Authorization the permission or power given to sb to do sth: enter - - PDF document

authorization
SMART_READER_LITE
LIVE PREVIEW

Authorization the permission or power given to sb to do sth: enter - - PDF document

Jun 30, 2023 10 likes •73 views

Authorization the permission or power given to sb to do sth: enter a security area without authorization Authorization in Oxford Advanced Learner's Dictionary Object-oriented Databases authorization is the concept of allowing

slide-1
SLIDE 1

Authorization in Object-oriented Databases

Anna Vapen David Hall December 2008

Authorization

  • ”the permission or power given to sb to do sth:

enter a security area without authorization”

Oxford Advanced Learner's Dictionary

  • authorization is the concept of allowing access to

resources only to those permitted to use them.

“Authorization.” Wikipedia, The Free Encyc

Real world example

Manager PR Researcher

Roles: Manager, researcher, PR person, employee

Employee Can read/write any document Can read public PR-material and read/write research material Can read/write public PR material and non-public PR material (work in progress) Can only read public PR material

Real world example

Documents Strategic documents Secret PR material Research Public PR material Future ads

Manager Researcher Employee PR

S1 S2 R1 R2 F1 F2 P1 P2

Authorization model in relational DBs

  • Coarse-grained
  • Units of authorization:

– Relation (record) – Attribute (field)

Object orientation

  • Classes (composite*)
  • Objects
  • Inheritance
  • Versions

* leads to class-composition hierarchy

slide-2
SLIDE 2

Objects

  • Unique id.
  • State (values of attributes)
  • Behavior (methods)
  • Instance of a class (may be a primitive)

Class-composition

Car Wheel Rim Tire Composite class Component classes

Inheritance

  • Class hierarchy (single inheritance)
  • Class lattice (multiple inheritance)

Car Station wagon Sedan Boat Car Amphibious vehicle Sedan

Methods

  • Authorize users to call methods within a class.
  • Also must check any operations performed by

the method (e.g. reading/writing attribute values)

Instances

  • Want to read all instances of a class except
  • ne or a few?
  • Employees shouldn’t be able to see future

ads.

Employee

Database granularity hierarchy

Rabitti, F., Bertino, E., Kim, W., Woelk, D. 1991

slide-3
SLIDE 3

Basic authorization concepts

  • (s,o,a)

s∈S

  • ∈O

a∈A F: S×O×A →(True, false)

  • Subject (an user or group of users)
  • Authorization object (single object, group of
  • bjects, entire database)
  • Authorization type (read, update, create, …)

Role lattice

Rabitti, F., Bertino, E., Kim, W., Woelk, D. 1991

Object lattice

Rabitti, F., Bertino, E., Kim, W., Woelk, D. 1991

Type lattice

Rabitti, F., Bertino, E., Kim, W., Woelk, D. 1991

grants

Implicit authorization

  • Rabitti, Woelk, Kim 1988
  • Rabitti, Bertino, Woelk, Kim 1991
  • Explicit setting <s,o,a> triplets
  • The rest of <s,o,a> combinations are implicitly

defined

Implicit authorization

Rabitti, F., Bertino, E., Kim, W., Woelk, D. 1991

slide-4
SLIDE 4

Weak authorization

Rabitti, F., Bertino, E., Kim, W., Woelk, D. 1991

Strong authorization

Rabitti, F., Bertino, E., Kim, W., Woelk, D. 1991

Positive/negative authorization

Rabitti, F., Bertino, E., Kim, W., Woelk, D. 1991

Implicit authorization

  • Pros:

– No need to store all combinations – No need to set all combinations

  • Cons:

– Sometimes hard to grasp why a specific authorization is determined as it is – Conflicts – Computational overhead

Applied real world example

Documents Strategic Secret PR material Research Public PR material Future ads

Manager: Can read/write any document

Explicit, strong, positive auth Implicit, strong, positive auth

Applied real world example

Documents Strategic Secret Research

Researcher: Can read public PR-material and read/write research material

Explicit, strong, negative auth Implicit, strong, negative auth Explicit, weak, positive auth Implicit, weak, positive auth PR material Public PR material Future ads

slide-5
SLIDE 5

Applied real world example

Documents Strategic Secret Research

PR person: Can read/write public PR material and non-public PR material

Explicit, strong, negative auth Implicit, strong, negative auth Explicit, weak, positive auth Implicit, weak, positive auth PR material Public PR material Future ads

Applied real world example

Documents Strategic Secret Research

Employee: Can only read public PR material

Explicit, weak, positive auth Explicit, weak, negative auth Implicit, weak, negative auth PR material Public PR material Future ads Explicit, strong, negative auth Implicit, weak, positive auth

Alternatives

  • Access policies implemented by methods

– Guard functions and proxy functions – Method implementor and method principal

  • Media access control (MAC)

– Single-level models – Multilevel models

Versions

Object lattice for versions of objects Rabitti, F., Bertino, E., Kim, W., Woelk, D. 1991

Discuss

  • Papers:
  • 1. Franzoni, S; Mazzoleni, P; Valtolina, S; Bertino,

E., Towards a Fine-Grained Access Control Model and Mechanisms for Semantic Databases

  • 2. Jajodia, R.; Samarati, P.; Subrahmanian, V. S.;

Bertino, E., A Unified Framework for Enforcing Multiple Access Control Policies

  • 3. Bertino, E.; Bettini, C.; Ferrari, E.; Samarati, P., A

Temporal Access Control Mechanism for Database Systems

Discuss

  • Questions:

– What problem are they trying to solve? – What solution do they suggest? – What are the limitations of this solution?

slide-6
SLIDE 6

Exercise scenario

In this scenario there is a bank where there are employees and a manager. The bank has several customers that have one or several accounts each. There are two types of accounts: savings accounts and fund

  • accounts. A savings account can be either a

salary account or a long-time savings account, while a fund account can be equity fund account or a fixed-income fund account.

Exercise scenario

Every sub-type of account has an interest that can only be changed by the manager. Customers can withdraw money from their salary account and see their account balance

  • n any of their accounts.

Exercise scenario

The employees at the bank can see the account balance of the customers and they can also

  • pen and close accounts, but opening and

closing of accounts (together with viewing of the balance done by the employees on other accounts than their own) can only be done between 9 and 15 Monday to Friday.

Exercise tasks

  • 1. Draw a graph that shows the different

account types, their variables and methods. Show the access rights for a manager, an employee and a customer by marking explicit / implicit, weak / strong and positive / negative authorization in the graph.

  • 2. Draw a role lattice showing shared and non-

shared rights of managers, employees and customers.