provenance based access control models
play

Provenance-based Access Control Models July 31, 2014 Dissertation - PowerPoint PPT Presentation

May 06, 2023 •11 likes •451 views

Institute for Cyber Security Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute for Cyber Security University of Texas at San Antonio World-leading research with real-world impact! 1 Presentation

  1. Institute for Cyber Security Provenance-based Access Control Models July 31, 2014 Dissertation Defense Dang Nguyen Institute for Cyber Security University of Texas at San Antonio World-leading research with real-world impact! 1

  2. Presentation Outline 1. Introduction 2. Provenance Data Model 3. Provenance-based Access Control Models 4. PBAC Architecture in Cloud Infrastructure-as- a-Service 5. Conclusion World-leading research with real-world impact! 2

  3. Background: what is provenance? Art definition of provenance Essential in judging authenticity and evaluating – worth. Data provenance in computing systems Is different from log data. – Contains linkage of information pieces. – Is utilized in different computing areas. – World-leading research with real-world impact! 3

  4. Access Control Challenges • Usability of provenance Provenance Data Model – Capturing , – Storing , – and Querying provenance data. Provenance-based Access • Utility of provenance Control – Policy specification , – Evaluation, – and Enforcement . PBAC in IaaS • Provenance in cloud environment Architecture - Tenant-awareness Security of provenance: provenance access control World-leading research with real-world impact! 4

  5. Access Control Approaches Traditional access control • – Based on single units of control: roles, primitive attributes, etc. Relationship-based access control • – Graph-based. – Does not make use of history information. Based on history information • – Utilizes log data to extract useful information Mainly looks at users’ history. • – Cannot specify access control based on linkage information. – Assume history information is readily available. Provenance-based Access Control World-leading research with real-world impact! 5

  6. Provenance-based Access Control (PBAC) o So far, no comprehensive and well-defined model in the literature. o Compared to other access control approaches, PBAC provides richer access control mechanisms • Finer-grained policy and control. • Provides effective means of history information usage. o Easily configured to apply in different computing domains and platforms o Single system (XACML) o Multi-tenant cloud (OpenStack) World-leading research with real-world impact! 6

  7. Contributions • Proposed a provenance data model which enables PBAC configurations in multiple application domains. • Proposed provenance-based access control models which provides enhanced and finer-grained access control features. – Implemented and evaluated an XACML-extended prototype. • Proposed architecture to enable PBAC in cloud IaaS. – Implemented and evaluated an OpenStack-extended prototype. World-leading research with real-world impact! 7

  8. Thesis Statement Provenance data forms a directed-acyclic graph where graph edges exhibit the causality dependency relations between graph nodes that represent provenance entities. A provenance data model that can enable and facilitate the capture, storage and utilization of such information through regular expression based path patterns can provide a foundation for enhancing access control mechanisms. In essence, provenance-based access control models can provide effective and expressive capabilities in addressing access control issues, including traditional and previously not discussed dynamic separation of duties, in single systems, distributed systems, and within a single tenant and across multiple tenants cloud environment. World-leading research with real-world impact! 8

  9. Scope and Assumptions • Assumptions – Provenance data is uncompromised and protected. – Provenance data is correct. – Provenance of provenance is not considered. • Experimental Scope – Does not include provenance capture. – Does not include concurrent, dependent access requests. World-leading research with real-world impact! 9

  10. Presentation Outline 1. Introduction 2. Provenance Data Model 3. Provenance-based Access Control Models 4. PBAC Architecture in Cloud Infrastructure-as- a-Service 5. Conclusion World-leading research with real-world impact! 10

  11. Characteristics of Provenance Data Information of operations/transactions performed against data objects • and versions – Actions that were performed against data – Acting Users/Subjects who performed actions on data – Data Objects used for actions – Data Objects generated from actions – Additional Contextual Information of the above entities • Directed Acyclic Graph (DAG) • Causality dependencies between entities (acting users / subjects, action processes and data objects) • Dependency graph can be traced/traversed for the discovery of Origin, usage, versioning info, etc. World-leading research with real-world impact! 11

  12. Provenance Data Model [inspired by OPM] Object 4 Node Types • (artifact) – Object (Artifact) c u(type) Action Subject – Action (Process) (process) (agent) – Subject (Agent) g(type) – Attribute Object t(type) (artifact) 3 Causality dependency • edge Types Attribute Base PDM (not a dataflow) and Attribute Edge Contextual c wasControlledBy Extension u used Inverse edges are Dep. edge g wasGeneratedBy enabled for usage in Attrb. edge t hasAttribute queries, but cycle- avoidant . World-leading research with real-world impact! 12

  13. Capturing, Storing, and Querying Provenance Data Transaction (Subject1, Grade1, HW1, GradedHW1, ContextualInfoSet-Grade1) : capturing (Grade1, u, HW1) (Grade1, c, Subject1) (GradedHW1, g, Grade1) RDF Triples: (Grade1, t[actingUser], Alice) (Grade1, t[activeRole], TA) storing (Grade1, t[weight], 2) (Grade1, t[object-size], 10MB ) querying querying SELECT ?agent WHERE { HW1_G [g:c] ?agent} SPARQL: SELECT ?user WHERE { HW1_G [g:t[actUser]] ?user} World-leading research with real-world impact! 13

  14. Provenance Graph Example Sub1 Sub2 c c u g u g HW1 Grade1 HW1_G Grade2 HW1_G’ t(actUser) t(…) t(…) t(…) SELECT ?user Alice TA 2 10MB WHERE { HW1_G’ [g:u:g:c] ?user} { HW1_G’ [[g:u]*:g:c] ?user} World-leading research with real-world impact! 14

  15. Study Case: Homework Grading System Students can upload a homework to the system, after which they can replace it multiple times before they submit the homework. Once it is submitted , the homework can be reviewed by other students or designated graders until it is graded by the teaching assistant (TA). World-leading research with real-world impact! 15

  16. A Base Provenance Data Graph 16

  17. Dependency List • Dependency List (DL): A set of identified dependencies that consists of pairs of – Dependency Name: abstracted dependency names (DNAME) and – regular expression-based dependency path pattern (DPATH) Examples • – < wasReplacedVof, g replace .u input > – < wasAuthoredBy, wasSubmittedVof?.wasReplacedVof ∗ .g upload .c > World-leading research with real-world impact! 17

  18. wasReplacedVof wasReviewedOby A Base Provenance Data Graph DL O : < wasReplacedVof, g replace .u input > wasSubmittedVof wasReviewedOof wasGradedOof 18

  19. Presentation Outline 1. Introduction 2. Provenance Data Model 3. Provenance-based Access Control Models 4. PBAC Architecture in Cloud Infrastructure-as- a-Service 5. Conclusion World-leading research with real-world impact! 19

  20. PBAC Models • PBAC B : utilizes base data model – Does not capture contextual information • PBAC C : extending the base model – Incorporate contextual information associated with the main entities ( Subjects , etc.) – Extend base data model with attributes World-leading research with real-world impact! 20

  21. PBAC B Components Request(s,a,o) Action on O Subjects Actions Objects User authorization Action validation Access Evaluation Base Dependency Policies Provenance Lists Data access decision utilized by activities World-leading research with real-world impact! 21

  22. Sample Policies 1. Anyone can upload a homework. 2. A user can replace a homework if she uploaded it (usr. authz) and the homework is not submitted yet (act. valid) . 1. allow(au, upload, o) ⇒ true 2. allow(au, replace, o) ⇒ au ∈ (o, wasAuthoredBy) ∧ |(o,wasSubmittedVof)| = 0. World-leading research with real-world impact! 22

  23. PBAC C Components Contextual Info. Assoc. with Assoc. with Assoc. with Subjects Objects Actions Captured as Access Evaluation Attribute Base Dependency Policies Provenance Provenance Lists Data Data World-leading research with real-world impact! 23

  24. DSOD Examples in HGS Sample English policies : • – A student cannot review the homework he submitted – Object-based DSOD – A student cannot grade a homework before it is submitted – History- based DSOD – A student cannot grade a homework unless reviews’ combined weights exceeds 3 – Transaction Control Expression An informal policy : • allow(sub,grade,o) => sum(o,previousReviewProcesses.hasAttributeOf(Weight)) <= 3 Compatible to XACML policy language • – Extending OASIS XACML architecture and implementation. World-leading research with real-world impact! 24

  25. Extended XACML Architecture PEP: policy enforcement point PDP: policy decision point PAP: policy administration point PIP: policy information point MySQL Jena ARQ World-leading research with real-world impact! 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views • 47 slides
Engineering Access Control Policies for Provenance-aware Systems Lianshan Sun 12 , Jaehong Park 2

Engineering Access Control Policies for Provenance-aware Systems Lianshan Sun 12 , Jaehong Park 2

Engineering Access Control Policies for Provenance-aware Systems Lianshan Sun 12 , Jaehong Park 2 and Ravi Sandhu 2 1. Shaanxi University of Science and Technology (SUST), Xian, Shaanxi, China, 710021 2. University of Texas at San Antonio

491 views • 24 slides
Whats the Problem? What does it mean to collect provenance when you dont control:

Whats the Problem? What does it mean to collect provenance when you dont control:

Provenance in the Wild Peter Macko, Margo Seltzer June 14, 2012 Whats the Problem? What does it mean to collect provenance when you dont control: The data (types, format, organization, structure) The operators The

445 views • 10 slides
Working Set- -Based Access Control for Based Access Control for Working Set Network File

Working Set- -Based Access Control for Based Access Control for Working Set Network File

Working Set- -Based Access Control for Based Access Control for Working Set Network File Systems Network File Systems Stephen Smaldone, Vinod Ganapathy, and Liviu Iftode DiscoLab - Department of Computer Science Rutgers, The State University

667 views • 23 slides
Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects : system resources for which protection is

576 views • 21 slides
Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs Access Control Administration Accountability Chapter 2 Access Control Models Identification and Authentication Methods Lecturer:

708 views • 9 slides
Access Control Enforcement Access Control Enforcement for Conversation- -based based for

Access Control Enforcement Access Control Enforcement for Conversation- -based based for

The Cyber Center The Cyber Center Access Control Enforcement Access Control Enforcement for Conversation- -based based for Conversation Web Services Web Services Massimo Mecella * Mourad Ouzzani Univ. Roma LA SAPIENZA, Italy Purdue

375 views • 26 slides
Role-based access control Role-based access control 1 RBAC: Motivations Complexity of

Role-based access control Role-based access control 1 RBAC: Motivations Complexity of

Role-based access control Role-based access control 1 RBAC: Motivations Complexity of security administration p y y For large number of subjects and objects, the number of authorizations can become extremely large For dynamic

536 views • 51 slides
Speech Acts and Tokens for Access Control and Provenance Tracking Fabian Neuhaus (NCOR) &amp;

Speech Acts and Tokens for Access Control and Provenance Tracking Fabian Neuhaus (NCOR) &amp;

Speech Acts and Tokens for Access Control and Provenance Tracking Fabian Neuhaus (NCOR) &amp; Bill Andersen (Highfleet) STIDS 2011 Sorry Fabian cant be with us today 1 Neuhaus &amp; Andersen, STIDS 2011 17 Nov 2011 Problem Statement

452 views • 21 slides
Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control Introduction to Computer Security Access control, contd Announcements intermission Stephen McCamant Capability-based access control University

380 views • 7 slides
Overview Access control lists Capability lists Locks and keys Rings-based

Overview Access control lists Capability lists Locks and keys Rings-based

Overview Access control lists Capability lists Locks and keys Rings-based access control Propagated access control lists May 31, 2005 ECS 235, Computer and Information Slide #1 Security Access Control Lists Columns

1.24k views • 80 slides
Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control? How Is Access Determined? Who Determines Access? Forms of Access Control SELinux Booleans iptables File Access Control Lists Apache Access Control

711 views • 36 slides
Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System

Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System

Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System Evaluation Criteria (TCSEC) Background MAC Mandatory Access Control Firm security levels DAC Discretionary Access Control Access

240 views • 6 slides
Outline Multilevel and mandatory access control CSci 5271 Capability-based access control

Outline Multilevel and mandatory access control CSci 5271 Capability-based access control

Outline Multilevel and mandatory access control CSci 5271 Capability-based access control Introduction to Computer Security Announcements intermission Day 11: OS security: higher assurance Stephen McCamant OS trust and assurance University

303 views • 9 slides
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control Fundamentals Objectives Define Access Controls List the four Access Control Models Describe logical Access Control Methods Explain the

128 views • 8 slides
Language-Based Access Control and Safety Language-based access control is impossible in a

Language-Based Access Control and Safety Language-based access control is impossible in a

Language-Based Access Control and Safety Language-based access control is impossible in a programming language that is not memory safe. Without memory safety, there is no way to guarantee separation of memory used by different program

413 views • 30 slides
[G014] A Mechanistic Study of Hydroxide Anion Addition to Cyclobutane-1,2-dione by Density

[G014] A Mechanistic Study of Hydroxide Anion Addition to Cyclobutane-1,2-dione by Density

[G014] A Mechanistic Study of Hydroxide Anion Addition to Cyclobutane-1,2-dione by Density Functional Theory Calculations Nargis Sultana and Walter M.F. Fabian Institut fr Chemie, Karl Franzens Universitt Graz, A-8010 Graz, Austria Abstract

483 views • 5 slides
Lifelong Guidance Policy and Practice Initiatives in the EU Update on Progress Jyvaskyla, 6-7

Lifelong Guidance Policy and Practice Initiatives in the EU Update on Progress Jyvaskyla, 6-7

Lifelong Guidance Policy and Practice Initiatives in the EU Update on Progress Jyvaskyla, 6-7 November 2006 Ronald G. Sultana Euro-Mediterranean Centre for Educational Research University of Malta Key points Locating the progress report

398 views • 13 slides
Cosmological model with wormhole and cosmological horizons Sung-Won Kim (Ewha Womans University,

Cosmological model with wormhole and cosmological horizons Sung-Won Kim (Ewha Womans University,

Cosmological model with wormhole and cosmological horizons Sung-Won Kim (Ewha Womans University, Korea) arXiv: 1801.07989 Motivation Cosmological black hole More practical solution, especially for expanding universe Several solution

663 views • 16 slides
Explicit Construction of Multiple Access Channel Resolvability Codes from Source Resolvability

Explicit Construction of Multiple Access Channel Resolvability Codes from Source Resolvability

Explicit Construction of Multiple Access Channel Resolvability Codes from Source Resolvability Codes Rumia Sultana R emi A. Chou Wichita State University 2020 IEEE International Symposium on Information Theory 1/29 Outline Introduction

296 views • 29 slides
Islam in the identity of people from the ancient sultanates of Malaysia, Indonesia, Philippines

Islam in the identity of people from the ancient sultanates of Malaysia, Indonesia, Philippines

Islam in the identity of people from the ancient sultanates of Malaysia, Indonesia, Philippines Elsa Clav (Universitt Goethe, Frankfurt) When one looks at Southeast Asian pre-modern history, knowledge on the Philippines is few, scarce, not

552 views • 11 slides
Security Policy Reconfiguration Solutions in Wireless Sensor Networks UZH 655/678 Seminar:

Security Policy Reconfiguration Solutions in Wireless Sensor Networks UZH 655/678 Seminar:

University Division/Office Security Policy Reconfiguration Solutions in Wireless Sensor Networks UZH 655/678 Seminar: Internet Economics - Prof. Dr. Burkhard Stiller By Sanjiv Jha, Raphael Ochsenbein &amp; Anastasia Ruvimova Supervisor: Dr.

830 views • 33 slides
Building High Performance Server Network Interfaces Joe Gervais Product Line Manager High

Building High Performance Server Network Interfaces Joe Gervais Product Line Manager High

Building High Performance Server Network Interfaces Joe Gervais Product Line Manager High Performance Networking Interconnect Hierarchy Interconnect Hierarchy Distance Bandwidth WAN LAN SAN GSN ST SYSTEM Latency Gigabyte System

439 views • 16 slides
Faculty Senate Town Meeting School of Engineering Bud Baeslack Dean September 17, 2003 SoE

Faculty Senate Town Meeting School of Engineering Bud Baeslack Dean September 17, 2003 SoE

Faculty Senate Town Meeting School of Engineering Bud Baeslack Dean September 17, 2003 SoE Performance Plan Overarching Goals Expand the Research Enterprise l Enhance Education l Achieve Diversity l Increase Scientific and Technological

463 views • 7 slides

More recommend