resource access control in the facebook model
play

Resource Access Control in the Facebook Model K. Chronopoulos 1 M. - PowerPoint PPT Presentation

Sep 14, 2022 •129 likes •544 views

Resource Access Control in the Facebook Model K. Chronopoulos 1 M. Gouseti 1 A. Kiayias 2 1 University of Amsterdam, The Netherlands 2 Department of Informatics & Telecommunications University of Athens, Greece The 12th International

  1. Resource Access Control in the Facebook Model K. Chronopoulos 1 M. Gouseti 1 A. Kiayias 2 1 University of Amsterdam, The Netherlands 2 Department of Informatics & Telecommunications University of Athens, Greece The 12th International Conference on Cryptology and Network Security, 2013 Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 1 / 35

  2. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 2 / 35

  3. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 3 / 35

  4. Motivation Formal model? Owners Server Clients Owners’ Resources Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

  5. Motivation Formal model? Owners Server Clients Owners’ Resources Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

  6. Motivation Formal model? Owners Server Clients Owners’ Resources Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

  7. Motivation Formal model? Owners Server Clients Owners’ Resources Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

  8. Motivation Formal model? Owners Server Clients Owners’ Resources Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

  9. Motivation Formal model? Owners Server Clients Owners’ Resources Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

  10. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 5 / 35

  11. Related Work Previous work includes: Security analysis of OAuth Resources access control in social networks Expression access control directives Privacy in a untrusted server setting Our work: Define a formal model of social networks in a trusted server setting Analyse its security properties Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 6 / 35

  12. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 7 / 35

  13. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 8 / 35

  14. Interactions with the Server Owners: Clients Register. Register. Authenticate. Authenticate. Make connections with other Access resources. owners. Break a connection. Authorize clients. Use the clients’ services. Revoke client’s authorization. Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 9 / 35

  15. Client’s Authorization Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 10 / 35

  16. Client’s Authorization Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 11 / 35

  17. Client’s Authorization Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 12 / 35

  18. Client’s Authorization Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 13 / 35

  19. Client’s Authorization Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 14 / 35

  20. Access Alice’s Resources Direct access When Alice has given the client user permission to access her resources. Access through Bob When Bob has given the client friend permission to access the resources of Alice that are visible to him. Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 15 / 35

  21. 2 Modes of Revocation Explicit Revocation Alice can revoke a client’s access by explicitly instructing the server. Implicit Revocation The Facebook model suggests that a client’s access should be revoked if an owner has not used its services after a certain time period ( dt units of time). If you haven’t used an app in a while, it won’t be able to continue to update the additional information you’ve given them permission to access. — Facebook, Data Use Policy Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 16 / 35

  22. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 17 / 35

  23. Notation We will use the following notation: O , C : unique id that identifies owners and clients respectively. f : projection ( D n → D k ) where k ≤ n and D is the space of the owner’s resources. Also used as a set of indices. oos ac (), ocs ac (), ocg ac (), expt (), r (): server’s matrices λ : level of security associated with our proposed solutions Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 18 / 35

  24. Correctness Definition For all O , O ′ � = O , C , f : D n → D k where k ≤ n , if � � ( f ⊆ ocs ac [ O , C ]) ∧ ( server time < expt [ O , C ]) ∨ � � ( f ⊆ ( ocg ac [ O ′ , C ] ∩ oos ac [ O , O ′ ])) ∧ ( server time < expt [ O ′ , C ]) , then C , by running the “Client Access Resources Protocol”, will receive the resources f ( r [ O ]) and the server will record the action access resources ( C , O , f ). Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 19 / 35

  25. Owner Privacy - Explicit Revocation Definition 2 + negl ( λ ), where WIN A is the For all PPT adversaries A , Pr [ WIN A ] = 1 event b = b ∗ while playing the above game. Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 20 / 35

  26. Owner Privacy - Implicit Revocation Definition 2 + negl ( λ ), where WIN A is the For all PPT adversaries A , Pr [ WIN A ] = 1 event b = b ∗ while playing the above game. Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 21 / 35

  27. Server Consistency We define a predicate P ( log file , dt ) that is true when the server can justify a resource access, i.e: 1 authenticate ( O ) , t 0 2 authorize client ( O , C , f s , f g ) , t 1 , 3 any of authenticate ( O ) or use ( O , C ) , t 2 4 authenticate ( C ) t 3 5 access resources ( C , O , f ′ s ) , t 4 where f ′ s ⊆ f s ∧ ( t 4 − t 1 , 2 ) < dt Definition For all PPT adversaries A , Pr [ P ( log file , dt ) = 0] = negl ( λ ), where log file is a random variable that reflects the log file given the activity of A as described above. Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 22 / 35

  28. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 23 / 35

  29. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 24 / 35

  30. Client Access Resources Protocol (part 1) Figure : Only when the protocol is initiated by a user, i.e. Alice, the authorization protocol can be executed. Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 25 / 35

  31. Client Access Resources Protocol (part 2.1) Direct Access Figure : C accesses Alice’s resources using her access token. Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 26 / 35

  32. Client Access Resources Protocol (part 2.2) Indirect Access Figure : C accesses Alice’s resources using Bob’s access token. Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 27 / 35

  33. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 28 / 35

  34. Owner Privacy with Implicit Revocation Figure : C ∗ can access Alice’s photos using Bob’s token even if its access has expired. Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 29 / 35

  35. Owner Privacy with Implicit Revocation Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 30 / 35

  36. Server Consistency Figure : Inconsistency between Facebook’s view and reality. Facebook has recorded that the resources were accessed by C while they were accessed by C ∗ . Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 31 / 35

  37. Table of Contents Resource Access Control In Social Networks 1 Motivation Related Work RACS Formal Model 2 Protocols Properties Facebook 3 Protocols Attacks How to fix it Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 32 / 35

  38. How to fix it Owner Privacy with Implicit Revocation When C requests Alice’s resources using Bob’s access token, Facebook should respond with the intersection of Alice’s resources that Bob can access and the friends data permissions that Bob has given to C i.e. ( oos ac [ Alice , Bob ] ∩ ocg ac [ Bob , C ]). Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 33 / 35

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views • 47 slides
Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct

Access Control Access Control 1 Access Control Access control : ensures that all direct accesses to object are authorized a scheme for mapping users to allowed actions Protection objects : system resources for which protection is

576 views • 21 slides
April 3: Access Control Matrix Overview Access Control Matrix Model Boolean Expression

April 3: Access Control Matrix Overview Access Control Matrix Model Boolean Expression

April 3: Access Control Matrix Overview Access Control Matrix Model Boolean Expression Evaluation History April 3, 2017 ECS 235B Spring Quarter 2017 Slide #1 Overview Protection state of system Describes current settings,

310 views • 13 slides
DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios

DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios

DECENTRALIZED ACCESS CONTROL Sandra Siby EDIC Semester Project (DEDIS) Supervisors: Eleftherios Kokoris-Kogias, Prof. Bryan Ford 1 Motivation Access Control: Management of access to a resource Simple access control Static binding

494 views • 24 slides
Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control?

Access Control Jackson Argo Rackspace MO After-hours April 28, 2016 What is Access Control? How Is Access Determined? Who Determines Access? Forms of Access Control SELinux Booleans iptables File Access Control Lists Apache Access Control

711 views • 36 slides
The Chinese Wall Conflict of Interests Access Control Model Chinese Wall Policy

The Chinese Wall Conflict of Interests Access Control Model Chinese Wall Policy

Introduction Access Control Models Other models: Part II The Chinese Wall Model it combines elements of DAC and MAC RBAC Model it is a DAC model; however, it is Elisa Bertino sometimes considered a policy-neutral model

611 views • 12 slides
1 General Access Control General Access Control Control of access to memory relatively easy:

1 General Access Control General Access Control Control of access to memory relatively easy:

Role of Access Control Before closing back doors we need to close front doors Access control: determines access to files &amp; processes in OS Fall 2008 We will return to these themes throughout the course Fall 2008 CS

512 views • 6 slides
An Automated Model-based Test Oracle for Access Control Systems Antonia Bertolino 1 , Said

An Automated Model-based Test Oracle for Access Control Systems Antonia Bertolino 1 , Said

An Automated Model-based Test Oracle for Access Control Systems Antonia Bertolino 1 , Said Daoudagh 1,2 , Francesca Lonetti 1 , Eda Marchetti 1 1 ISTI-CNR 2 University of Pisa Agenda Introduction Access Control Systems XACML policies

459 views • 31 slides
SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing

SYSTEM DIAGRAMS Door Entry &amp; Access Control ACCESS CONTROL ACCESS CONTROL Allowing residents / staff access to site areas Main entrance Vehicle entrances Pedestrian entrances Gate / Barrier entrance Bin / Bike / Refuge

336 views • 14 slides
CS419 Spring 2010 Computer Security Access Control: Policies and Mechanisms Vinod Ganapathy

CS419 Spring 2010 Computer Security Access Control: Policies and Mechanisms Vinod Ganapathy

CS419 Spring 2010 Computer Security Access Control: Policies and Mechanisms Vinod Ganapathy Lectures 9 and 10 Access Control The prevention of unauthorized use of a resource, including the prevention of use of a resource in an

1.17k views • 90 slides
Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs

Overview Basic Principles Access Control Methodologies Controls Access Control Designs Access Control Administration Accountability Chapter 2 Access Control Models Identification and Authentication Methods Lecturer:

708 views • 9 slides
Facebook Exchange Facebook Exchange (FBX) (FBX) Facebook Exchange The Facebook Exchange allows

Facebook Exchange Facebook Exchange (FBX) (FBX) Facebook Exchange The Facebook Exchange allows

Facebook Exchange Facebook Exchange (FBX) (FBX) Facebook Exchange The Facebook Exchange allows programmatic buying of Facebook ad inventory through real-time bidding. Agencies, trading desks and direct marketers can buy Facebook ads using

343 views • 7 slides
A resource-control model based on deadlock avoidance Antoine Galland Mathieu Baudet

A resource-control model based on deadlock avoidance Antoine Galland Mathieu Baudet

A resource-control model based on deadlock avoidance Antoine Galland Mathieu Baudet antoine.galland@gemplus.com mathieu.baudet@lsv.ens-cachan.fr Gemplus Research Labs LIP6 ENS Cachan INRIA Futurs A resource-control model based on

250 views • 22 slides
Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control

Outline Unix-style access control, contd CSci 5271 Multilevel and mandatory access control Introduction to Computer Security Access control, contd Announcements intermission Stephen McCamant Capability-based access control University

380 views • 7 slides
NETCONF Access Control draft-bierman-netconf-access-control-01 IETF 77, March 2010 Andy Bierman

NETCONF Access Control draft-bierman-netconf-access-control-01 IETF 77, March 2010 Andy Bierman

NETCONF Access Control draft-bierman-netconf-access-control-01 IETF 77, March 2010 Andy Bierman andyb@iwl.com Agenda Why does NETCONF need a standard access control model (ACM)? What are the functional requirements for a standard ACM

842 views • 26 slides
D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient

D2: Access Control #2: Access cess Contr trol ol Similar to OWASP Top 10 Insufficient access control and authentication checks Insecure access control methods Private, internal functions and data are accessible through a

547 views • 11 slides
National Housing Trust Fund Allocation Plan Coalition on Homelessness and Housing in Ohio April

National Housing Trust Fund Allocation Plan Coalition on Homelessness and Housing in Ohio April

National Housing Trust Fund Allocation Plan Coalition on Homelessness and Housing in Ohio April 15, 2016 Ed Gramlich, NLIHC Senior Adviser 1 NHTF Is Block Grant to States (Part1) There are two conditions that each state must meet in order to

810 views • 58 slides
Generating OpenMath Content Dictionaries from Wikidata Moritz Schubotz Information Science

Generating OpenMath Content Dictionaries from Wikidata Moritz Schubotz Information Science

Generating OpenMath Content Dictionaries from Wikidata Moritz Schubotz Information Science Group University of Konstanz www.isg.uni.kn Overview 1. Introduction 2. The MathML Benchmark MathMLBen 3. A Wikidata Content Dictonary 4. Wikidata

666 views • 27 slides
Bayesian network Case examples Advanced Herd Managem ent October 2 nd 2 0 0 7 Tina Birk Jensen

Bayesian network Case examples Advanced Herd Managem ent October 2 nd 2 0 0 7 Tina Birk Jensen

Bayesian network Case examples Advanced Herd Managem ent October 2 nd 2 0 0 7 Tina Birk Jensen Outline 1 . PigLam e m odel Background of the m odel The qualitative part of the m odel The quantitative part of the m odel

634 views • 25 slides
Environmental Review Process for Responsible Entities 24 CFR Part 58 1 Presenters Danielle

Environmental Review Process for Responsible Entities 24 CFR Part 58 1 Presenters Danielle

Environmental Review Process for Responsible Entities 24 CFR Part 58 1 Presenters Danielle Schopp, Senior Environmental Officer Ann Herring, State of Louisiana, OCD/DRU, Environmental Manager 2 Field Disaster Grant Environmental Contacts

673 views • 33 slides
Infinera waves on a Ciena light system Guy Roberts, GEANT Association Terena Architects workshop,

Infinera waves on a Ciena light system Guy Roberts, GEANT Association Terena Architects workshop,

Infinera waves on a Ciena light system Guy Roberts, GEANT Association Terena Architects workshop, 12 Nov 2014 Fibre sharing Field Trial Background GANT Telia Sonera fibre will not be renewed. Looking for cost saving solution. Field

475 views • 14 slides
L M A D A Learning And Mining from DatA NANJING UNIVERSITY Projection-free Distributed Online

L M A D A Learning And Mining from DatA NANJING UNIVERSITY Projection-free Distributed Online

Introduction Algorithms Experiments Conclusion L M A D A Learning And Mining from DatA NANJING UNIVERSITY Projection-free Distributed Online Convex Optimization with O ( T ) Communication Complexity Yuanyu Wan 1 , Wei-Wei Tu 2 and

617 views • 39 slides
ETSI EMTEL (Special Committee on Emergency Communications) CHAIRMAN Ray Forbes Producing and

ETSI EMTEL (Special Committee on Emergency Communications) CHAIRMAN Ray Forbes Producing and

ETSI EMTEL (Special Committee on Emergency Communications) CHAIRMAN Ray Forbes Producing and maintaining Standards for Emergency Communications Presented by Ian Harris EMTEL Vice Chairman Consultant to Research In Motion ITU-T Workshop,

699 views • 37 slides
Example: N-Queens (1) Slightly Less Informal Standard search problems: Formulation 1:

Example: N-Queens (1) Slightly Less Informal Standard search problems: Formulation 1:

Bookkeeping Constraint Satisfaction HW 2 questions? AI Class 7 Ch. 6.16.4 (skip 6.3.3) ) Please note: it must be due COB Blackboard time 11:59: XX is late! We will not let this slide again. Based on slides by: Marie

360 views • 11 slides

More recommend