composite decentralized access control
play

Composite Decentralized Access Control Petar Tsankov , Srdjan - PowerPoint PPT Presentation

Sep 03, 2022 •432 likes •916 views

Composite Decentralized Access Control Petar Tsankov , Srdjan Marinovic, Mohammad Torabi Dashtj, David Basin Instjtute of Informatjon Security ETH Zurich Example: SweGrid Goal Provides computatjonal and storage resources to researchers

  1. Composite Decentralized Access Control Petar Tsankov , Srdjan Marinovic, Mohammad Torabi Dashtj, David Basin Instjtute of Informatjon Security ETH Zurich

  2. Example: SweGrid Goal Provides computatjonal and storage resources to researchers Access Control Requirements – A project leader delegates his authority over resources to principals – A project leader composes the principals' policies (e.g., using permit-override)

  3. Delegatjon Multjple principals can issue access rights delegatjons Project Leader Project leader Dave Bob access rights access rights Researchers Researchers

  4. Delegatjon Multjple principals can issue access rights delegatjons Project Leader Project leader Dave Bob access rights access rights Researchers Researchers Decentralized Access Control

  5. Compositjon Policy decisions in large-scale systems – Grant, Deny, Not-applicable, Confmict Compositjon operators, e.g.: ● Permit-override Project + leader ● Deny-override ● Confmict-override + Bob Dave

  6. Compositjon Policy decisions in large-scale systems – Grant, Deny, Not-applicable, Confmict Compositjon operators, e.g.: ● Permit-override Project + leader ● Deny-override ● Confmict-override + Bob Dave Composite Access Control

  7. System Model Resources Subjects

  8. System Model Requirements Principals control access Resources Subjects

  9. System Model Requirements Principals PDP Policies control access PEP Resources Subjects

  10. Related Work Systems and standards Formal foundatjons

  11. Related Work Delegatjon Systems SecPAL for Grid and KeyNote PDP standards (RFC 2704) RT ('01) Formal foundatjons DKAL ('08) ...

  12. Related Work Compositjon Delegatjon Systems SecPAL for Grid XACML v2.0 and KeyNote PDP standards (RFC 2704) PBel ('08) RT ('01) Formal D-Algebra ('09) DKAL ('08) foundatjons ... PTaCL ('12) ...

  13. Related Work Delegatjon Compositjon + Compositjon Delegatjon SweGrid Systems SecPAL for Grid XACML v2.0 and XACML v3.0 ('13) KeyNote PDP standards (RFC 2704) WSO2 ID Server PBel ('08) RT ('01) Formal D-Algebra ('09) DKAL ('08) foundatjons ... PTaCL ('12) ...

  14. Related Work Delegatjon Compositjon + Compositjon Delegatjon SweGrid Systems SecPAL for Grid XACML v2.0 and XACML v3.0 ('13) KeyNote PDP standards (RFC 2704) WSO2 ID Server PBel ('08) RT ('01) Formal BelLog D-Algebra ('09) DKAL ('08) foundatjons ... PTaCL ('12) ...

  15. How to Build Access Control Systems Verify Construct Specify Policy PDP Policy ➔ Formal semantjcs ➔ Analysis language ➔ Effjcient evaluatjon algorithm ➔ Support for ➔ Decision algorithms delegatjon ➔ Support for compositjon

  16. How to Build Access Control Systems Verify Construct Specify Policy PDP Policy ➔ Formal semantjcs ➔ Analysis language ➔ Effjcient evaluatjon algorithm ➔ Support for ➔ Decision algorithms delegatjon ➔ Support for compositjon

  17. Belnap Logic + Datalog = BelLog Belnap Logic (stratjfjed) Datalog Truth ordering (Program) (rule) (literal) (atom) Knowledge ordering

  18. Belnap Logic + Datalog = BelLog Belnap Logic (stratjfjed) Datalog Truth ordering (Program) (rule) (literal) (atom) Knowledge ordering

  19. Belnap Logic + Datalog = BelLog Belnap Logic (stratjfjed) Datalog Truth ordering (Program) (rule) (literal) (atom) Knowledge ordering

  20. Belnap Logic + Datalog = BelLog Belnap Logic (stratjfjed) Datalog Truth ordering (Program) (rule) (literal) (atom) Knowledge ordering BelLog (Program) Negatjon on truth (rule) Negatjon on knowledge (literal) (atom)

  21. Belnap Logic + Datalog = BelLog Belnap Logic (stratjfjed) Datalog Truth ordering (Program) (rule) (literal) (atom) Knowledge ordering Semantjcs Extend stratjfjed Datalog to four- BelLog valued fjxed-point semantjcs (Program) Negatjon on truth (rule) Negatjon on knowledge (literal) (atom)

  22. BelLog Examples

  23. BelLog Examples Transitjve delegatjon

  24. BelLog Examples Transitjve delegatjon Policy targets

  25. BelLog Examples Transitjve delegatjon Policy targets Agreement

  26. BelLog Examples Transitjve delegatjon Policy targets Agreement Confmict-override

  27. BelLog Examples Transitjve delegatjon Policy targets Other idioms? Agreement Confmict-override

  28. How to Build Access Control Systems Verify Construct Specify Policy PDP Policy ➔ Formal semantjcs ➔ Analysis language ➔ Effjcient evaluatjon algorithm ➔ Support for ➔ Decision algorithms delegatjon ➔ Support for compositjon

  29. Policy Analysis Does the policy meet its requirements? Policy Requirements

  30. Policy Analysis Does the policy meet its requirements? Policy Requirements Questjons

  31. Policy Analysis Does the policy meet its requirements? Policy Requirements Questjons Analyzer

  32. Policy Analysis Does the policy meet its requirements? Policy Requirements Questjons Fix Analyzer Counter- Policy example checked

  33. Policy Analysis Does the policy meet its requirements? Policy Requirements How do we Questjons write this? Fix Analyzer Counter- Policy example checked

  34. Policy Analysis Does the policy meet its requirements? Policy Requirements How do we Questjons write this? Fix Decidability? Analyzer Complexity? Counter- Policy example checked

  35. Analysis Questjons Syntax (questjon) (conditjon) – Is policy P2 more permissive than P1 for all inputs that satjsfy the conditjon c ?

  36. Analysis Questjons Syntax (questjon) (conditjon) – Is policy P2 more permissive than P1 for all inputs that satjsfy the conditjon c ? For a given input: Requests granted by P1 Requests All requests granted by P2

  37. Analysis Questjons Syntax (questjon) (conditjon) – Is policy P2 more permissive than P1 for all inputs that satjsfy the conditjon c ? For a given input: Requests granted by P1 Requests All requests granted by P2

  38. Analysis Questjons Syntax (questjon) (conditjon) – Is policy P2 more permissive than P1 for all inputs that satjsfy the conditjon c ? Check for all inputs that For a given input: satjsfy the conditjon Requests granted by P1 Requests All requests granted by P2

  39. Example: Analysis Questjon Policy Requirement If the requester is a project leader, then grant access.

  40. Example: Analysis Questjon Policy Requirement If the requester is a project leader, then grant access. Analysis Questjon

  41. Analysis

  42. Analysis Theorem 1 Policy containment is undecidable

  43. Analysis Theorem 1 Policy containment is undecidable Theorem 2 Policy containment for unary-input policies* is in CO-NEXP-COMPLETE *Unary-input policies – Example:

  44. Analysis Theorem 1 Policy containment is undecidable Theorem 2 Policy containment for unary-input policies* is in CO-NEXP-COMPLETE Theorem 3 Policy containment for a fjnite universe is in CO-NP-COMPLETE *Unary-input policies – Example:

  45. How to Build Access Control Systems Verify Construct Specify Policy PDP Policy ➔ Formal semantjcs ➔ Analysis language ➔ Effjcient evaluatjon algorithm ➔ Support for ➔ Decision algorithms delegatjon ➔ Support for compositjon

  46. Constructjng PDPs Theorem 4 Policy entailment is in PTIME Policy Interpreter htup://bellog.org GitHub htups://github.com/ptsankov/bellog/

  47. Limitatjons – Analysis of administratjve changes – Analysis complexity and tool support – Usability

  48. BelLog Contributjons A foundatjon for Policy analysis composite decentralized framework access control BelLog PDP (www.bellog.org)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios

DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios

DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios Kokoris-Kogias, Prof. Bryan Ford 1 Motivation Access Control: Management of access to a resource Simple access control Static binding

494 views • 24 slides
Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects : system resources for which protection is

576 views • 21 slides
Access Control in a Decentralized Collaboration Platform Nicolas Ritter Professor: Supervisor:

Access Control in a Decentralized Collaboration Platform Nicolas Ritter Professor: Supervisor:

Access Control in a Decentralized Collaboration Platform Nicolas Ritter Professor: Supervisor: Bryan Ford Kirill Nikitin DEDIS DEDIS Introduction - Peerdoc platform 2 Introduction - The cost of centralization Having to share potentially

448 views • 20 slides
Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views • 47 slides
Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control? How Is Access Determined? Who Determines Access? Forms of Access Control SELinux Booleans iptables File Access Control Lists Apache Access Control

711 views • 36 slides
Optimal Decentralized Control of System with Partially Exchangeable Agents Aditya Mahajan McGill

Optimal Decentralized Control of System with Partially Exchangeable Agents Aditya Mahajan McGill

Optimal Decentralized Control of System with Partially Exchangeable Agents Aditya Mahajan McGill University Joint work with Jalal Arabneydi Allerton Conference on Communication, Control, and Computing 28 Sep, 2016 Decentralized control with

856 views • 68 slides
Decentralized control Sigurd Skogestad Department of Chemical Engineering Norwegian University

Decentralized control Sigurd Skogestad Department of Chemical Engineering Norwegian University

Decentralized control Sigurd Skogestad Department of Chemical Engineering Norwegian University of Science and Tecnology (NTNU) Trondheim, Norway 1 Outline Multivariable plants RGA Decentralized control Pairing rules

693 views • 48 slides
1 General Access Control General Access Control Control of access to memory relatively easy:

1 General Access Control General Access Control Control of access to memory relatively easy:

Role of Access Control Before closing back doors we need to close front doors Access control: determines access to files & processes in OS Fall 2008 We will return to these themes throughout the course Fall 2008 CS

512 views • 6 slides
Online Planning for Decentralized Sto ci astic Control with Partial History Sharing Kaiqing Zhang,

Online Planning for Decentralized Sto ci astic Control with Partial History Sharing Kaiqing Zhang,

Online Planning for Decentralized Sto ci astic Control with Partial History Sharing Kaiqing Zhang, Erik Miehling, and Tamer Ba ar Coordinated Science Lab UIUC American Control Conference Philadelphia, PA July 11, 2019 Decentralized

367 views • 22 slides
SYSTEM DIAGRAMS Door Entry & Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry & Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry & Access Control ACCESS CONTROL ACCESS CONTROL Allowing residents / staff access to site areas Main entrance Vehicle entrances Pedestrian entrances Gate / Barrier entrance Bin / Bike / Refuge

336 views • 14 slides
Optimal decentralized control of coupled subsystems with control sharing Aditya Mahajan McGill

Optimal decentralized control of coupled subsystems with control sharing Aditya Mahajan McGill

Optimal decentralized control of coupled subsystems with control sharing Aditya Mahajan McGill University IEEE Conference on Decision and Control, 2011 A Mahajan (McGill) Control sharing info struc 1 Notation Random variables: ,

415 views • 24 slides
Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs Access Control Administration Accountability Chapter 2 Access Control Models Identification and Authentication Methods Lecturer:

708 views • 9 slides
Rational Functions and Optimal Decentralized Control Sanjay Lall Stanford University Control,

Rational Functions and Optimal Decentralized Control Sanjay Lall Stanford University Control,

Rational Functions and Optimal Decentralized Control Sanjay Lall Stanford University Control, Optimization, and Functional Analysis: Synergies and Perspectives Workshop in honor of Professor Bill Helton October 3, 2010 2 Outline

440 views • 40 slides
Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control Introduction to Computer Security Access control, contd Announcements intermission Stephen McCamant Capability-based access control University

380 views • 7 slides
D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient access control and authentication checks Insecure access control methods Private, internal functions and data are accessible through a

547 views • 11 slides
Panta Rhei More Quality of Traffic by centralized or decentralized Control ?! Heraclitus All

Panta Rhei More Quality of Traffic by centralized or decentralized Control ?! Heraclitus All

Panta Rhei More Quality of Traffic by centralized or decentralized Control ?! Heraclitus All things are in (540 480 B.C.) constant flux Prof. Dr.-Ing. Dr. h. c. E. Schnieder Overview Traffic System view Control arrangements and

805 views • 42 slides
Main Memory and DRAM Nima Honarmand Spring 2016 :: CSE 502 Computer Architecture SRAM vs.

Main Memory and DRAM Nima Honarmand Spring 2016 :: CSE 502 Computer Architecture SRAM vs.

Spring 2016 :: CSE 502 Computer Architecture Main Memory and DRAM Nima Honarmand Spring 2016 :: CSE 502 Computer Architecture SRAM vs. DRAM SRAM = Static RAM As long as power is present, data is retained DRAM = Dynamic RAM

497 views • 37 slides
Narrowing the Gap Between Serverless and its State with Storage Functions Tian Zhang, Dong Xie,

Narrowing the Gap Between Serverless and its State with Storage Functions Tian Zhang, Dong Xie,

Narrowing the Gap Between Serverless and its State with Storage Functions Tian Zhang, Dong Xie, Feifei Li, Ryan Stutsman Shredder A multi-tenant in-memory key-value store. Extensible with user-provided storage function. 5 M ops/s

3.61k views • 28 slides
under Boolean Constraints Nikolay Ryzhenko Steven Burns, Anton Sorokin, Mikhail Talalay Intel

under Boolean Constraints Nikolay Ryzhenko Steven Burns, Anton Sorokin, Mikhail Talalay Intel

Pin in Access-Driven Desig ign Rule Cle lean and DFM Optimized Routing of f Standard Cells under Boolean Constraints Nikolay Ryzhenko Steven Burns, Anton Sorokin, Mikhail Talalay Intel corporation, Hillsboro, OR, USA International

888 views • 23 slides
Evaluating Wireless LAN Access Methods in Presence of Transmission Errors IEEE INFOCOM 2006,

Evaluating Wireless LAN Access Methods in Presence of Transmission Errors IEEE INFOCOM 2006,

Evaluating Wireless LAN Access Methods in Presence of Transmission Errors IEEE INFOCOM 2006, Poster session Elena Lopez-Aguilera Martin Heusse Franck Rousseau Andrzej Duda Jordi Casademont LSR-IMAG Outline Introduction Principles

605 views • 18 slides
t ss r

t ss r

t ss r r sst tsst t s

532 views • 15 slides
Why Create CG-CAHPS 3.0? CAHPS surveys evolve to keep pace with changing environment of health

Why Create CG-CAHPS 3.0? CAHPS surveys evolve to keep pace with changing environment of health

Why Create CG-CAHPS 3.0? CAHPS surveys evolve to keep pace with changing environment of health care delivery Care coordination had long been a focus of CAHPS development and testing efforts Promote alignment of content and approach

449 views • 14 slides
Predictive Precompute with Recurrent Neural Networks Hanson Wang Zehui Wang Yuanyuan Ma MLSys

Predictive Precompute with Recurrent Neural Networks Hanson Wang Zehui Wang Yuanyuan Ma MLSys

Predictive Precompute with Recurrent Neural Networks Hanson Wang Zehui Wang Yuanyuan Ma MLSys 2020 De Defining Pre recompute On client: prefetching Improve the latency of user interactions in the Facebook app by precomputing data

757 views • 38 slides
Welcome to todays Webcast- AN OVERVIEW OF HEALTH RESOURCES AND SERVICES ADMINISTRATIONS

Welcome to todays Webcast- AN OVERVIEW OF HEALTH RESOURCES AND SERVICES ADMINISTRATIONS

Welcome to todays Webcast- AN OVERVIEW OF HEALTH RESOURCES AND SERVICES ADMINISTRATIONS (HRSAS) ELECTRONIC HANDBOOKS (EHBs) FOR RECIPIENTS. Thank you so much for joining us today! My name is Ruchi Mehta. Im a member of the DART

603 views • 44 slides

More recommend