Four Layers to Build a Four Layers to Build a Trusted Architecture - - PowerPoint PPT Presentation

four layers to build a four layers to build a trusted
SMART_READER_LITE
LIVE PREVIEW

Four Layers to Build a Four Layers to Build a Trusted Architecture - - PowerPoint PPT Presentation

Jan 26, 2024 192 likes •369 views

Trusted Architecture for Trusted Architecture for Securely Shared Services Securely Shared Services Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny De Cock K.U.Leuven ESAT/COSIC

slide-1
SLIDE 1

1

Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture

Danny De Cock K.U.Leuven ESAT/COSIC Danny.DeCock@esat.kuleuven.be Slides available from: http://godot.be/slides Info: tas3@ls.kuleuven.be

Trusted Architecture for Trusted Architecture for Securely Shared Services Securely Shared Services

slide-2
SLIDE 2

2

What is TAS What is TAS3 About? About?

TAS3 is an FP7 Integrated Project focusing

identity management

  • 4 years, starting 1 January 2008

Consolidating scattered research in

  • Security, Trust, Privacy, Digital identities, Authorization,

Authentication…

Integrating adaptive business-driven end2end

trust services based on personal information:

  • Semantic integration of Security, Trust, Privacy

components

Application-level end2end use & exchange of

personal data

…”a dynamic view on distributed data”…

slide-3
SLIDE 3

3

TAS TAS3 – 18 Partners 18 Partners

Coordinators:

  • K.U.Leuven & Synergetics

9 Research Institutes:

  • Universities of Eindhoven, Karlsruhe, Kent, Koblenz-

Landau, Leuven, Nottingham, Brussel, Zaragoza

  • Consiglio Nazionale delle Ricerche

9 Companies & Organizations:

  • Custodix, Eifel ASBL, Intalio Ltd, Kenteq, Medisoft,

Oracle, Risaris Ltd, SAP Research, Synergetics

slide-4
SLIDE 4

4

Generic TAS Generic TAS3 Architecture Architecture

Focuses on adaptable business-driven trust

services

Enforcement of data protection policies User-centric trust policy management Generic architecture instantiated into two

environments:

  • Employability use case
  • Personal Healthcare Records & Patient self-

management

slide-5
SLIDE 5

5 Identity Provider Authentication Tokens (smart card smart card, , Mobile phone, uid/pwd)

  • 1. User authenticates himself and
  • 2. User obtains corresponding credentials
  • 5. SP requests additional

user attributes

  • 3. User requests service
  • 7. User accesses service

4,6. Validates service request PDP PEP

Access control is based on Level of Assurance (LoA) Higher LoA ⇒ Higher authorisation

High-level Process Flow High-level Process Flow

User Service Provider Service Provider

slide-6
SLIDE 6

6 Sector M Sector M Sector K Sector K Sector L Sector L

L2

M11

11

M8 L5 L3 L4 K5 K4

M1

M3 M7 K2

M6

M5

K3

K1

M2

M10

10

M12

12

M9 L1

M4

Support for Cross-Sector Support for Cross-Sector Adaptable Business Processes! Adaptable Business Processes!

slide-7
SLIDE 7

7

TAS TAS3’s 4 Layers ’s 4 Layers

Layer 1 – Authentication

  • Federated identities

Layer 2 – Authorization

  • Federated attributes

Layer 3 – Compliance with Trustworthiness

profile

  • End-user controlled
  • Fine-grained role-based

Layer 4 – Compliance with Data-protection

regulation

  • Sticky policies associated with information elements
slide-8
SLIDE 8

8

TAS TAS3’s 4 Layers ’s 4 Layers

Brokers Federation Service Requester Service Provider Trust Policies Brokers Service Authorization Policies Brokers Identity Management Brokers Brokers Federation Service Requester Service Provider Trust Policies Brokers Service Authorization Policies Brokers Identity Management Brokers

slide-9
SLIDE 9

9

TAS TAS3’s 4 Layers ’s 4 Layers

Brokers Federation Service Requester Service Provider Service Authorization Guard Trust Guard Entry Point Services Engine Audit Guard Trust Policy Helpers Trust Guard Identity Management Helpers Identity Management Helpers Trust Policy Helpers Authenticity Guard Trust Policies Brokers Service Authorization Policies Brokers Authenticity Guard Service Authorization Policy Helpers Exit Point Audit Guard Identity Management Brokers (1) (2) (3) (4) Brokers Federation Service Requester Service Provider Service Authorization Guard Trust Guard Entry Point Services Engine Audit Guard Trust Policy Helpers Trust Guard Identity Management Helpers Identity Management Helpers Trust Policy Helpers Authenticity Guard Trust Policies Brokers Service Authorization Policies Brokers Authenticity Guard Service Authorization Policy Helpers Exit Point Audit Guard Identity Management Brokers (1) (2) (3) (4)

slide-10
SLIDE 10

10

TAS TAS3’s 4 Layers ’s 4 Layers

Brokers Federation Service Requester Service Provider Service Authorization Guard Trust Guard Entry Point Services Engine Audit Guard Trust Policy Helpers Trust Guard Identity Management Helpers Identity Management Helpers Trust Policy Helpers Authenticity Guard Trust Policies Brokers Service Authorization Policies Brokers Authenticity Guard Service Authorization Policy Helpers Exit Point Audit Guard Identity Management Brokers (1) (2) (3) (4) Brokers Federation Service Requester Service Provider Service Authorization Guard Trust Guard Entry Point Services Engine Audit Guard Trust Policy Helpers Trust Guard Identity Management Helpers Identity Management Helpers Trust Policy Helpers Authenticity Guard Trust Policies Brokers Service Authorization Policies Brokers Authenticity Guard Service Authorization Policy Helpers Exit Point Audit Guard Identity Management Brokers (1) (2) (3) (4)

slide-11
SLIDE 11

11

Layer 1 – Layer 1 – Authentication & Authentication & Level of Assurance (LoA) Level of Assurance (LoA)

Federated identity management model

  • E.g., Shibboleth, Liberty Alliance, CardSpace…

LoA 4+ (qualified plus biometric) Setting access policies LoA 4 (qualified cert with smart card EAL4+) Sensitive medical records (e.g. HIV), Consultant notes containing opinions. Ability to Break the Glass. Bank to bank transfers LoA 3 (2-factor authentication, non-qualified cert, EAL4 smart card) Patient confidential records (non- sensitive) LoA 2 (one time password) Some Internet banking applications System administration LoA 1 (uid/password, Verisign Class 1 cert) Retrieve degree certificate. Completing public service employment application LoA 0 (no authentication) Public data

slide-12
SLIDE 12

12

Layer 2 – Layer 2 – Authorization Authorization

Service Provider Authorization Domain Policy Enforcement Point Policy Decision Point Policy Access Point Policy Information Point Execute Service Y Retrieve Relevant Policies Retrieve Policy Validation Information Check Policy Compliance Permit / Deny Service Request OK Execute Service Y

1 2 3 4 5 6

Joe Service Provider Authorization Domain Policy Enforcement Point Policy Decision Point Policy Access Point Policy Information Point Execute Service Y Retrieve Relevant Policies Retrieve Policy Validation Information Check Policy Compliance Permit / Deny Service Request OK Execute Service Y

1 2 3 4 5 6

Joe

slide-13
SLIDE 13

13

Level 3 – Level 3 – Trustworthiness rustworthiness

Service Providers Trust Domain Trust Policies Helpers

Joe

Which SPs would I Trust? Joe ‘s Trust Guard Analyze Trustworthiness of SPs A-D

2 3 5

A

  • A & D

6

B C D Fetch Joe’s Trust Policies

1

Trust Policies Broker Read Trust Newspaper

4

Trust Information Collector

  • Trustworthiness of SPs A-D

Trust Decision Helper Service Providers Trust Domain Trust Policies Helpers

Joe

Which SPs would I Trust? Joe ‘s Trust Guard Analyze Trustworthiness of SPs A-D

2 3 5

A

  • A & D

6

B C D Fetch Joe’s Trust Policies

1

Trust Policies Broker Read Trust Newspaper

4

Trust Information Collector

  • Trustworthiness of SPs A-D

Trust Decision Helper

slide-14
SLIDE 14

14

Level 4 – Level 4 – Compliance with Data

  • mpliance with Data

Protection Regulation Protection Regulation

Services Engine Data Protection Domain Data Protection Policy Guard Policy Decision Point Policy Access Point Policy Information Point Execute Action Z Retrieve Relevant Policies Retrieve Policy Validation Information Check Policy Compliance Permit / Deny Action OK Execute Action Z

1 2 3 4 5 6

Joe

Authentic Data Repository

Services Engine Data Protection Domain Data Protection Policy Guard Policy Decision Point Policy Access Point Policy Information Point Execute Action Z Retrieve Relevant Policies Retrieve Policy Validation Information Check Policy Compliance Permit / Deny Action OK Execute Action Z

1 2 3 4 5 6

Joe

Authentic Data Repository

slide-15
SLIDE 15

15

Break-the-Glass service

  • Only activated after strong

authentication

  • Triggers advanced & fine

grained monitoring

  • Audit trail provides hard

evidence

Policy Decision Point Patient Record

  • 1. (6). Access patient record
  • 2. Denied 8. Granted
  • 3. Break the Glass
  • 4. Enforce Data

Protection Policy

  • 5. Granted

Audit Trail

  • 7. Retrieve Record

Policy Enforcement Point Obligations Service Data Protection Policy Guard

TAS TAS3 – Break the Glass Service reak the Glass Service

slide-16
SLIDE 16

16

TAS TAS3 Phased Approach Phased Approach

12 M 24 M 36 M 48 M 18 M 30 M 42 M

Final Versions AdvancedVersions First Versions

  • f all TAS³

6 M

Phase I Phase II Phase III

Test bed phaseI Development II Test bed phaseII Test bed phaseIII Development I Requirements Analysis System Design / Architect . Def. Update of Requirements Update of System Design / Architecture Definition Baseline Setup Test Bed Setup Final Docum .

increasing functionality as well as deepness

  • f integration

Development III

  • f all TAS³ services
  • f all TAS³ services

services services services services services services

slide-17
SLIDE 17

17

Questions? Questions?

Email:

  • Danny.DeCock@esat.kuleuven.be
  • tas3@ls.kuleuven.be

Slides:

  • http://godot.be/slides