logging in or signing up ifip05 Abbott Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 32 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: November 23, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript A Credential-Based Approach for Facilitating Automatic, Secure Resource Sharing Among Ad-hoc Dynamic Coalitions: A Credential-Based Approach for Facilitating Automatic, Secure Resource Sharing Among Ad-hoc Dynamic Coalitions Janice Warner and Vijayalakshmi Atluri Rutgers University Ravi Mukkamala Old Dominion University August 2005Coalition Resource Sharing: Coalition Resource Sharing Dynamic and Ad-hoc – members may leave and new members may join Examples: Natural Disaster: government agencies, non-government organizations and private organizations may share data about victims, supplies and logistics. Homeland Security: Information collected by various governmental agencies shared for comprehensive data mining Virtual Enterprises: Collaboration between companies Current Approaches to Resource Sharing: Current Approaches to Resource Sharing Form teams (workgroups) comprising of users from all coalition entities Problems: not viable and scalable - may result in delays User ids given to each external member of the coalition and access control is provisioned on these ids. Problem: administratively burdensome; requires explicit revocation upon coalition or user termination Single access id provided to each external coalition entity Problem: Fine-grained access control is not possible Resources are copied to external coalition member Problem: Updates are difficult and may result in uncontrolled sharingOutline: Outline Motivation What is needed CBAC Model DCBAC Model Conclusions and Future WorkResource Sharing among Coalitions : Resource Sharing among Coalitions Typically, the policies for sharing are stated at the coalition level Example – The Red Cross and Doctors without Borders will work together to investigate the spread of infectious diseases in the wake of a natural disaster. Enforcing coalition-level security policies requires transforming them to implementation level Example - Dr. Roberts of Doctors without Borders can access reports on the spread of infectious diseases in Turkey.Our Preliminary Solution (presented at ICDCIT04): Our Preliminary Solution (presented at ICDCIT04) A formal model comprising of three levels (user-object, role, coalition levels) Enables handshaking of relevant information by appropriate levels of the agencies Allows distributed access control – control remains in the hands of the resource owner Layered CBAC Model: role segment user-object request Layered CBAC Model User-Object Level Role Level Coalition Level user-object request role segment user-object request Entity A Drs-w/o-Borders Entity B Red Cross User-Object Level Role Level Coalition Level user-object request =roberts, concept: disease, type: data = doctor (location: Turkey, specialty: immunology) concept: disease, type: data = 555444555, DB99, RC11, doctor (location: Turkey, specialty: immunology) concept: disease, type: data = doctor (location: Turkey, specialty: immunology) concept: disease, type: data =RID799, RID223Limitations of CBAC Model: Limitations of CBAC Model Coalitions need to have high level agreements in place before there is a flow of information: Coalition entities know what is available and how to find it. Coalition entity ids are pre-assigned. Credentials requirements are union of all associated with role that has access to requested object.Dynamic Coalition-Based Access Control Model (DCBAC): Dynamic Coalition-Based Access Control Model (DCBAC) Dynamic because: Employs a Coalition Service Registry (CSR) where shared resources and coalition level policies are publicized Agreements do not need to established between coalition partners beforehand Computes credentials needed by external user from local access control policies through Mapper layer. Coalition access control policy determined through transformation of local access control policyPrincipals of DCBAC: Principals of DCBAC Existing access control mechanisms within each coalition entity remain intact. Access rights are granted to subjects only if they belong to an organization recognized by the coalition. Subjects of a coalition entity must have credentials with attribute values comparable to those of local subjects.DCBAC Architecture : Network (e.g., Internet) DCBAC Architecture Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Level Local Services (shared and private) Local Services (shared and private) Coalition Service Registry (CSR) Coalition Access Point (CAP) Example Emergency Management Scenario: Example Emergency Management Scenario International Red Cross makes available its Emergency Response IS subject to: Organization Level Policy: Must be member of a non-profit, certified, relief organization. Individual Policy: Access is restricted to information concerning the emergency site in which they are currently working. Policy Based on LAC Mapping: Credentials must be comparable with those of internal users.Coalition Service Registry: Coalition Service Registry Similar to UDDI Web Service Registry Advertises resources that coalition entities make available Describes interface to resources Describes credentials needed to access resources Verifies organizational-level credentials Issues a “ticket” which can be submitted by individuals in authenticated organization with request to access a specific resource. Coalition Service Registry (CSR)CSR is a UDDI-like Registry : CSR is a UDDI-like Registry Coalition Service Registry (CSR) businessEntity businessService bindingTemplate UDDI:name UDDI:category bag UDDI:description UDDI:accessPoint UDDI:category bag UDDI:description UDDI:tModelInstanceDetailsCSR is a UDDI-like Registry : CSR is a UDDI-like Registry Coalition Service Registry (CSR) businessEntity businessService bindingTemplate UDDI:name UDDI:category bag UDDI:description UDDI:accessPoint UDDI:category bag UDDI:description UDDI:tModelInstanceDetails Resources listed in the CSR are searchable based on resource identifiers, name, keywords or category.CSR is a UDDI-like Registry : CSR is a UDDI-like Registry Coalition Service Registry (CSR) businessEntity businessService bindingTemplate UDDI:name UDDI:category bag UDDI:description UDDI:accessPoint UDDI:category bag UDDI:description UDDI:tModelInstanceDetails Provides network address of Coalition Access Point from which resource can be requested. Provides credential info and other access requirements Example – Resource request is made : Network (e.g., Internet) Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Service Registry (CSR) Example – Resource request is made 〈744, roberts, concept: disease type: data 〉 〈744, (degree:MD, gender:M, location:Turkey, specialty: infectious disease), concept: disease type: data 〉 〈744, (location:Turkey, specialty: infectious disease), Red_Cross_RID_730〉Example – Obtain organizational assertion : Network (e.g., Internet) Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Service Registry (CSR) Example – Obtain organizational assertion Doctors-Without-Borders CAP consults the CSR: to find the resource(s) (if it has not been located before) to obtain a valid organizational assertion (if it does not currently have one)Tickets are SAML assertions: Tickets are SAML assertions Assertions are declarations of facts: Issuer ID and issuance timestamp Assertion ID Subject “Conditions” under which assertion is valid (e.g., validity period) CSR declares that organizational credentials were submitted and validated. Assertions can be digitally signed (and should be) Coalition Service Registry (CSR)Example – Request send to provider’s CAP: Example – Request send to provider’s CAP Network (e.g., Internet) Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Level Local Services (shared and private) 〈744, Doctors Without Borders, Red Cross, SAML Assertion, Red_Cross_RID_730, (location:Turkey, specialty: infectious disease) 〉Example – Provider evaluates request: Example – Provider evaluates request Network (e.g., Internet) Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Level Local Services (shared and private) 〈744, Red_Cross_RID_730, (location:Turkey, specialty: infectious disease) 〉 Validates organizational credentials 〈744, Red_Cross_RID_730〉Conclusions: Conclusions DCBAC automates translation of coalition level policies into subject-resource level. Depends upon credentials – both organizational level and user. Maps roles to credentials commonly held by members of the role. Uses a Coalition Service Registry so that ad-hoc coalitions can be formed simply by discovering resources that are needed. Can be built using currently available standard protocols – XACML, UDDI and SAML. Ongoing Work: Ongoing Work Mapper – Details on mapping local policies to credentials submitted to ICISS 2005 Graph-based approach Strategies for inclusion of similar credentials Data mining of logs, local policies, and other security related data to obtain: Groupings of users with similar data requirements and attributes Groupings of resources Resolving semantic heterogeneity between policies and credential attributes.DCBAC – Coalition Level: DCBAC – Coalition Level Interacts with the coalition level at other coalition entities through the Coalition Access Point (CAP). Incoming: Processes requests by validating CSR ticket. Outgoing: Obtains ticket, appends to user request and forwards it to appropriate CAP. DCBAC – Credential Filter: DCBAC – Credential Filter Incoming Requests: Determines whether user credentials sent with request are adequate. Optionally, can downgrade or upgrade the credentials of users from specific entities. Outgoing Requests: Filters user credentials such that only those necessary to obtain access are sent. DCBAC - Mapper: DCBAC - Mapper Assumes RBAC local access control although this is not essential. Incoming – Compares user credentials to internal roles that have rights to requested resource. Outgoing – Determines role played by requester and retrieves credentials common to users playing that role. DCBAC – LAC: DCBAC – LAC Enforces control on local services for both local and non-local requests. Local requests are received through the local user interface. External requests are received through the mapper. You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
ifip05 Abbott Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 32 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: November 23, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript A Credential-Based Approach for Facilitating Automatic, Secure Resource Sharing Among Ad-hoc Dynamic Coalitions: A Credential-Based Approach for Facilitating Automatic, Secure Resource Sharing Among Ad-hoc Dynamic Coalitions Janice Warner and Vijayalakshmi Atluri Rutgers University Ravi Mukkamala Old Dominion University August 2005Coalition Resource Sharing: Coalition Resource Sharing Dynamic and Ad-hoc – members may leave and new members may join Examples: Natural Disaster: government agencies, non-government organizations and private organizations may share data about victims, supplies and logistics. Homeland Security: Information collected by various governmental agencies shared for comprehensive data mining Virtual Enterprises: Collaboration between companies Current Approaches to Resource Sharing: Current Approaches to Resource Sharing Form teams (workgroups) comprising of users from all coalition entities Problems: not viable and scalable - may result in delays User ids given to each external member of the coalition and access control is provisioned on these ids. Problem: administratively burdensome; requires explicit revocation upon coalition or user termination Single access id provided to each external coalition entity Problem: Fine-grained access control is not possible Resources are copied to external coalition member Problem: Updates are difficult and may result in uncontrolled sharingOutline: Outline Motivation What is needed CBAC Model DCBAC Model Conclusions and Future WorkResource Sharing among Coalitions : Resource Sharing among Coalitions Typically, the policies for sharing are stated at the coalition level Example – The Red Cross and Doctors without Borders will work together to investigate the spread of infectious diseases in the wake of a natural disaster. Enforcing coalition-level security policies requires transforming them to implementation level Example - Dr. Roberts of Doctors without Borders can access reports on the spread of infectious diseases in Turkey.Our Preliminary Solution (presented at ICDCIT04): Our Preliminary Solution (presented at ICDCIT04) A formal model comprising of three levels (user-object, role, coalition levels) Enables handshaking of relevant information by appropriate levels of the agencies Allows distributed access control – control remains in the hands of the resource owner Layered CBAC Model: role segment user-object request Layered CBAC Model User-Object Level Role Level Coalition Level user-object request role segment user-object request Entity A Drs-w/o-Borders Entity B Red Cross User-Object Level Role Level Coalition Level user-object request =roberts, concept: disease, type: data = doctor (location: Turkey, specialty: immunology) concept: disease, type: data = 555444555, DB99, RC11, doctor (location: Turkey, specialty: immunology) concept: disease, type: data = doctor (location: Turkey, specialty: immunology) concept: disease, type: data =RID799, RID223Limitations of CBAC Model: Limitations of CBAC Model Coalitions need to have high level agreements in place before there is a flow of information: Coalition entities know what is available and how to find it. Coalition entity ids are pre-assigned. Credentials requirements are union of all associated with role that has access to requested object.Dynamic Coalition-Based Access Control Model (DCBAC): Dynamic Coalition-Based Access Control Model (DCBAC) Dynamic because: Employs a Coalition Service Registry (CSR) where shared resources and coalition level policies are publicized Agreements do not need to established between coalition partners beforehand Computes credentials needed by external user from local access control policies through Mapper layer. Coalition access control policy determined through transformation of local access control policyPrincipals of DCBAC: Principals of DCBAC Existing access control mechanisms within each coalition entity remain intact. Access rights are granted to subjects only if they belong to an organization recognized by the coalition. Subjects of a coalition entity must have credentials with attribute values comparable to those of local subjects.DCBAC Architecture : Network (e.g., Internet) DCBAC Architecture Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Level Local Services (shared and private) Local Services (shared and private) Coalition Service Registry (CSR) Coalition Access Point (CAP) Example Emergency Management Scenario: Example Emergency Management Scenario International Red Cross makes available its Emergency Response IS subject to: Organization Level Policy: Must be member of a non-profit, certified, relief organization. Individual Policy: Access is restricted to information concerning the emergency site in which they are currently working. Policy Based on LAC Mapping: Credentials must be comparable with those of internal users.Coalition Service Registry: Coalition Service Registry Similar to UDDI Web Service Registry Advertises resources that coalition entities make available Describes interface to resources Describes credentials needed to access resources Verifies organizational-level credentials Issues a “ticket” which can be submitted by individuals in authenticated organization with request to access a specific resource. Coalition Service Registry (CSR)CSR is a UDDI-like Registry : CSR is a UDDI-like Registry Coalition Service Registry (CSR) businessEntity businessService bindingTemplate UDDI:name UDDI:category bag UDDI:description UDDI:accessPoint UDDI:category bag UDDI:description UDDI:tModelInstanceDetailsCSR is a UDDI-like Registry : CSR is a UDDI-like Registry Coalition Service Registry (CSR) businessEntity businessService bindingTemplate UDDI:name UDDI:category bag UDDI:description UDDI:accessPoint UDDI:category bag UDDI:description UDDI:tModelInstanceDetails Resources listed in the CSR are searchable based on resource identifiers, name, keywords or category.CSR is a UDDI-like Registry : CSR is a UDDI-like Registry Coalition Service Registry (CSR) businessEntity businessService bindingTemplate UDDI:name UDDI:category bag UDDI:description UDDI:accessPoint UDDI:category bag UDDI:description UDDI:tModelInstanceDetails Provides network address of Coalition Access Point from which resource can be requested. Provides credential info and other access requirements Example – Resource request is made : Network (e.g., Internet) Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Service Registry (CSR) Example – Resource request is made 〈744, roberts, concept: disease type: data 〉 〈744, (degree:MD, gender:M, location:Turkey, specialty: infectious disease), concept: disease type: data 〉 〈744, (location:Turkey, specialty: infectious disease), Red_Cross_RID_730〉Example – Obtain organizational assertion : Network (e.g., Internet) Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Service Registry (CSR) Example – Obtain organizational assertion Doctors-Without-Borders CAP consults the CSR: to find the resource(s) (if it has not been located before) to obtain a valid organizational assertion (if it does not currently have one)Tickets are SAML assertions: Tickets are SAML assertions Assertions are declarations of facts: Issuer ID and issuance timestamp Assertion ID Subject “Conditions” under which assertion is valid (e.g., validity period) CSR declares that organizational credentials were submitted and validated. Assertions can be digitally signed (and should be) Coalition Service Registry (CSR)Example – Request send to provider’s CAP: Example – Request send to provider’s CAP Network (e.g., Internet) Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Level Local Services (shared and private) 〈744, Doctors Without Borders, Red Cross, SAML Assertion, Red_Cross_RID_730, (location:Turkey, specialty: infectious disease) 〉Example – Provider evaluates request: Example – Provider evaluates request Network (e.g., Internet) Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Local User Interface Local Access Control (LAC) Credential to LAC Mapper Credential Filter Coalition Level Coalition Level Local Services (shared and private) 〈744, Red_Cross_RID_730, (location:Turkey, specialty: infectious disease) 〉 Validates organizational credentials 〈744, Red_Cross_RID_730〉Conclusions: Conclusions DCBAC automates translation of coalition level policies into subject-resource level. Depends upon credentials – both organizational level and user. Maps roles to credentials commonly held by members of the role. Uses a Coalition Service Registry so that ad-hoc coalitions can be formed simply by discovering resources that are needed. Can be built using currently available standard protocols – XACML, UDDI and SAML. Ongoing Work: Ongoing Work Mapper – Details on mapping local policies to credentials submitted to ICISS 2005 Graph-based approach Strategies for inclusion of similar credentials Data mining of logs, local policies, and other security related data to obtain: Groupings of users with similar data requirements and attributes Groupings of resources Resolving semantic heterogeneity between policies and credential attributes.DCBAC – Coalition Level: DCBAC – Coalition Level Interacts with the coalition level at other coalition entities through the Coalition Access Point (CAP). Incoming: Processes requests by validating CSR ticket. Outgoing: Obtains ticket, appends to user request and forwards it to appropriate CAP. DCBAC – Credential Filter: DCBAC – Credential Filter Incoming Requests: Determines whether user credentials sent with request are adequate. Optionally, can downgrade or upgrade the credentials of users from specific entities. Outgoing Requests: Filters user credentials such that only those necessary to obtain access are sent. DCBAC - Mapper: DCBAC - Mapper Assumes RBAC local access control although this is not essential. Incoming – Compares user credentials to internal roles that have rights to requested resource. Outgoing – Determines role played by requester and retrieves credentials common to users playing that role. DCBAC – LAC: DCBAC – LAC Enforces control on local services for both local and non-local requests. Local requests are received through the local user interface. External requests are received through the mapper.