role explosion Researchers have suggested several extensions such as parameterized privileges, role templates, parameterized roles (1997-) Role design and engineering is difficult and expensive Substantial research on role engineering top down or bottom up (1996-), and on role mining (2003-) Assignment of users/permissions to roles is cumbersome Researchers have investigated decentralized administration (1997-), attribute-based implicit user-role assignment (2002-), role-delegation (2000-), role-based trust management (2003-), attribute-based implicit permission-role assignment (2012-) Adjustment based on local/global situational factors is difficult Temporal (2001-) and spatial (2005-) extensions to RBAC proposed RBAC does not offer an extension framework Every shortcoming seems to need a custom extension Can ABAC unify these extensions in a common open-ended framework? © Ravi Sandhu World-Leading Research with Real-World Impact! 18

19 RBAC Policy Configuration Points
Security Architect Security Administrator Security Administrator Security Architect User Security Architect Constraints Security Architect © Ravi Sandhu World-Leading Research with Real-World Impact! 19

20 Access Control Models Policy Policy Specification Enforcement Policy
Reality Policy Administration © Ravi Sandhu World-Leading Research with Real-World Impact! 20

21 Access Control Models Policy Policy Specification Enforcement Policy
RBAC, ABAC Initial focus MAC, DAC focus Policy Reality Policy Administration © Ravi Sandhu World-Leading Research with Real-World Impact! 21

22 Attribute-Based Access Control (ABAC)
Attributes are name:value pairs possibly chained values can be complex data structures Associated with users subjects objects contexts device, connection, location, environment, system … Converted by policies into rights just in time policies specified by security architects attributes maintained by security administrators ordinary users morph into architects and administrators Inherently extensible © Ravi Sandhu World-Leading Research with Real-World Impact! 22

23 ABAC Status 1990? 2012 ABAC still in pre/early phase Standard Adopted
Proposed Standard RBAC96 paper 1990? 2012 ABAC still in pre/early phase © Ravi Sandhu World-Leading Research with Real-World Impact! 23

24 ABAC Prior Work Includes
X.509, SPKI Attribute Certificates (1999 onwards) IETF RFCs and drafts Tightly coupled with PKI (Public-Key Infrastructure) XACML (2003 onwards) OASIS standard Narrowly focused on particular policy combination issues Fails to accommodate the ANSI-NIST RBAC standard model Fails to address user subject mapping Usage Control or UCON (Park-Sandhu 2004) Focus is on extended features Mutable attributes Continuous enforcement Obligations Conditions Several others ……….. © Ravi Sandhu World-Leading Research with Real-World Impact! 24

25 ABACα Hypothesis (DBSEC 2012)
An ABAC model requires identification of policy configuration points (PCPs) languages and formalisms for each PCP A core set of PCPs can be discovered by building the ABACα model to unify DAC, MAC and RBAC Additional ABAC models can then be developed by increasing the sophistication of the ABACα PCPs discovering additional PCPs driven by requirements beyond DAC, MAC and RBAC A small but crucial step © Ravi Sandhu World-Leading Research with Real-World Impact! 25

26 ABACα Model Structure Policy Configuration Points
© Ravi Sandhu World-Leading Research with Real-World Impact! 26

27 Authorization Policy: LAuthorization
DAC MAC RBAC0 RBAC1 © Ravi Sandhu World-Leading Research with Real-World Impact! 27

28 Subject Attribute Constraints: LConstrSub
MAC RBAC0 RBAC1 © Ravi Sandhu World-Leading Research with Real-World Impact! 28

29 Object Attribute Constraints
Constraints at creation: LConstrObj DAC MAC Constraints at modification: LConstrObjMod © Ravi Sandhu World-Leading Research with Real-World Impact! 29

30 ABACα Model Structure Policy Configuration Points Future work
increasing the sophistication of the ABACα PCPs discovering additional PCPs © Ravi Sandhu World-Leading Research with Real-World Impact! 30

31 ABAC Research Agenda 7. ABAC Design and Engineering 3. Administrative
ABAC Models 4. Extended ABAC Models 5. ABAC Policy Languages 6. ABAC Enforcement Architectures 2. Core ABAC Models 1. Foundational Principles and Theory © Ravi Sandhu World-Leading Research with Real-World Impact! 31

32 ABAC Research Agenda 7. ABAC Design and Engineering 3. Administrative
ABAC Models 4. Extended ABAC Models 5. ABAC Policy Languages 6. ABAC Enforcement Architectures 2. Core ABAC Models Initial Results 1. Foundational Principles and Theory © Ravi Sandhu World-Leading Research with Real-World Impact! 32

33 1. Foundational Principles and Theory
ABAC Research Agenda: RBAC Inspiration 7. Design and Engineering: Role engineering: Coyne (1996), Thomsen et al (1999), Epstein-Sandhu (2001), Strembeck (2005) Role mining: Kuhlmann-Schimpf (2003), RoleMiner (2006, 2007), Minimal Perturbation (2008) 3. Administrative Models: ARBAC97 (1997), RBDM (2000), RDM (2000), RB-RBAC (2002), ARBAC02 (2002), PBDM (2003) ARBAC07 (2007), SARBAC (2003, 2007) 5. Policy Languages Constraints: RCL (2000), Jaeger-Tidswell (2001), Crampton (2003), ROWLBAC (2008) User-role assignment: RB-RBAC (2002), RT (2003) 4. Extended Models: TMAC (1997) Workflow (1999), T-RBAC (2000), OrBAC (2003), TRBAC (2001), RT (2003), GTRBAC (2005), GEO-RBAC (2005), P-RBAC (2007) 6. Enforcement Architectures: Ferraiolo et al (1999), OM-AM (2000), Park et al (2001), xoRBAC (2001), RCC (2003), RB-GACA (2005), XACML Profiles (2004, 2005, 2006) 2. Core Models: RBAC96 (1996), ANSI-NIST Standard (2000, 2004) 1. Foundational Principles and Theory Principles: RBAC96 (1996), OM-AM (2000), NIST Standard (2000, 2004), PEI (2006), ASCAA (2008) Theory: ATAM Simulation (1999), LBAC-DAC Simulations (2000), Li-Tripunitara (2006), Stoller et al (2006, 2007), Jha et al (2008) NOTE: Only a small sampling of the RBAC literature is cited in this diagram © Ravi Sandhu World-Leading Research with Real-World Impact! 33

34 Authorization Leap Rights to attributes Benefits Risks Rights Labels
Roles Attributes Messy ?? Chaotic Benefits Decentralized Dynamic Contextual Consolidated Risks Complexity Confusion Attribute trust Policy trust © Ravi Sandhu World-Leading Research with Real-World Impact! 34

35 Prognosis: Cyber Security
Attributes Automated Adaptive Managed but not solved © Ravi Sandhu World-Leading Research with Real-World Impact! 35

Download ppt "The Future of Access Control: Attributes, Automation and Adaptation"

Similar presentations

INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
Cyber-Identity, Authority and Trust in an Uncertain World

Cyber-Identity, Authority and Trust in an Uncertain World
Cyber-Identity, Authority and Trust in an Uncertain World

Cyber-Identity, Authority and Trust in an Uncertain World
INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.

INSTITUTE FOR CYBER SECURITY 1 Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber.
1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010

1 PANEL Solving the Access Control Puzzle: Finding the Pieces and Putting Them Together Ravi Sandhu Executive Director Endowed Professor June 2010
Institute for Cyber Security

Institute for Cyber Security
ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.

ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.
Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.

Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.
© 2006 Ravi Sandhu www.list.gmu.edu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,

© 2006 Ravi Sandhu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,
1 Cyber Security Research: A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair January 18, 2013

1 Cyber Security Research: A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair January 18, 2013
The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.

The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.
1 Access Control Models Prof. Ravi Sandhu Executive Director and Endowed Chair January 25, 2013 & February 1, 2013

1 Access Control Models Prof. Ravi Sandhu Executive Director and Endowed Chair January 25, 2013 & February 1, 2013
1 The Data and Application Security and Privacy (DASPY) Challenge Prof. Ravi Sandhu Executive Director and Endowed Chair 11/11/11

1 The Data and Application Security and Privacy (DASPY) Challenge Prof. Ravi Sandhu Executive Director and Endowed Chair 11/11/11
1 Grand Challenges in Data Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair

1 Grand Challenges in Data Usage Control Prof. Ravi Sandhu Executive Director and Endowed Chair
1 The Future of Access Control: Attributes, Automation and Adaptation Prof. Ravi Sandhu Executive Director and Endowed Chair S&P Symposium IIT Kanpur March.

1 The Future of Access Control: Attributes, Automation and Adaptation Prof. Ravi Sandhu Executive Director and Endowed Chair S&P Symposium IIT Kanpur March.
1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.

1 The Science, Engineering, and Business of Cyber Security Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair.
Future of Access Control: Attributes, Automation, Adaptation

Future of Access Control: Attributes, Automation, Adaptation
1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.

1 A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC Prof. Ravi Sandhu Executive Director and Endowed Chair DBSEC July 11, 2012.
Attribute-Based Access Control Models and Beyond

Attribute-Based Access Control Models and Beyond
1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.

1 Attribute-Based Access Control Models and Beyond Prof. Ravi Sandhu Executive Director, Institute for Cyber Security Lutcher Brown Endowed Chair in Cyber.

Similar presentations

Ads by Google