institute for cyber security multi tenant access control
play

Institute for Cyber Security Multi-Tenant Access Control for Cloud - PowerPoint PPT Presentation

Nov 06, 2023 •29 likes •539 views

Institute for Cyber Security Multi-Tenant Access Control for Cloud Services PhD Dissertation Defense Bo Tang Committee Members: Dr. Ravi Sandhu, Chair Dr. Kay Robbins Dr. Gregory White Dr. Weining Zhang Dr. Jaehong Park 07/31/2014

  1. Institute for Cyber Security Multi-Tenant Access Control for Cloud Services PhD Dissertation Defense Bo Tang Committee Members: Dr. Ravi Sandhu, Chair Dr. Kay Robbins Dr. Gregory White Dr. Weining Zhang Dr. Jaehong Park 07/31/2014 World-Leading Research with Real-World Impact! 1

  2. The Cloud Anytime Anywhere World-Leading Research with Real-World Impact! 2

  3. Really? But where is my data? World-Leading Research with Real-World Impact! 3

  4. Really? But where is my data? Multi-Tenancy World-Leading Research with Real-World Impact! 4

  5. Cloud & Multi-Tenancy  Shared infrastructure  [$$$] -----> [$|$|$]  Multi-Tenancy  Isolated workspace for customers  Virtually temporarily dedicated resources  Problem:  How to collaborate across tenants? o Even if across my own tenants? World-Leading Research with Real-World Impact! 5

  6. Define Tenant  All deployment models are multi-tenant  E.g.: public cloud, private cloud and community cloud.  From Cloud Service Provider (CSP) perspective  A billing customer  Manages its own users and cloud resources  The owner of a tenant can be  An individual, an organization or a department in an organization, etc. World-Leading Research with Real-World Impact! 6

  7. Characteristics of Cloud  Centralized Facility  Resource pooling  Self-Service Agility  Each tenant manages its own authorization  Tenants, users and resources are temporary  Homogeneity  Identical or similar architecture and system settings  Out-Sourcing Trust  Built-in collaboration spirit World-Leading Research with Real-World Impact! 7

  8. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 8

  9. Motivation World-Leading Research with Real-World Impact! 9

  10. Problem & Thesis  Problem Statement The fact that contem porary cloud services are intrinsically not designed to cultivate collaboration betw een tenants lim its the developm ent of the cloud. Fine-grained access control m odels in traditional distributed environm ents are not directly applicable.  Thesis Statement The problem of m ulti-tenant access control in the cloud can be partially solved by integrating various types of unidirectional and unilateral trust relations betw een tenants into role-based and attribute-based access control m odels. World-Leading Research with Real-World Impact! 10

  11. Chapter 2: Related Work  Centralized Approaches  RBAC extensions: ROBAC, GB-RBAC  Multi-domain role mapping  Decentralized Approaches  RT, dRBAC: credential-based delegation  Delegation models: PBDM, RBDM  Attribute-Based Approaches  NIST ABAC: application framework for collaboration  ABAC models: ABURA, RBAC-A, ABAC α , ABAC β  Enforcement and Implementation  Grid: PERMIS, VOMS, CAS  Web: ABAC for SOA systems  Cloud: centralized authorization service with trust models World-Leading Research with Real-World Impact! 11

  12. Scope and Assumptions  Standardized APIs  Cross-tenant accesses are functionally available  Properly authenticated users  One Cloud Service  Of a kind: IaaS, PaaS or SaaS.  Two-Tenant Trust (rather than community trust)  Unidirectional Trust Relations  “I trust you” does not mean “you trust me”  Unilateral Trust Relations (trustor trusts trustee)  Trustee cannot control the trust relation World-Leading Research with Real-World Impact! 12

  13. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 13

  14. MTAS Formalizing Calero et al work World-Leading Research with Real-World Impact! 14

  15. Tenant Trust  Tenant Trust ( TT ) relation is not partial order  Reflexive: A ⊴ A  But not transitive: A ⊴ B ∧ B ⊴ C ⇏ A ⊴ C  Neither symmetric: A ⊴ B ⇏ B ⊴ A  Nor anti-symmetric: A ⊴ B ∧ B ⊴ A ⇏ A ≡ B World-Leading Research with Real-World Impact! 15

  16. Administrative MTAS  Tenants are managed by CSP t2 β -trusts t1  on self-service basis Tenant t2 Tenant t1  Each tenant administer: UA u2 u1  Trust relations with other tenants RH R1 R2  Entity components: PA P2 P1 o users, roles and permissions  UA, PA and RH assignments o Cross-tenant assignments are issued by the trustee (t1)  UA: trustor (t2) users to trustee (t1) roles  PA: trustee (t1) permissions to trustor (t2) roles  RH: trustee (t1) roles junior to trustor (t2) roles World-Leading Research with Real-World Impact! 16

  17. Fine-grained Trust Extensions  Problem of MTAS trust model  Over exposure of trustor’s authorization information  Trustor-Centric Public Role (TCPR)  Expose only the trustor’s public roles o E.g.: OS expose only the dev.OS role to all the trustees  Relation-Centric Public Role (RCPR)  Expose public roles specific for each trust relation o E.g.: OS expose only the dev.OS role to E when OS trusts E World-Leading Research with Real-World Impact! 17

  18. Trust Types Between Tenants  Intuitive Trust (Type- α)  Delegations: RT, PBDM, etc.  Trustor gives access to trustee o Trustor has full control  MTAS trust (Type- β)  Trustee gives access to trustor  Other Types?  Trustee takes access from trustor (Type- γ )  Trustor takes access from trustee (Type- δ )  And more? World-Leading Research with Real-World Impact! 18

  19. Example of Cross-Tenant Trust [$]: grant the access OS E Dev.E Charlie  Example:  Type- α : E trusts OS so that E can say [$].  Type- β : OS trusts E so that E can say [$].  Type- γ : E trusts OS so that OS can say [$].  Type- δ : OS trusts E so that OS can say [$]. World-Leading Research with Real-World Impact! 19

  20. Example of Cross-Tenant Trust [$]: grant the access OS E Dev.E Charlie  Example:  Type- α : E trusts OS so that E can say [$].  Type- β : OS trusts E so that E can say [$].  Type- γ : E trusts OS so that OS can say [$].  Type- δ : OS trusts E so that OS can say [$]. World-Leading Research with Real-World Impact! 20

  21. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 21

  22. MT-RBAC Issuers: Real-world Owners e.g. E and OS Type- γ Trust World-Leading Research with Real-World Impact! 22

  23. Administrative MT-RBAC t1 γ -trusts t2  Issuers administer tenants Tenant t2 Tenant t1  Each issuer administer: UA u2 u1  Trust relations from owned tenants RH  Entity components: R1 R2 o tenants, users, roles and permissions P2 P1  UA, PA and RH assignments o Cross-tenant assignments are issued by the trustee’s (t2’s) issuer  UA: trustee (t2) users to trustor (t1) roles  RH: trustor (t1) roles junior to trustee (t2) roles o Cross-tenant PA assignments are intentionally banned  PA: trustee (t2) assign trustor (t1) permissions to trustee (t2) roles  Problem: » Trustor cannot revoke PA other than remove the trust World-Leading Research with Real-World Impact! 23

  24. Finer-grained Trust Models  MT-RBAC0: Base Model  Trustor exposes all the roles to trustees  MT-RBAC1: Trustee-Independent Public Role (TIPR)  Expose only the trustor’s public roles o E.g.: E expose only the dev.E role to all the trustees  MT-RBAC2: Trustee-Dependent Public Role (TDPR)  Expose public roles specific for each trustee o E.g.: E expose only the dev.E role to OS when E trusts OS World-Leading Research with Real-World Impact! 24

  25. Constraints  Cyclic Role Hierarchy: lead to implicit role upgrades in the role hierarchy Tenant 1 Tenant 2  SoD: conflict of duties M1 M2  Tenant-level o E.g.: SOX compliant companies may not hire the same company for both consulting and auditing. E1 E2  Role-level o Checks across tenants  Chinese Wall: conflict of interests among tenants o E.g.: never share resources with competitors. World-Leading Research with Real-World Impact! 25

  26. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 26

  27. CTTM Trust Types  Four potential trust types:  Type- α: trustor can give access to trustee. (e.g. RT)  Type- β: trustee can give access to trustor. (e.g. MTAS)  Type- γ: trustee can take access from trustor. (e.g. MT- RBAC)  Type- δ : trustor can take access from trustee. o No meaningful use case, since the trustor holds all the control of the cross-tenant assignments of the trustee’s permissions. World-Leading Research with Real-World Impact! 27

  28. Formalized CTTM Model World-Leading Research with Real-World Impact! 28

  29. Role-Based CTTM World-Leading Research with Real-World Impact! 29

  30. Multi-Tenant Access Control (MTAC) Top-Down Approach Chapter 3 Chapter 4 Chapter 5 World-Leading Research with Real-World Impact! 30

  31. MT-ABAC uid: u2 γ -trustee: {t2} utid: t2 tid: t1 sowner: u2 oid: o1 sid: s2 otid: t1 World-Leading Research with Real-World Impact! 31

  32. Multi-Tenant Access Example World-Leading Research with Real-World Impact! 32

  33. Real-World Clouds  AWS  Collaboration between accounts o E.g.: E trusts OS  Unilateral trust relation (Type- α) o The trustor needs to map the roles  OpenStack  User-level delegation (trust) can be established  Cross-domain assignments bear no control World-Leading Research with Real-World Impact! 33

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman

Institute for Cyber Security A Framework for Risk-Aware Role Based Access Control Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October 16, 2013 SafeConfig 2013: IEEE 6th

227 views • 18 slides
Categorizing container escape methodologies in multi-tenant environments Rik Janssen

Categorizing container escape methodologies in multi-tenant environments Rik Janssen

Categorizing container escape methodologies in multi-tenant environments Rik Janssen rik.janssen@os3.nl Research Project 1 MSc Security and Network Engineering (SNE/OS3) University of Amsterdam Supervisor: Max Hovens KPMG Cyber Security

774 views • 17 slides
Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute

Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute

Institute for Cyber Security Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute for Cyber Security University of Texas at San Antonio World-leading research with real-world impact! 1 Presentation

451 views • 44 slides
Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper)

Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper)

Institute for Cyber Security Role and Attribute Based Collaborative Administration of Intra-Tenant Cloud IaaS (Invited Paper) Xin Jin, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October

494 views • 23 slides
on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown

on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown

The impact of Covid-19 on Cyber Security Presentation by Control Risks James Owen Partner, Cyber, EMEA William Brown Director, Cyber, Middle East 1 Control Risks Cyber attacks exploiting the pandemic Share of attack vector of organized

447 views • 10 slides
Access Control MAC Summary ITS335: IT Security Sirindhorn International Institute of Technology

Access Control MAC Summary ITS335: IT Security Sirindhorn International Institute of Technology

ITS335 Access Control Concepts DAC RBAC Access Control MAC Summary ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 10 October 2013 its335y13s2l04,

400 views • 26 slides
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control Fundamentals Objectives Define Access Controls List the four Access Control Models Describe logical Access Control Methods Explain the

128 views • 8 slides
Security of Cyber-Physical Systems Henrik Sandberg hsan@kth.se Department of Automatic Control,

Security of Cyber-Physical Systems Henrik Sandberg hsan@kth.se Department of Automatic Control,

KTH ROYAL INSTITUTE OF TECHNOLOGY Security of Cyber-Physical Systems Henrik Sandberg hsan@kth.se Department of Automatic Control, KTH, Stockholm, Sweden 7th oCPS PhD School on Cyber-Physical Systems, Lucca, Italy Outline Background and

881 views • 63 slides
CS 4803 Computer and Network Security Alexandra (Sasha) Boldyreva OS security. Access control.

CS 4803 Computer and Network Security Alexandra (Sasha) Boldyreva OS security. Access control.

Access control Access control determines access to files and processes in OS Old area of security, but not well understood CS 4803 Computer and Network Security Alexandra (Sasha) Boldyreva OS security. Access control. 1 2 System

889 views • 5 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
Cyber Security Research on Industrial Control Systems SM Yiu Department of Computer Science The

Cyber Security Research on Industrial Control Systems SM Yiu Department of Computer Science The

Cyber Security Research on Industrial Control Systems SM Yiu Department of Computer Science The University of Hong Kong Cyber-security for industry 4.0 conference 23 June, 2017 1 Will the followings only be seen in movies? Movies: Cyber

510 views • 28 slides
Institute for Cyber Security A Lattice Interpretation of Group-Centric Collaboration with

Institute for Cyber Security A Lattice Interpretation of Group-Centric Collaboration with

Institute for Cyber Security A Lattice Interpretation of Group-Centric Collaboration with Expedient Insiders Khalid Zaman Bijon, Tahmina Ahmed, Ravi Sandhu, Ram Krishnan Institute for Cyber Security University of Texas at San Antonio 1 1

336 views • 16 slides
Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud

Institute for Cyber Security A Formal Model for Isolation Management in Cloud Infrastructure-as-a-Service Khalid Zaman Bijon, Ram Krishnan and Ravi Sandhu Institute for Cyber Security University of Texas at San Antonio October 15-17, 2014 NSS

146 views • 13 slides
Access Control Enforcement Access Control Enforcement for Conversation- -based based for

Access Control Enforcement Access Control Enforcement for Conversation- -based based for

The Cyber Center The Cyber Center Access Control Enforcement Access Control Enforcement for Conversation- -based based for Conversation Web Services Web Services Massimo Mecella * Mourad Ouzzani Univ. Roma LA SAPIENZA, Italy Purdue

375 views • 26 slides
About Loxal Security Ltd Specialist access control and vacant property security company Unique

About Loxal Security Ltd Specialist access control and vacant property security company Unique

About Loxal Security Ltd Specialist access control and vacant property security company Unique range of access control technology & temporary physical security products : - Keysafes Locking Bar Void security doors & screens

368 views • 21 slides
Outline OS security: authentication, contd Basics of access control CSci 5271 Introduction

Outline OS security: authentication, contd Basics of access control CSci 5271 Introduction

Outline OS security: authentication, contd Basics of access control CSci 5271 Introduction to Computer Security Announcements intermission OS security: access control Unix-style access control Stephen McCamant Multilevel and mandatory

656 views • 9 slides
Extending XACML Authorisation Model to Support Policy Obligations Handling in Distributed

Extending XACML Authorisation Model to Support Policy Obligations Handling in Distributed

Extending XACML Authorisation Model to Support Policy Obligations Handling in Distributed Applications Yuri Demchenko SNE Group, University of Amsterdam On behalf of Y. Demchenko, C. de Laat, O. Koeroo, H. Sagehaug MGC 2008 - 6th

488 views • 31 slides
Managing the U. S. CMS HL-LHC Upgrades Vivian ODell, U. S. CMS HL-LHC USCMS Project Manager

Managing the U. S. CMS HL-LHC Upgrades Vivian ODell, U. S. CMS HL-LHC USCMS Project Manager

Managing the U. S. CMS HL-LHC Upgrades Vivian ODell, U. S. CMS HL-LHC USCMS Project Manager February 2, 2016 Director's Review - Managing the U. S. CMS HL-LHC Upgrades V. O'Dell, 2

597 views • 11 slides
Serving Medicaid Beneficiaries Who Need Long-term Services and Supports: Better Outcomes at Lower

Serving Medicaid Beneficiaries Who Need Long-term Services and Supports: Better Outcomes at Lower

Center for Studying Disability Policy Serving Medicaid Beneficiaries Who Need Long-term Services and Supports: Better Outcomes at Lower Costs Presenters Discussant Victoria Peebles, Mathematica Debra Lipson, Mathematica Carol Irvin,

566 views • 53 slides
ASPECTS OF HETEROGENEITY AND FAULT TOLERANCE IN CLOUD COMPUTING Magdalena Slawinska Jaroslaw

ASPECTS OF HETEROGENEITY AND FAULT TOLERANCE IN CLOUD COMPUTING Magdalena Slawinska Jaroslaw

Atlanta, Georgia, April 19, 2010 in conjunction with IPDPS 2010 UNIBUS: ASPECTS OF HETEROGENEITY AND FAULT TOLERANCE IN CLOUD COMPUTING Magdalena Slawinska Jaroslaw Slawinski Vaidy Sunderam {magg, jaross, vss}@mathcs.emory.edu Emory

680 views • 21 slides
Emergency Suspension list Vincent BRILLAULT HEPiX Spring 2014, Annecy Emergency suspension

Emergency Suspension list Vincent BRILLAULT HEPiX Spring 2014, Annecy Emergency suspension

Emergency Suspension list Vincent BRILLAULT HEPiX Spring 2014, Annecy Emergency suspension Suspended DN cant submit jobs to sites Automated Suspension: Fast: Delays configurable & known in advance Completely

334 views • 12 slides
Report from the Project Manager Bill Boroski Contractor Project Manager Contractor Project

Report from the Project Manager Bill Boroski Contractor Project Manager Contractor Project

Report from the Project Manager Bill Boroski Contractor Project Manager Contractor Project Manager USQCD All-Hands Meeting Brookhaven National Laboratory April 16-17, 2010 Outline Outline Completion of the initial computing project

475 views • 16 slides
ilab Lab 7 Basics of Cryptography / Security I Testate 2 nd Half of Term This lecture is

ilab Lab 7 Basics of Cryptography / Security I Testate 2 nd Half of Term This lecture is

Lehrstuhl fr Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen ilab Lab 7 Basics of Cryptography / Security I Testate 2 nd Half of Term This lecture is divided into two halves: Basics of

935 views • 51 slides
TEEP BOF Problem Statement draft-liu-opentrustprotocol-usecase IETF 100 th , Singapore IETF 100

TEEP BOF Problem Statement draft-liu-opentrustprotocol-usecase IETF 100 th , Singapore IETF 100

TEEP BOF Problem Statement draft-liu-opentrustprotocol-usecase IETF 100 th , Singapore IETF 100 - TEEP BoF 1 Background Hardware based security is desirable Todays processor technology supports various isolation concepts. Well

344 views • 18 slides

More recommend