delegation of obligations
play

Delegation of Obligations Andreas Schaad & Jonathan Moffett - PowerPoint PPT Presentation

Aug 28, 2022 •28 likes •448 views

Delegation of Obligations Andreas Schaad & Jonathan Moffett Department of Computer Science University of York, UK 1 Outline of Talk Introduction and Motivation The Alloy Specification Language Organisational Obligations General

  1. Delegation of Obligations Andreas Schaad & Jonathan Moffett Department of Computer Science University of York, UK 1

  2. Outline of Talk Introduction and Motivation The Alloy Specification Language Organisational Obligations General Delegation Properties Delegation of Policy Objects Obligations require Authority Organisational Control through Review Discussion of Related Work 2

  3. Introduction & Motivation (1) Policies express the control requirements of an organisation Obligations are one specific type of policy, regulating which activities have to be performed by whom and when In order to discharge his obligations a principal also needs sufficient authority expressed in authorisation policies 3

  4. Introduction & Motivation (2) PolicyObject Authorisation Obligation 4

  5. Introduction & Motivation (3) Organisational activities can be categorised according to criteria such as similarity, regularity, repeatability, etc. The higher this degree the more can these be regulated by policies The lower this degree the more individual decisions have to be made 5

  6. Introduction & Motivation (4) The aim is to establish an organisation: � Where policies regulate the core activities � Leaving sufficient room for individual decisions and exception handling One specific mechanism to support this is the delegation of obligation policies 6

  7. The Alloy Specification Language Alloy is a general lightweight modeling language similar to Z and OCL Tries to bridge the gap between executable and declarative models Key features: � Supports object-oriented specification � Compact syntax and complete semantics � Precise specification (Syntax/Type checks) � (Graphical) Analysis facilities based on off-the- shelf satisfiability (SAT) solvers � Supports incremental specification process 7

  8. Organisational Obligations The source of Obligations: � An organisation ’ s set of top-level goals, driven by general economic, legal and moral goals � Identical to the source of authority: � both are created by stakeholders and � refined down the organisational hierarchy Why do we delegate obligations? � Lack of Resources � Competence Organisational factors � Specialisation Policy-based factors � Organisational policies 8

  9. Delegating Policy Objects (1) Define most general delegation function: � Covers both authorisations and obligations � Properties: � Delegating subject holds object before delegation � Receiving subject holds object after delegation This will allow for several alternative models to be generated, specifically: � The delegating subject keeps policy object � The delegating subject loses policy object 9

  10. Delegating subject keeps the policy object 10

  11. Delegating subject loses the policy object 11

  12. Delegating Policy Objects (2) A general delegation model is not sufficient Different constraints apply to the delegation of authorisations and obligations Authorisation Obligation Grantor Must hold before delegation Must hold before delegation Can hold after delegation Must not hold after delegation Grantee Can hold before delegation Must not hold before delegation Must hold after delegation Must hold after delegation Multiple Yes No 12

  13. Obligations require Authority To perform the actions required in an obligation a subject needs sufficient authority Delegation also needs to support this: � No principal should be delegated an obligation he can not discharge due to a lack of authority � No principal should be delegated authority which is not required Possible invariants: � Authorisation-centric � Obligation-centric � Well-balanced 13

  14. Review Policies (1) Continual creation, delegation and discharge of obligations causes unstable situations Unstable means uncertainty about status of obligation � Discharge � Effect of discharge Accountability is needed Review as a policy to ensure that delegated obligations are discharged Delegating subject remains accountable 14

  15. Review Policies (2) Review is a post-hoc control for delegated obligations A review policy is created as the result of a delegation operation for an obligation It is a specific type of obligation This is in line with the object model of Ponder 15

  16. Extended Object Model PolicyObject Authorisation Obligation Review 16

  17. Review Policies (3) Relationship between actions in obligation and review policies is application dependent Review actions must correspond to the information generated by executing the obligation actions This must have been specified by the application administrator 17

  18. Expressing a Review in Alloy (1) Extending the Obligation signature with two new relations: � Indicating what action is reviewed by which review action � Expressing the target of a review policy Extending delegation function: � When an obligation is delegated the delegating subject loses its assignment to the obligation � A review policy (with the delegated obligation as its target) is created and assigned to the delegating subject 18

  19. Expressing a Review in Alloy (2) 19

  20. Summary of Review A review is an obligation on an obligation Required review actions provide application specific information how to perform review Creation of a review needs to be supported by the creation of matching authorisations allowing the reviewer to perform the demanded actions An obligation cannot be simply delegated: � The relevant review actions must have been identified earlier 20

  21. Review Example: Before State delegates() 21

  22. Review Example: After State 22

  23. Delegation in Ponder (1) Ponder is a declarative, object-oriented language for the specification of distributed system policies It provides authorisation (+/-), obligation, refrain and delegation policies Delegation policy specifies authority to delegate, i.e. to execute a delegate() method 23

  24. Delegation in Ponder (2) Ponder supports the delegation of authorisation policies Ponder does not support the obligation to delegate authorisation policies Ponder does not support the delegation of obligation policies 24

  25. Delegation in Ponder (3) Example: “ A delegates print (action) report (object) to B . ” Requires the following policies: I. Obligation policy to perform delegation of obligation II. An authorisation policy for A to create obligation for B III. P0: oblig A , report , print IV. An obligation policy to perform delegation of authority V. P1: auth+ A , report , print VI. P2: deleg P1, A , B , report , print 25

  26. Summary & Conclusion Suitability of Alloy for modelling and analysing delegation of policies Obligations and Authorisations should be balanced A distinction needs to be made when delegating authorisations and obligations The delegation of obligation policies must cause review policies to be created Ponder does not explicitly support authority to delegate obligations or the obligation to delegate authority or obligations � Can and should this be integrated? 26

  27. Future Work Integration into a control principle framework: � Relationships between Separation of Duty properties and Delegation controls � Delegation of review controls � Supervision controls � Revocation of delegated controls 27

  28. URLs SACMAT presentation: http://www-users.cs.york.ac.uk/~andreas/SACMAT02/lightweight.ppt Policy presentation: http://www-users.cs.york.ac.uk/~andreas/Policy02/delegation.ppt 28

  29. Example: Before State delegates() Jon Andrew obliged to report 4 th q. Sales requires access report access sales generator () database () 29

  30. Example: After State Jon Andrew obliged to obliged to review target report 4 th report 4th q. Sales q. sales requires requires access report access sales check logfile () view report () generator () database () reviewed by 30

  31. The Alloy Specification Language Based on first-order logic, similar to Z and parts of the Object Constraint Language (OCL). The paper uses “ old ” Alloy, here I use the “ new ” version. Structured, modular specification using signatures , functions , facts and assertions The most important change is the absence of a built in notion of state (pre/post) Behaviour can be analysed over arbitrary sequences of states by treating a state as an object ( Objectification of State ) Example specification: sig PolicyObject{} sig Subject{ holds: set PolicyObject} fact { all s : Subject | #s.holds < 3} fun somestate(){} 31

  32. Objectification of State This requires: � Definition of a state signature Subject Policy Object sig Subject{ A Pol 1 holds: set PolicyObject B Pol 2 } State Subject Policy Object sig State{ 1 A Pol 1 holds: Subject -> PolicyObject 2 A Pol 1 } 2 B Pol 1 � Definition of a state sequence static sig State_Sequence { disj first, last : State, next: (State - last) !->! (State - first) } ... fact {all s : State | s in s.first.*next} ... 32

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DELEGATION readysetpresent.com Delegation Program Objectives ( 1 of 3 ) Understand the

DELEGATION readysetpresent.com Delegation Program Objectives ( 1 of 3 ) Understand the

DELEGATION readysetpresent.com Delegation Program Objectives ( 1 of 3 ) Understand the benefits of delegation. Define delegation, and identify its benefits and uses. Explain the basic methods involved in successful delegation. Explore the

1.79k views • 149 slides
Delegation in Role-Based Access Control Controlling delegation Enforcing transfer delegation

Delegation in Role-Based Access Control Controlling delegation Enforcing transfer delegation

Introduction Delegation operations in hierarchical RBAC Delegation in Role-Based Access Control Controlling delegation Enforcing transfer delegation Jason Crampton Hemanth Khambhammettu semantics Conclusion Information Security

959 views • 57 slides
Obligations and Disputations Positio Burleys thesis An Obligational Sophism The Responsio

Obligations and Disputations Positio Burleys thesis An Obligational Sophism The Responsio

Obligations and Disputations Stephen Read Obligations Practice-based Philosophy of Logic and Disputations Walter Burley Obligational Mathematics, Amsterdam 31 Aug - 2 Sep 2009 Disputations The Responsio Antiqua Obligations and

1.62k views • 121 slides
Employment Laws and the New Normal: New Workplace Obligations, and a Look at Prior Obligations

Employment Laws and the New Normal: New Workplace Obligations, and a Look at Prior Obligations

JUNE 11, 2020 Employment Laws and the New Normal: New Workplace Obligations, and a Look at Prior Obligations Emily Erdman, Senior Employment Counsel, Cruise Rebecca Stephens, Senior Associate, Farella Braun + Martel Holly Sutton, Partner,

615 views • 45 slides
Insurers' Reporting Obligations Under Insurers Reporting Obligations Under Medicare Medicaid SCHIP

Insurers' Reporting Obligations Under Insurers Reporting Obligations Under Medicare Medicaid SCHIP

Presenting a live 90 minute webinar with interactive Q&amp;A Insurers' Reporting Obligations Under Insurers Reporting Obligations Under Medicare Medicaid SCHIP Extension Act Complying with MMSEA Requirements for Non Group Health Plan Payers

638 views • 43 slides
Delegation: Delegation: Responsibilities of the Responsibilities of the Nurse Nurse Joyce

Delegation: Delegation: Responsibilities of the Responsibilities of the Nurse Nurse Joyce

Delegation: Delegation: Responsibilities of the Responsibilities of the Nurse Nurse Joyce Winstead, MSN, RN , FRE Mission Statement Mission Statement The mission of the North Carolina Board of Nursing is to protect the public by

388 views • 12 slides
Nexus Reviews: Uncovering State Sales or Income Tax Obligations Sales or Income Tax Obligations

Nexus Reviews: Uncovering State Sales or Income Tax Obligations Sales or Income Tax Obligations

Presenting a live 110 minute teleconference with interactive Q&amp;A Nexus Reviews: Uncovering State Sales or Income Tax Obligations Sales or Income Tax Obligations Designing an Effective Internal Process to Identify Potential Tax Exposures

1.06k views • 61 slides
Nurse Delegation Updates May 12 th 2020 Doris Barret RN Marlo Moss RN CONTRACT CHANGE DSHS MUST

Nurse Delegation Updates May 12 th 2020 Doris Barret RN Marlo Moss RN CONTRACT CHANGE DSHS MUST

Nurse Delegation Updates May 12 th 2020 Doris Barret RN Marlo Moss RN CONTRACT CHANGE DSHS MUST BE LISTED AS AN ADDITIONAL INSURED ON ALL NURSE DELEGATION CONTRACTS EMERGENCY RULES NURSE DELEGATION Nurse Delegation Emergency Rules 1. Basic

309 views • 6 slides
Normative Multi Agent Systems Sanction based obligations in a qualitative decision theory

Normative Multi Agent Systems Sanction based obligations in a qualitative decision theory

Normative Multi Agent Systems Sanction based obligations in a qualitative decision theory Guido Boella Universit di Torino Leendert van der Torre Vrije Universiteit Obligations in MAS Obligations play an important role in the

469 views • 17 slides
Delegation procedure: lack of transparency Delegation procedure: lack of transparency or European

Delegation procedure: lack of transparency Delegation procedure: lack of transparency or European

Brussels, 26th May 2015 Delegation procedure: lack of transparency Delegation procedure: lack of transparency or European democracy at risk? or European democracy at risk? Daniel Guguen Delineation between delegated and implementing acts?

61 views • 5 slides
DNS Session 4: Delegation and Reverse DNS Joe Abley AfNOG 2012, Serekunda,

DNS Session 4: Delegation and Reverse DNS Joe Abley AfNOG 2012, Serekunda,

DNS Session 4: Delegation and Reverse DNS Joe Abley AfNOG 2012, Serekunda, The Gambia Delegation How do you delegate a subdomain? In principle straightforward: just insert NS records for the sub-domain, pointing

456 views • 29 slides
Memory Delegation Kai-Min Chung Feng-Hao Liu . Cornell University

Memory Delegation Kai-Min Chung Feng-Hao Liu . Cornell University

Memory Delegation Kai-Min Chung Feng-Hao Liu . Cornell University Brown University . Yael Kalai Ran Raz. Microsoft Research Weizmann Inst. of Science . 1 Delegation

775 views • 22 slides
Delegation with Endogenous States Dino Gerardi Lucas Maestri Ignacio Monzn (Collegio Carlo

Delegation with Endogenous States Dino Gerardi Lucas Maestri Ignacio Monzn (Collegio Carlo

Delegation with Endogenous States Dino Gerardi Lucas Maestri Ignacio Monzn (Collegio Carlo Alberto) (FGV EPGE) (Collegio Carlo Alberto) University of Bonn - October 23rd, 2019 Introduction Delegation Delegation problems are

977 views • 39 slides
Developer Obligations An Introduction To Our Practices &amp; Procedures Adam Sime, Senior

Developer Obligations An Introduction To Our Practices &amp; Procedures Adam Sime, Senior

Developer Obligations An Introduction To Our Practices &amp; Procedures Adam Sime, Senior Developer Obligations Officer The Developer Obligations Team Paul Macari Principal Officer Janis Watt Adam Sime Vacant Katey McKay Gail Stewart

638 views • 26 slides
A solution for Access Delegation based on SAML Ciro Formisano Ermanno Travaglino Isabel

A solution for Access Delegation based on SAML Ciro Formisano Ermanno Travaglino Isabel

A solution for Access Delegation based on SAML Ciro Formisano Ermanno Travaglino Isabel Matranga Access Delegation in distributed environments SAML 2.0 Condition to Delegate Implementation Future plans Access Delegation in distributed

666 views • 18 slides
GENERAL CONFERENCE DELEGATION REPORT Your Delegation CHAIR: Elisa Gatz VICE CHAIR: Alka

GENERAL CONFERENCE DELEGATION REPORT Your Delegation CHAIR: Elisa Gatz VICE CHAIR: Alka

GENERAL CONFERENCE DELEGATION REPORT Your Delegation CHAIR: Elisa Gatz VICE CHAIR: Alka Lyall LAY DELEGATES: Lonnie Chafin, Irma Clark, Elisa Gatz CLERGY DELEGATES: Alka Lyall, Gregory Gross, Chris Pierson ALTERNATES: LAY:

372 views • 8 slides
Existence of Simple Tours through Imprecise Points Maarten L offler Center for Geometry,

Existence of Simple Tours through Imprecise Points Maarten L offler Center for Geometry,

Existence of Simple Tours through Imprecise Points Maarten L offler Center for Geometry, Imaging and Virtual Environments Utrecht University 1-1 Overview Imprecise points Imprecise simple polygons NP-hardness proof Planar

845 views • 42 slides
Handling errors 2.1 Main concepts to be covered Defensive programming. Anticipating that

Handling errors 2.1 Main concepts to be covered Defensive programming. Anticipating that

Objects First With Java A Practical Introduction Using BlueJ Handling errors 2.1 Main concepts to be covered Defensive programming. Anticipating that things could go wrong. Exception handling and throwing. Error reporting.

768 views • 49 slides
Artificial Intelligence Logical Agents and Propositional Logic (part 2) CS 444 Spring 2020

Artificial Intelligence Logical Agents and Propositional Logic (part 2) CS 444 Spring 2020

Artificial Intelligence Logical Agents and Propositional Logic (part 2) CS 444 Spring 2020 Dr. Kevin Molloy Department of Computer Science James Madison University Proof Methods Proof methods divide into (roughly) two kinds: Model

598 views • 24 slides
XPATH and XQUERY Two query language to search for features in XML documents XML Query

XPATH and XQUERY Two query language to search for features in XML documents XML Query

XPATH and XQUERY Two query language to search for features in XML documents XML Query Languages XPATH XQUERY XPATH XQUERY 1 2 XPATH XQUERY XPATH is a language for describing XQUERY is a full query language for paths in

418 views • 5 slides
XACML eXtensible Access Control Markup Language Dennis Kafura Derived from materials authored

XACML eXtensible Access Control Markup Language Dennis Kafura Derived from materials authored

XACML eXtensible Access Control Markup Language Dennis Kafura Derived from materials authored by: Hal Lockhart Entegrity Solutions and OASIS XACML Draft Standard CS 6204, Spring 2005 1 2 Dataflow Model From: OASIS XACML Specification

929 views • 16 slides
ALL THE DIFFERENT WAYS TO HOST DRUPAL ON AWS Brian Thompson // @rvtraveller26 OBLIGATORY

ALL THE DIFFERENT WAYS TO HOST DRUPAL ON AWS Brian Thompson // @rvtraveller26 OBLIGATORY

ALL THE DIFFERENT WAYS TO HOST DRUPAL ON AWS Brian Thompson // @rvtraveller26 OBLIGATORY INTRODUCTION Director of Web Engineering @ Mindgrub Working with web tech since 2006 AWS Certified Solutions Architect @rvtraveller26

835 views • 48 slides
General Assembly Meeting Overall update of Project Status Roy Pennings, Project Coordinator

General Assembly Meeting Overall update of Project Status Roy Pennings, Project Coordinator

General Assembly Meeting Overall update of Project Status Roy Pennings, Project Coordinator Raquel Costa, Project Manager BrightnESS is funded by the European Union Framework Programme for Research and Innovation Horizon 2020, under grant

430 views • 16 slides
2400-FIM1HE, 2018/2019 Instructor: Micha Brzeziski mbrzezinski@wne.uw.edu.pl Office

2400-FIM1HE, 2018/2019 Instructor: Micha Brzeziski mbrzezinski@wne.uw.edu.pl Office

History of economics 2400-FIM1HE, 2018/2019 Instructor: Micha Brzeziski mbrzezinski@wne.uw.edu.pl Office hours: by appointment Course objectives 1 ) Better understanding of modern economics through studying the historical evolution

607 views • 22 slides

More recommend