Download presentation
Presentation is loading. Please wait.
1
Akenti Distributed Access Control Application By Jiewei Lin
2
Overview Background Design goals Akenti specific certificates Akenti engine Akenti in use Conclusion References
3
Background Started at Lawrence Berkeley National Lab in 1998 Designed to solve problem of multiple resource and multiple owners Used in a public-key environment
4
Goals Allow different owner requirements Take immediate effect of owner requirements Support high level of integrity and non- repudiation
5
Akenti High Level Diagram (Credit JISC)
6
Akenti at a Closer View
7
Akenti specific certificates Policy certificates Use Condition certificates Attribute certificates Capability certificates
8
Akenti specific certificates (2) Shown an example
9
Entities in this exercise CA I CA IA (ca of Stake Holder I, and User I.) Stake Holder I User I (has Attribute Cert: ou=sjsu && job=student, and cn=User I)
10
Akenti Engine – Case Study I Resource: R1 Policy Cert.: trusted CA = CAI Use Cond.: ou=sjsu && job=student scope=local critical=true actions=read Permission Granted: action=read
11
Akenti Engine – Case Study II Resource: R2 Policy Cert.: trusted CA = CAI Use Cond.: ou=sjsu && job=student scope=subtree critical=true actions=read Permission Granted: action=read
12
Akenti Engine – Case Study III Resource: R2/S1 Policy Cert.: trusted CA = CA I Use Cond.: cn=User I scope=local critical=false actions=write, execute Permission Granted: action=read, write, execute
13
Akenti Engine – Case Study IV Resource: R3 Policy Cert.: trusted CA = CA I Use Cond.: ou=sjsu && job=student scope=local critical=true actions=read Use Cond.: time>10:00 && time <12:00 scope=local critical=true actions=write, execute Permission Granted: action=read action=write, execute if time>10:00 && time <12:00
14
Usage As a function As an access control using Apache module in a web server
15
Conclusion Mature and sophisticated authorization app. Uses flexible access control policies A useful tool
16
References [AK] http://www- itg.lbl.gov/security/Akenti/ http://www- itg.lbl.gov/security/Akenti/ [JISC] http://umbriel.dcs.gla.ac.uk/NeSC/ge neral/talks/140/7.ppt http://umbriel.dcs.gla.ac.uk/NeSC/ge neral/talks/140/7.ppt [SURA] http://www.dpo.uab.edu/sura/Securit y/sld001.htm
![References [AK] itg.lbl.gov/security/Akenti/ itg.lbl.gov/security/Akenti/ [JISC] neral/talks/140/7.ppt neral/talks/140/7.ppt [SURA] y/sld001.htm](http://images.slideplayer.com/16/4976784/slides/slide_16.jpg "References [AK] itg.lbl.gov/security/Akenti/ itg.lbl.gov/security/Akenti/ [JISC] neral/talks/140/7.ppt neral/talks/140/7.ppt [SURA] y/sld001.htm")
17
Questions ?
Similar presentations
