rbac administration in distributed systems
play

RBAC Administration in Distributed Systems Policy Distribution - PowerPoint PPT Presentation

Feb 26, 2023 •273 likes •541 views

Introduction Modeling Distributed Systems RBAC Administration in Distributed Systems Policy Distribution Concluding Remarks Marnix Dekker, Jason Crampton, Sandro Etalle Questions Distributed and Embedded Systems groep (DIES), Universitity

  1. Introduction Modeling Distributed Systems RBAC Administration in Distributed Systems Policy Distribution Concluding Remarks Marnix Dekker, Jason Crampton, Sandro Etalle Questions Distributed and Embedded Systems groep (DIES), Universitity of Twente Information Security Group (ISG), Royal Holloway University of London Security Group (SEC), University of Eindhoven SACMAT 2008

  2. Introduction 1 Introduction Modeling Distributed Systems Policy Distribution 2 Modeling Distributed Systems Concluding Remarks Questions 3 Policy Distribution 4 Concluding Remarks 5 Questions

  3. Motivation Introduction Modeling Distributed Systems Modern distributed computer systems require sophisticated Policy Distribution access control policies Concluding • Statutory and enterprise requirements Remarks Questions • RBAC is a flexible and widely used form of access control Access control policies need to be administered simply and effectively • Policy requirements change Existing RBAC literature does not provide a model for administration in distributed systems

  4. Role-based access control Introduction Modeling Distributed Systems Policy Distribution “Standard RBAC” (RBAC96, ANSI-RBAC) defines Concluding Remarks • Users U , roles R , actions A and objects O Questions • Permissions P ⊆ A × O • UA ⊆ U × R , PA ⊆ P × R , RH ⊆ R × R • An RBAC policy φ is defined by ( UA , RH , PA )

  5. Role-based access control Introduction Modeling Distributed We treat φ as a directed graph ( U ∪ R ∪ P , UA ∪ RH ∪ PA ) Systems • We write v → φ v ′ to indicate that there exists a path from Policy Distribution v to v ′ in φ Concluding Remarks • We assume all paths are directed (from users to roles to Questions permissions) • u → φ r , for example, means that u is authorized (by φ ) for role r

  6. Role-based access control Introduction Modeling Distributed We treat φ as a directed graph ( U ∪ R ∪ P , UA ∪ RH ∪ PA ) Systems • We write v → φ v ′ to indicate that there exists a path from Policy Distribution v to v ′ in φ Concluding Remarks • We assume all paths are directed (from users to roles to Questions permissions) • u → φ r , for example, means that u is authorized (by φ ) for role r • The upper closure of v , denoted ↑ φ v , is the sub-graph comprising all paths in φ in which v is the last node • The downward closure of v , denoted ↓ φ v , is the sub-graph comprising all paths in which v is the first node

  7. Administration of RBAC Introduction Modeling What administrative actions may be requested? Distributed Systems • We only model changes to UA , RH and PA Policy Distribution • A user may add or delete a tuple from one of these Concluding relations Remarks Questions • � u ( v , v ′ ) denotes a request by u to add tuple ( v , v ′ ) • � u ( v , v ′ ) denotes a requests by u to delete tuple ( v , v ′ )

  8. Administration of RBAC Introduction Modeling What administrative actions may be requested? Distributed Systems • We only model changes to UA , RH and PA Policy Distribution • A user may add or delete a tuple from one of these Concluding relations Remarks Questions • � u ( v , v ′ ) denotes a request by u to add tuple ( v , v ′ ) • � u ( v , v ′ ) denotes a requests by u to delete tuple ( v , v ′ ) What administrative permissions are required? • � ( v , v ′ ) denotes a permission to add tuple ( v , v ′ ) • ♦ ( v , v ′ ) denotes a permission to delete tuple ( v , v ′ ) • We extend PA to include permissions of the form � ( , ) and ♦ ( , )

  9. Introduction 1 Introduction Modeling Distributed Systems Policy Distribution 2 Modeling Distributed Systems Concluding Remarks Questions 3 Policy Distribution 4 Concluding Remarks 5 Questions

  10. Distributed system model Introduction Modeling Distributed Systems Policy We assume that a distributed system comprises a number of Distribution components (or sub-systems) S Concluding Remarks • Each sub-system s ∈ S has its own reference monitor and Questions its own policy for deciding access requests • There is a centralized reference monitor for deciding administrative access requests • The centralized reference monitor has policy φ

  11. Permissions and policies Introduction Modeling Distributed Systems Policy Distribution We define a privilege mapping pm and a policy mapping ψ Concluding Remarks • pm ( s ) ⊆ P is the set of permissions handled by Questions sub-system s • ψ ( s ) denotes the RBAC policy that sub-system s uses to evaluate requests We model the distributed system as a tuple ( S , pm , φ, ψ )

  12. Soundness Introduction Modeling Distributed Systems Policy ψ is sound (with respect to the central policy φ ) iff Distribution Concluding � Remarks ψ ( s ) ⊆ φ Questions s ∈ S • ψ is sound if any request granted by s ∈ S would also be granted by a centralized reference monitor using policy φ • Soundness is a safety criterion

  13. Completeness Introduction Modeling Distributed Systems Policy ψ is complete (with respect to the central policy φ ) iff for any Distribution s ∈ S and any p ∈ pm ( s ) Concluding Remarks Questions u → φ p implies u → ψ ( s ) p • ψ is complete if any request granted by φ for a permission for which s is responsible is also granted by s • Completeness is an availability criterion

  14. Leanness Introduction Modeling Distributed Soundness and completeness are minimum requirements of a Systems policy distribution ψ Policy Distribution • Trivial distribution ψ ( s ) = φ for all s ∈ S is sound and Concluding complete Remarks Questions • More economical distributions are desirable

  15. Leanness Introduction Modeling Distributed Soundness and completeness are minimum requirements of a Systems policy distribution ψ Policy Distribution • Trivial distribution ψ ( s ) = φ for all s ∈ S is sound and Concluding complete Remarks Questions • More economical distributions are desirable • It can be shown that the most economical sound and complete distribution is defined by � ψ ( s ) = ↑ φ p p ∈ pm ( s ) • We call this the lean distribution

  16. Example Introduction φ Modeling Distributed Systems (ernurse, dbusr) erstaff orstaff (ernurse,sqanusr) (ornurse, sqanusr) Policy Distribution sqanadmin ornurse ernurse Concluding (job,halt) Remarks (print,black) (print,color) sqanusr dbusr Questions (ehrtable,insert) (ehrtable,view) (job,start) ψ (Sqan) ψ (Sqil) orstaff ψ (Inq) orstaff erstaff erstaff ornurse sqanadmin ernurse (job,halt) dbusr (print,color) (print,black) sqanusr (ehrtable,insert) (ehrtable,view) (job,start)

  17. Introduction 1 Introduction Modeling Distributed Systems Policy Distribution 2 Modeling Distributed Systems Concluding Remarks Questions 3 Policy Distribution 4 Concluding Remarks 5 Questions

  18. Policy updates Introduction When an administrative request is granted by the central Modeling Distributed reference monitor (CRM), policy updates need to be sent to Systems one or more sub-systems Policy Distribution • It is important that soundness and completeness are Concluding Remarks preserved Questions

  19. Policy updates Introduction When an administrative request is granted by the central Modeling Distributed reference monitor (CRM), policy updates need to be sent to Systems one or more sub-systems Policy Distribution • It is important that soundness and completeness are Concluding Remarks preserved Questions We propagate policy updates to sub-systems using message commands • A message command is parameterized by a sub-system, a policy graph and an action (add or delete) • ⊕ s ( φ ) (respectively ⊖ s ( φ )) denotes a message for sub-system s to add (delete) φ to (from) its policy The operational semantics of our model are defined using a queue and a transition relation

  20. Queues and transitions Introduction Administrative requests and message commands are placed on Modeling the queue Distributed Systems • Processing an item in the queue – defined by the Policy Distribution transition relation – yields a new queue Concluding Remarks Questions

  21. Queues and transitions Introduction Administrative requests and message commands are placed on Modeling the queue Distributed Systems • Processing an item in the queue – defined by the Policy Distribution transition relation – yields a new queue Concluding Given ( S , pm , φ, ψ ), the transition relation Remarks Questions • Transforms administrative requests into message commands and updates to φ • If � u ( v , v ′ ) is authorized then create message command ⊕ s ( { ( v , v ′ ) } ∪ ( ↑ φ v )) for each s such that ↓ φ v ∩ pm ( s ) � = ∅ • Transforms message commands into updates to ψ • The transition relation preserves soundness and completeness

  22. Introduction 1 Introduction Modeling Distributed Systems Policy Distribution 2 Modeling Distributed Systems Concluding Remarks Questions 3 Policy Distribution 4 Concluding Remarks 5 Questions

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Prox-RBAC: A Proximity-based Spatially Aware RBAC Michael S. Kirkpatrick Maria Luisa Damiani

Prox-RBAC: A Proximity-based Spatially Aware RBAC Michael S. Kirkpatrick Maria Luisa Damiani

Prox-RBAC: A Proximity-based Spatially Aware RBAC Michael S. Kirkpatrick Maria Luisa Damiani Elisa Bertino 19 th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems (GIS) Chicago, IL, USA November 4, 2011

482 views • 46 slides
ROLE BASED ACCESS CONTROL (RBAC) John Barkley RBAC Project Leader Software Diagnostics and

ROLE BASED ACCESS CONTROL (RBAC) John Barkley RBAC Project Leader Software Diagnostics and

ROLE BASED ACCESS CONTROL (RBAC) John Barkley RBAC Project Leader Software Diagnostics and Conformance Testing National Institute of Standards and Technology (301) 975-3346 jbarkley@nist.gov http://hissa.nist.gov/rbac/ ACTIVE PARTICIPANTS

635 views • 27 slides
Tie-RBAC An application of RBAC to Social Networks Antonio Tapiador Diego Carrera Joaqun

Tie-RBAC An application of RBAC to Social Networks Antonio Tapiador Diego Carrera Joaqun

Tie-RBAC An application of RBAC to Social Networks Antonio Tapiador Diego Carrera Joaqun Salvacha Departamento de Ingeniera de Sistemas Telemticos ETS de Ingenieros de Telecomunicacin Universidad Politcnica de Madrid Access

146 views • 14 slides
Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges

Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges

5/17/2017 Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges scalability and performance apps require more resources than one computer has 13B. Distributed Systems: Communication grow

572 views • 7 slides
Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges

Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges

5/19/2018 Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges scalability and performance apps require more resources than one computer has 13B. Distributed Systems: Communication grow

131 views • 9 slides
Role-based access control 1 RBAC: Motivations Complexity of security administration For

Role-based access control 1 RBAC: Motivations Complexity of security administration For

Role-based access control 1 RBAC: Motivations Complexity of security administration For large number of subjects and objects, the number of o a ge u be o subjects a d objects, t e u be o authorizations can become extremely large

783 views • 26 slides
Distributed Systems Reasons for distributed systems Resource sharing sharing and

Distributed Systems Reasons for distributed systems Resource sharing sharing and

CSC 4103 - Operating Systems Motivation Spring 2007 Distributed system is collection of loosely coupled processors that do not share memory Lecture - XXII interconnected by a communications network Distributed Systems

477 views • 4 slides
Distributed File Systems Distributed File Systems A distributed file system (DFS) is a

Distributed File Systems Distributed File Systems A distributed file system (DFS) is a

Distributed File Systems Distributed File Systems A distributed file system (DFS) is a distributed Definitions implementation of a classical time-sharing model of a file Distributed system - A number of loosely coupled system. machines

997 views • 8 slides
Introduction to Distributed Systems Material adapted from Distributed Systems: Concepts &

Introduction to Distributed Systems Material adapted from Distributed Systems: Concepts &

Introduction to Distributed Systems Material adapted from Distributed Systems: Concepts & Design , George Coulouris, et al. and Engineering Distributed Objects , Wolfgang Emmerich Outline What is a Distributed System? Examples of

961 views • 36 slides
Introduction to Distributed Systems Material adapted from Distributed Systems: Concepts &

Introduction to Distributed Systems Material adapted from Distributed Systems: Concepts &

Introduction to Distributed Systems Material adapted from Distributed Systems: Concepts & Design , George Coulouris, et al. and Engineering Distributed Objects , Wolfgang Emmerich Outline What is a Distributed System? Examples of

565 views • 18 slides
Distributed Systems of distributed systems Types of Distributed Describe various

Distributed Systems of distributed systems Types of Distributed Describe various

Objectives/Outline (selected topics from chapter 16 & 18) Objectives Outline Provide a high-level overview Introduction Distributed Systems of distributed systems Types of Distributed Describe various methods for

436 views • 9 slides
Coordinating distributed systems Marko Vukoli Distributed Systems and Cloud Computing Previous

Coordinating distributed systems Marko Vukoli Distributed Systems and Cloud Computing Previous

Coordinating distributed systems Marko Vukoli Distributed Systems and Cloud Computing Previous lectures Distributed Storage Systems CAP Theorem Amazon Dynamo Cassandra 2 Today Distributed systems coordination Apache

1.57k views • 62 slides
Distributed Systems - III What about distributed systems? No common clock or memory

Distributed Systems - III What about distributed systems? No common clock or memory

CSC 4103 - Operating Systems Distributed Coordination Spring 2007 Ordering events and achieving synchronization in centralized systems is easier. Lecture - XXIV We can use common clock and memory Distributed Systems - III What

286 views • 4 slides
Towards a Theory of Formal Distributed Systems Why and how distributed systems can solve

Towards a Theory of Formal Distributed Systems Why and how distributed systems can solve

Towards a Theory of Formal Distributed Systems Why and how distributed systems can solve distributed problems ? Towards = immature or not ready for presenting Formal = unrealistic or useless Masafumi Yamashita (Kyushu Univ.) Table of

578 views • 33 slides
CSE 452 Distributed Systems Arvind Krishnamurthy Distributed Systems How to make a set of

CSE 452 Distributed Systems Arvind Krishnamurthy Distributed Systems How to make a set of

CSE 452 Distributed Systems Arvind Krishnamurthy Distributed Systems How to make a set of computers work together Correctly Efficiently At (huge) scale With high availability Despite messages being lost and/or taking a

779 views • 29 slides
CSE 452 Distributed Systems Tom Anderson Distributed Systems How to make a set of computers

CSE 452 Distributed Systems Tom Anderson Distributed Systems How to make a set of computers

CSE 452 Distributed Systems Tom Anderson Distributed Systems How to make a set of computers work together Reliably Efficiently At (huge) scale With high availability Despite messages being lost and/or taking a variable

833 views • 40 slides
f ' ( x ) g ( x ) dx f ( x ) g ' ( x ) dx f ( b ) g ( b ) f

f ' ( x ) g ( x ) dx f ( x ) g ' ( x ) dx f ( b ) g ( b ) f

GE EN NE ER RA AL LI IZ ZE ED D F FU UN NC CT TI IO ON NS S A AN ND D I IN NF FI IN NI IT TE ES SI IM MA AL LS S G U J. J .F F. . C CO OL LO OM MB BE EA AU It has been widely recognized since

103 views • 8 slides
2 in -models Benoit Monin joint work with Ludovic Patey Universit e Paris-Est Cr eteil

2 in -models Benoit Monin joint work with Ludovic Patey Universit e Paris-Est Cr eteil

SRT 2 2 vs RT 2 2 in -models Benoit Monin joint work with Ludovic Patey Universit e Paris-Est Cr eteil NUS - IMS . Ramsey Theory Section 1 Ramsey Theory Controlling 0 Ramsey Theory Partition regular classes 2 statements

521 views • 51 slides
BUILDING APACHE SPARK APPLICATION PIPELINES FOR THE KUBERNETES ECOSYSTEM Michael McCune 14

BUILDING APACHE SPARK APPLICATION PIPELINES FOR THE KUBERNETES ECOSYSTEM Michael McCune 14

BUILDING APACHE SPARK APPLICATION PIPELINES FOR THE KUBERNETES ECOSYSTEM Michael McCune 14 November 2016 1 INTRODUCTION A little about me Embedded to Orchestration Red Hat emerging technologies OpenStack Sahara Oshinko project for

453 views • 31 slides
CryptoManiac Slides borrowed with permission from Todd Austin and Lisa Wu University of Michigan

CryptoManiac Slides borrowed with permission from Todd Austin and Lisa Wu University of Michigan

CryptoManiac Slides borrowed with permission from Todd Austin and Lisa Wu University of Michigan Advanced Computer Architecture Laboratory Architectures Diminishing Return Staples of value we strive for High Speed Low Power Low

325 views • 15 slides
0-0 Well-posedness and asymptotic analysis for a Penrose-Fife type phase-field system Buona

0-0 Well-posedness and asymptotic analysis for a Penrose-Fife type phase-field system Buona

0-0 Well-posedness and asymptotic analysis for a Penrose-Fife type phase-field system Buona positura e analisi asintotica per un sistema di phase field di tipo Penrose-Fife Sal` o, 3-5 Luglio 2003 Riccarda Rossi Dipartimento di Matematica

583 views • 31 slides
PDEs model oriented to brain tumor therapy Elkhomeini Moulaye Ely With the supervision of :

PDEs model oriented to brain tumor therapy Elkhomeini Moulaye Ely With the supervision of :

Abstract Description of the Model Introduce the results Proof University of Sevilla Doc-Course 2010 RESEARCH UNIT 3 PDEs model oriented to brain tumor therapy Elkhomeini Moulaye Ely With the supervision of : Enrique Fernandez-Cara, Manuel

302 views • 27 slides
Muon g-2 : a theoretical review Tau04 Nara, September 2004 Andrzej Czarnecki University

Muon g-2 : a theoretical review Tau04 Nara, September 2004 Andrzej Czarnecki University

Muon g-2 : a theoretical review Tau04 Nara, September 2004 Andrzej Czarnecki University of Alberta Outline QED: present and future ( T. Kinoshita ) Electroweak loops Hadronic effects * vacuum polarization ( J. Khn, S. Eidelman, D.

493 views • 27 slides
AARNet's experience with IPv6 Glen Turner 2007-11-20 Australian 2007 IPv6 Summit aar net

AARNet's experience with IPv6 Glen Turner 2007-11-20 Australian 2007 IPv6 Summit aar net

AARNet's experience with IPv6 Glen Turner 2007-11-20 Australian 2007 IPv6 Summit aar net Australia's Academic and Research Network Motivation Universities take a long time to turn around IPv4 address exhaustion, an iceberg? Want considered

712 views • 23 slides

More recommend