Resource Access Control in the Facebook Model K. Chronopoulos 1 M. - - PowerPoint PPT Presentation

Resource Access Control in the Facebook Model

• K. Chronopoulos1
• M. Gouseti1
• A. Kiayias2

1University of Amsterdam, The Netherlands 2Department of Informatics & Telecommunications

University of Athens, Greece

The 12th International Conference on Cryptology and Network Security, 2013

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 1 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 2 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 3 / 35

Motivation

Formal model?

Owners Server Owners’ Resources Clients

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

Motivation

Formal model?

Owners Server Owners’ Resources Clients

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

Motivation

Formal model?

Owners Server Owners’ Resources Clients

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

Motivation

Formal model?

Owners Server Owners’ Resources Clients

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

Motivation

Formal model?

Owners Server Owners’ Resources Clients

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

Motivation

Formal model?

Owners Server Owners’ Resources Clients

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 4 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 5 / 35

Related Work

Previous work includes: Security analysis of OAuth Resources access control in social networks

Expression access control directives Privacy in a untrusted server setting

Our work: Define a formal model of social networks in a trusted server setting Analyse its security properties

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 6 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 7 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 8 / 35

Interactions with the Server

Owners: Register. Authenticate. Make connections with other

• wners.

Break a connection. Authorize clients. Use the clients’ services. Revoke client’s authorization. Clients Register. Authenticate. Access resources.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 9 / 35

Client’s Authorization

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 10 / 35

Client’s Authorization

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 11 / 35

Client’s Authorization

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 12 / 35

Client’s Authorization

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 13 / 35

Client’s Authorization

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 14 / 35

Access Alice’s Resources

Direct access When Alice has given the client user permission to access her resources. Access through Bob When Bob has given the client friend permission to access the resources of Alice that are visible to him.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 15 / 35

2 Modes of Revocation

Explicit Revocation Alice can revoke a client’s access by explicitly instructing the server. Implicit Revocation The Facebook model suggests that a client’s access should be revoked if an owner has not used its services after a certain time period (dt units of time). If you haven’t used an app in a while, it won’t be able to continue to update the additional information you’ve given them permission to access.

— Facebook, Data Use Policy

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 16 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 17 / 35

Notation

We will use the following notation: O, C: unique id that identifies owners and clients respectively. f : projection (Dn → Dk) where k ≤ n and D is the space of the

• wner’s resources. Also used as a set of indices.
• os ac(), ocs ac(), ocg ac(), expt(), r(): server’s matrices

λ: level of security associated with our proposed solutions

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 18 / 35

Correctness

Definition

For all O, O′ = O, C, f : Dn → Dk where k ≤ n, if

• (f ⊆ ocs ac[O, C]) ∧ (server time < expt[O, C])
• ∨
• (f ⊆ (ocg ac[O′, C]∩oos ac[O, O′])) ∧ (server time < expt[O′, C])
• ,

then C, by running the “Client Access Resources Protocol”, will receive the resources f (r[O]) and the server will record the action access resources(C, O, f ).

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 19 / 35

Owner Privacy - Explicit Revocation

Definition

For all PPT adversaries A, Pr[WINA] = 1

2 + negl(λ), where WINA is the

event b = b∗ while playing the above game.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 20 / 35

Owner Privacy - Implicit Revocation

Definition

For all PPT adversaries A, Pr[WINA] = 1

2 + negl(λ), where WINA is the

event b = b∗ while playing the above game.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 21 / 35

Server Consistency

We define a predicate P(log file, dt) that is true when the server can justify a resource access, i.e:

1 authenticate(O), t0 2 authorize client(O, C, fs, fg), t1, 3 any of authenticate(O) or use(O, C), t2 4 authenticate(C)t3 5 access resources(C, O, f ′

s ), t4 where f ′ s ⊆ fs ∧ (t4 − t1,2) < dt

Definition

For all PPT adversaries A, Pr[P(log file, dt) = 0] = negl(λ), where log file is a random variable that reflects the log file given the activity

• f A as described above.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 22 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 23 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 24 / 35

Client Access Resources Protocol (part 1)

Figure : Only when the protocol is initiated by a user, i.e. Alice, the authorization protocol can be executed.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 25 / 35

Client Access Resources Protocol (part 2.1)

Direct Access

Figure : C accesses Alice’s resources using her access token.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 26 / 35

Client Access Resources Protocol (part 2.2)

Indirect Access

Figure : C accesses Alice’s resources using Bob’s access token.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 27 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 28 / 35

Owner Privacy with Implicit Revocation

Figure : C ∗ can access Alice’s photos using Bob’s token even if its access has expired.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 29 / 35

Owner Privacy with Implicit Revocation

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 30 / 35

Server Consistency

Figure : Inconsistency between Facebook’s view and reality. Facebook has recorded that the resources were accessed by C while they were accessed by C ∗.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 31 / 35

Table of Contents

1

Resource Access Control In Social Networks Motivation Related Work

2

RACS Formal Model Protocols Properties

3

Facebook Protocols Attacks How to fix it

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 32 / 35

How to fix it

Owner Privacy with Implicit Revocation When C requests Alice’s resources using Bob’s access token, Facebook should respond with the intersection of Alice’s resources that Bob can access and the friends data permissions that Bob has given to C i.e. (oos ac[Alice, Bob] ∩ ocg ac[Bob, C]).

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 33 / 35

How to fix it

Server Consistency Various ways, Facebook can:

Support sign in functionality for applications. Filter IP address of an access resource request. Request that the client signs the token and a random value with its app secret.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 34 / 35

Questions?

This work was performed while at the National and Kapodistrian University

• f Athens. Research partly supported by ERC project CODAMODA.

Chronopoulos,Gouseti, Kiayias (UoA) RACS CANS 2013 35 / 35