a system to specify and manage multipolicy access control
play

A System to Specify and Manage Multipolicy Access Control Models - PowerPoint PPT Presentation

May 28, 2023 •366 likes •671 views

Policy 2002: IEEE 3rd International Workshop on Policies for Distributed Systems and Networks Hosted by the Naval Postgraduate School , Monterey, California, U.S.A. June 5-7, 2002 A System to Specify and Manage Multipolicy Access Control Models

  1. Policy 2002: IEEE 3rd International Workshop on Policies for Distributed Systems and Networks Hosted by the Naval Postgraduate School , Monterey, California, U.S.A. June 5-7, 2002 A System to Specify and Manage Multipolicy Access Control Models Elisa Bertino Barbara Catania DSI DISI Università degli Studi di Milano Università degli Studi di Genova bertino@dsi.unimi.it catania@disi.unige.it Elena Ferrari Paolo Perlasca DSCFM DSI Università degli Studi dell’Insubria Università degli Studi di Milano Elena.Ferrari@uninsubria.it perlasca@dsi.unimi.it

  2. Summary • The general problem: Data Security • MACS: a multipolicy access control system • The architecture of MACS • How MACS works • Conclusions and future work

  3. Data Security • Data are an important strategic and operational asset for any organization • Damages and misuses of data affect not only a single user or an application; they may have disastrous consequences on the entire organization . Data must be protected !

  4. Data Security Data Security requires: • Confidentiality Data Confidentiality Integrity Security • Integrity • Availability Availability

  5. Data Security • A comprensive solution for Data Security consists of: – the identification of the security requirements – the specification of a security policy – the selection of some mechanism to enforce the specified policy Security Identification Requirements Security Specification Policy

  6. Data Security: Access Control System • An access control system regulates the operations that can be executed on data and resources to be protected – an access control policy can be enforced through a set of authorization rules, establishing the operations and rights that subjects can exercise on the protected objects – the reference monitor determines whether an access requests can be authorized or not, according to the authorization rules enforcing the selected policy Authorization Access Control Authorized Rules Policy Monitor Denied Access S O P s o p Request Access Control System <s,o,p>

  7. Issues in Data Security • A variety of access control policies have been so far defined • Articulated access control requirements are not adequately supported by a single-policy access control mechanism Access Control Access Control Policy System Access Control Policy Access Control Policy Access Control Policy

  8. What MACS is? • MACS is a multipolicy access control system supporting both the specification and the implementation of a large variety of access control models Discretionary RBAC Models Models MACS Multipolicy Access Control System Mandatory User-defined Models Models

  9. What MACS is? • MACS is flexible and extensible since: – it can easily accommodates new access control requirements – it allows the administrator to define its own access control policies and/or models in addition to those already provided by the system

  10. What MACS is? • MACS is based on a formal language and provides a set of tools helping the administrator in the specification and analysis of access control models and authorization management Language MACS Language •Model Specification and Analysis + Multipolicy Access + •Authorization Management Tools Control System Tools

  11. How? • Under MACS multiple access control policies can co- exist within the same system • The basic idea is to apply different policies to different disjoint sets of the objects to be protected Access Control Policy P 1 ACM M 1 MACS O 1 MACS S O P O 2 ACM M 2 Access Control Policy P 2

  12. How? • An access request involving an object o is authorized or denied according to the policy enforced by the specific component model containing o Authorization Access Control Rules Policy P 1 Authorized ACM MACS Or M 1 Denied o O 1 (s,o,p)

  13. MACS: the language Object Oriented Concepts C-Datalog ACM Logic-based Concepts • MACS is based on the C-Datalog language which is an Object-Oriented extension of Datalog • C-Datalog supports: – classical object-oriented concepts, such as classes, objects and inheritance (used to represent subjects, objects, privileges, sessions,…) – typical logic-based concepts, such as deductive rules (used to represent authorization and constraint rules)

  14. MACS: the language • Each instance of an ACM is a logical program composed of C-Datalog rules defined against a C- Datalog schema specifying the structure of the elements existing in the system

  15. MACS: the architecture • The architecture of MACS consists of two main environments with different tasks: – the Multipolicy Management Environment (MME) : • Generation of a template (a template partially specifies the components belonging to each instance of a model) • Static analysis of the generated template – the Run-Time Environment (RTE) : • Generation of an authorization base according to the template • Verification of end-user and SA requests

  16. MACS: the template • A multipolicy template specifies, for each component model : – the set of objects to be protected by this component model – a set of data and rules representing the structural components on which the model is based – a set of rules establishing how authorizations are derived and propagated along the hierarchical organization of the structural component – a set of rules specifying integrity constraints – a conflict resolution function to deal with conflicting authorizations

  17. R 1 + P O n RBAC R 2 R 3 Constraints Component (SSD, DSD) Model Permission-role R 4 Assignments Partially Specified + Model Fully Specified Model User-role User Assignments

  18. MACS: the MME environment • The main modules of the MME environment are: – the Graphic Template Interface (GTI) – the Static Analyzer • The Graphic Template Interface supports the PA during the generation of a template, whereas the Static Analyzer checks consistency of the generated template

  19. MULTIPOLICY MANAGEMENT ENVIRONMENT Formal Language F Specification Policy Static GTI Administrator Analyzer D PA Graphic Template E Interface A Protected Multipolicy B Objects Access Control Template Models Library Conflicts Resolution C Functions Library G The MME performs the following tasks: � Generation of a template � Static analysis of the generated template A. Partitioning of protected objects E. Analysis of generated template B. Assignment of an ACM to each partition F. Feedback analysis answers C. Assignment of a CRF to each ACM G. Run-time environment D. Generation of the template

  20. MACS: the Run-time environment • The main modules of the Run-Time Environment are: – the Authorization Manager Front-End – the Access Control Compiler and Checker – the Authorization Analyzer • The Authorization Manager Front-End manages end-user and SA requests

  21. MACS: the AC compiler & checker • The main tasks of the Access Control Compiler and Checker are: – the generation of an Authorization Base according to the policies stated by the PA – the verification of end-user and SA requests • The Authorization Analyzer: – supports the compiler during the generation process of an Authorization Base and – checks consistency and correctness of the generated set of authorizations

  22. RUN-TIME ENVIRONMENT G f End-user (Access Requests) Authorization Access Control a b Multipolicy Manager Compiler and Template e Front-end Checker Instance g Security Administrator d c Authorization Authorization SA Base Analyzer (Administrative Operations) The Run-Time Environment performs the following tasks: � Generation of an authorization base � Verification of End-user and SA requests a. Complete the template b. Send the template instance to the compiler c. Check consistency and correctness d. Send a feedback to SA e. Generate a consistent AB f. Submit End-user requests f. Submit SA requests

  23. MACS: how it works • An Access Control Model Schema (ACMS) defines the structural components on which the model is based • Access Control Model Instance (ACMI) provides information concerning the component instances, that is, the “actual” subjects, objects, privileges and sessions, and the authorizations and constraint rules used to instantiate the model

  24. MACS: how it works • The components of an ACMI can be organized as follows: – Domain classes represent the structure of the basic components (s, o, p, and sessions) of an ACM, whereas domain instances represent the actual components (instances are represented as set of facts) – Domain structure information represents relationships existing between basic components – The authorization component contains a set of facts and rules representing direct authorizations – The propagation component contains a set of rules by which additional authorizations can be derived – The constraint component consists of a set of rules specifying static and dynamic constraints on the basic components

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects : system resources for which protection is

576 views • 21 slides
SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing residents / staff access to site areas Main entrance Vehicle entrances Pedestrian entrances Gate / Barrier entrance Bin / Bike / Refuge

336 views • 14 slides
Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views • 47 slides
Access Control Origin Usage Control (UCON) Since the advent of timesharing system The

Access Control Origin Usage Control (UCON) Since the advent of timesharing system The

Access Control Origin Usage Control (UCON) Since the advent of timesharing system The main goal is to selectively determine who can access services, resources, and ISA 767, Secure Electronic Commerce digital contents and Xinwen

313 views • 10 slides
Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System

Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System

Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System Evaluation Criteria (TCSEC) Background MAC Mandatory Access Control Firm security levels DAC Discretionary Access Control Access

240 views • 6 slides
Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control? How Is Access Determined? Who Determines Access? Forms of Access Control SELinux Booleans iptables File Access Control Lists Apache Access Control

711 views • 36 slides
Electronic Access Control Policy Presented by Thomas Sonoff, Director of College Safety What is

Electronic Access Control Policy Presented by Thomas Sonoff, Director of College Safety What is

Electronic Access Control Policy Presented by Thomas Sonoff, Director of College Safety What is Access Control The ability to regulate or restrict building access via a centralized electronic control system Electronic Access Control System

292 views • 4 slides
1 General Access Control General Access Control Control of access to memory relatively easy:

1 General Access Control General Access Control Control of access to memory relatively easy:

Role of Access Control Before closing back doors we need to close front doors Access control: determines access to files &amp; processes in OS Fall 2008 We will return to these themes throughout the course Fall 2008 CS

512 views • 6 slides
D e f i n i t i o n o f S E L i n u x 80:20:DE:AD:BE:EF 80:20:DE:AD:BE:EF

D e f i n i t i o n o f S E L i n u x 80:20:DE:AD:BE:EF 80:20:DE:AD:BE:EF

D e f i n i t i o n o f S E L i n u x 80:20:DE:AD:BE:EF 80:20:DE:AD:BE:EF Mandatory Access Control ... refers to a type of access control by which the operating system constrains the ability of a subject or initiator to

599 views • 47 slides
Access Control SecAppDev 2016 Maarten Decat maarten.decat@kuleuven.be @maartendecat What is

Access Control SecAppDev 2016 Maarten Decat maarten.decat@kuleuven.be @maartendecat What is

Access Control SecAppDev 2016 Maarten Decat maarten.decat@kuleuven.be @maartendecat What is access control? Access control is the part of security that constrains the actions that are performed in a system based on access control rules .

1.4k views • 113 slides
Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs Access Control Administration Accountability Chapter 2 Access Control Models Identification and Authentication Methods Lecturer:

708 views • 9 slides
April 3: Access Control Matrix Overview Access Control Matrix Model Boolean Expression

April 3: Access Control Matrix Overview Access Control Matrix Model Boolean Expression

April 3: Access Control Matrix Overview Access Control Matrix Model Boolean Expression Evaluation History April 3, 2017 ECS 235B Spring Quarter 2017 Slide #1 Overview Protection state of system Describes current settings,

310 views • 13 slides
CS 4803 Computer and Network Security Alexandra (Sasha) Boldyreva OS security. Access control.

CS 4803 Computer and Network Security Alexandra (Sasha) Boldyreva OS security. Access control.

Access control Access control determines access to files and processes in OS Old area of security, but not well understood CS 4803 Computer and Network Security Alexandra (Sasha) Boldyreva OS security. Access control. 1 2 System

889 views • 5 slides
Protection Drivers Objectives By the end of todays session we will 1. use File Access to

Protection Drivers Objectives By the end of todays session we will 1. use File Access to

Protection Drivers Objectives By the end of todays session we will 1. use File Access to restrict access to files from applications and manage any known exceptions 2. manage application access and manage any known exceptions 3. block

291 views • 17 slides
Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control Introduction to Computer Security Access control, contd Announcements intermission Stephen McCamant Capability-based access control University

380 views • 7 slides
Access Control Dr. John Yoon How do you know yours? Finding about you and the system $ who

Access Control Dr. John Yoon How do you know yours? Finding about you and the system $ who

Advanced Linux File Permission Access Control Dr. John Yoon How do you know yours? Finding about you and the system $ who $ hostname $ whoami $ uname $ id $ date $ ps -aux Environment Variables Environment Settings of a

530 views • 25 slides
Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 9:

Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 9:

Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 9: Architecting and Designing Software Lecture 12 9.1 The Process of Design Denition: Design is a problem-solving process whose objective is to

722 views • 48 slides
https://pixabay.com/en/hong-kong-city-urban-skyscrapers-1990268/ Agenda Component Object Model

https://pixabay.com/en/hong-kong-city-urban-skyscrapers-1990268/ Agenda Component Object Model

https://pixabay.com/en/hong-kong-city-urban-skyscrapers-1990268/ Agenda Component Object Model (COM) Internals Attacking COM Enumerating attack surface for EoP Reverse engineering COM components Bugs and Features Well

1.17k views • 83 slides
Chapter 8, Object Design: Object design is the process of adding details to the requirements

Chapter 8, Object Design: Object design is the process of adding details to the requirements

Object Design Object-Oriented Software Engineering Chapter 8, Object Design: Object design is the process of adding details to the requirements analysis and making implementation decisions Reuse and Patterns I The object designer must

301 views • 15 slides
UML: Unified Modeling Language 1 Modeling Describing a system at a high level of

UML: Unified Modeling Language 1 Modeling Describing a system at a high level of

UML: Unified Modeling Language 1 Modeling Describing a system at a high level of abstraction A model of the system Used for requirements and specification Many notations over time State machines Entity-relationship

910 views • 57 slides
On Bringing Object-Oriented Software Metrics into the Model-Based World Verifying ISO 26262

On Bringing Object-Oriented Software Metrics into the Model-Based World Verifying ISO 26262

On Bringing Object-Oriented Software Metrics into the Model-Based World Verifying ISO 26262 Compliance in Simulink Lukas Murer, Torben Stolte Tanja Hebecker, Michael Lipaczewski Uwe Mhrstdt, Frank Ortmeier Motivation Functional safety

589 views • 21 slides
Scalable Component Abstractions Martin Odersky Swiss Federal Institute of Technology Lausanne

Scalable Component Abstractions Martin Odersky Swiss Federal Institute of Technology Lausanne

Scalable Component Abstractions Martin Odersky Swiss Federal Institute of Technology Lausanne (EPFL) (joint work with Matthias Zenger, Google) 1 Component Software State of the Art In principle , software should be constructed from

1.03k views • 44 slides
Components Infrastructures Manuel Oriol December 14th, 2005 Software Engineering Component?

Components Infrastructures Manuel Oriol December 14th, 2005 Software Engineering Component?

Components Infrastructures Manuel Oriol December 14th, 2005 Software Engineering Component? A component is a reusable unit of deployment and composition which is accessed through an interface.

344 views • 16 slides
Overview of Ptolemy II, with focus on Discrete Event and QSS Michael Wetter and Thierry

Overview of Ptolemy II, with focus on Discrete Event and QSS Michael Wetter and Thierry

Overview of Ptolemy II, with focus on Discrete Event and QSS Michael Wetter and Thierry S. Nouidui Simulation Research Group June 19, 2015 1 Overview The purpose is to understand 1. the structure of Ptolemy II 2. discrete

621 views • 45 slides

More recommend