Data and Applications Security Developments and DirectionsOutline of the UnitNeed to Know to Need to ShareRBACRBAC (Sandhu)UCONUCON (Sandhu)Role-based Usage Control (RBUC)RBUC in Coalition EnvironmentDissemination PoliciesRisk Based Data Sharing/Access ControlTrust ManagementSlide 13The problem: establishing trust in open systemsTrust Negotiation modelTrust negotiation: the approachSubject properties: digital credentialsSlide 18CredentialsDisclosure policiesDisclosure policies - ExampleDisclosure policies - ExampleTrust Negotiation - definitionTrust-X system: Joint Research with University of MilanTrust-X language: X-TNLX-TNL: Credential type systemTrust-X negotiation phases- basic modelTrust-X ArchitectureHow a policy is processedDirectionsData and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasPoliciesSeptember 7, 2010Outline of the UnitNeed to Know to Need to ShareRBACUCONRBUCDisseminationRick based access controlTrust Management/Credential/DisclosureDirectionsMajor conferences for Policy and Access Control:-IEEE Policy Workshop-ACM SACMATNeed to Know to Need to ShareNeed to know policies during the cold war; even if the user has access, does the user have a need to know?Pose 9/11 the emphasis is on need to share-User may not have access, but needs the dataDo we give the data to the user and then analyze the consequencesDo we analyze the consequences and then determine the actions to takeDo we simply not give the data to the userWhat are risks involved?RBACAccess to information sources including structured and unstructured data both within the organization and external to the organization Access based on rolesHierarchy of roles: handling conflictsControlled dissemination and sharing of the dataRBAC (Sandhu)UCONRBAC model is incorporated into UCON and useful for various applications-Authorization componentObligations -Obligations are actions required to be performed before an access is permitted-Obligations can be used to determine whether an expensive knowledge search is requiredAttribute Mutability-Used to control the scope of the knowledge searchCondition-Can be used for resource usage policies to be relaxed or tightenedUCON (Sandhu)Role-based Usage Control (RBUC)RBAC with UCON extensionRBUC in Coalition Environment•The coalition partners maybe trustworthy), semi-trustworthy) or untrustworthy), so we can assign different roles on the users (professor) from different infospheres, e.g.•professor role, •trustworthy professor role, •semi-trustworthy professor role,•untrustworthy professor role.•We can enforce usage control on data by set up object attributes to different roles during permission-role-assignment, •e.g. professor role: 4 times a day,trustworthy role: 3 times a daysemi-trustworthy professor role: 2 times a day,untrustworthy professor role: 1 time a dayDissemination PoliciesRelease policies will determine to whom to release the data-What is the connection to access control-Is access control sufficient-Once the data is retrieved from the information source (e.g., database) should it be released to the userOnce the data is released, dissemination policies will determine who the data can be given to-Electronic music, etc.Risk Based Data Sharing/Access ControlWhat are the risks involved in releasing/disseminating the dataRisk modeling should be integrated with the access control modelSimple method: assign risk valuesHigher the risk, lower the sharingWhat is the cost of releasing the data?Cost/Risk/Security closely relatedTrust ManagementTrust Services-Identify services, authorization services, reputation servicesTrust negotiation (TN)-Digital credentials, Disclosure policiesTN Requirements-Language requirementsSemantics, constraints, policies-System requirementsCredential ownership, validity, alternative negotiation strategies, privacyExample TN systems-KeyNote and Trust-X (U of Milan), TrustBuilder (UIUC)Trust ManagementThe problem: establishing trust in open systems Mutual authentication- Assumption on the counterpart honesty no longer holds- Both participants need to authenticate each other Interactions between strangers - In conventional systems user identity is known in advance and can be used for performing access control- In open systems partecipants may have no pre-existing relationship and may not share a common security domainTrust NegotiationmodelA promising approach for open systems where most of the interactions occur between strangersThe goal: establish trust between parties in order to exchange sensitive information and services The approach: establish trust by verifying properties of the other partyTrust negotiation: the approach Interactions between strangers in open systems are different from traditional access control modelsPolicies and mechanisms developed in conventional systems need to be revisedUSER ID’s VS. SUBJECT PROPERTIESACCESS CONTROL POLICIESVS. DISCLOSURE POLICIESSubject properties: digital credentials Assertion about the credential owner issued and certified by a Certification Authority. CA CA CA CA Each entity has an associated set of credentials, describing properties and attributes of the owner.Use of CredentialsCredentialIssuerDigital Credentials-Julie-3 kids-Married-AmericanCompany ACompany BWant to know citizenshipWant to know marital status-Julie - American-Julie - MarriedAliceCheckCheckReferenced from http://www.credentica.com/technology/overview.pdfCredentialsCredentials can be expressed through the Security Assertion Mark-up Language (SAML)SAML allows a party to express security statements about a given subject-Authentication statements-Attribute statements-Authorization decision statementsDisclosure policiesDisclosure policies govern:Access to protected resourcesAccess to sensitive informationDisclosure of sensitive credentialsDisclosure policies express trust requirements by means of credential combinations that must be disclosed to obtain authorizationDisclosure policiesDisclosure policies - Example Suppose NBG Bank offers loans to studentsTo check the eligibility of the requester, the Bank asks the student to present the following credentials-The student card-The ID card-Social Security Card-Financial information – either a copy of the Federal Income Tax Return or
View Full Document