Unformatted text preview:

Data and Applications Security Developments and DirectionsOutline of the UnitNeed to Know to Need to ShareRBACRBAC (Sandhu)UCONUCON (Sandhu)Role-based Usage Control (RBUC)RBUC in Coalition EnvironmentDissemination PoliciesRisk Based Data Sharing/Access ControlTrust ManagementSlide 13The problem: establishing trust in open systemsTrust Negotiation modelTrust negotiation: the approachSubject properties: digital credentialsSlide 18CredentialsDisclosure policiesDisclosure policies - ExampleDisclosure policies - ExampleTrust Negotiation - definitionTrust-X system: Joint Research with University of MilanTrust-X language: X-TNLX-TNL: Credential type systemTrust-X negotiation phases- basic modelTrust-X ArchitectureHow a policy is processedDirectionsData and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasPoliciesSeptember 7, 2010Outline of the UnitNeed to Know to Need to ShareRBACUCONRBUCDisseminationRick based access controlTrust Management/Credential/DisclosureDirectionsMajor conferences for Policy and Access Control:-IEEE Policy Workshop-ACM SACMATNeed to Know to Need to ShareNeed to know policies during the cold war; even if the user has access, does the user have a need to know?Pose 9/11 the emphasis is on need to share-User may not have access, but needs the dataDo we give the data to the user and then analyze the consequencesDo we analyze the consequences and then determine the actions to takeDo we simply not give the data to the userWhat are risks involved?RBACAccess to information sources including structured and unstructured data both within the organization and external to the organization Access based on rolesHierarchy of roles: handling conflictsControlled dissemination and sharing of the dataRBAC (Sandhu)UCONRBAC model is incorporated into UCON and useful for various applications-Authorization componentObligations -Obligations are actions required to be performed before an access is permitted-Obligations can be used to determine whether an expensive knowledge search is requiredAttribute Mutability-Used to control the scope of the knowledge searchCondition-Can be used for resource usage policies to be relaxed or tightenedUCON (Sandhu)Role-based Usage Control (RBUC)RBAC with UCON extensionRBUC in Coalition Environment•The coalition partners maybe trustworthy), semi-trustworthy) or untrustworthy), so we can assign different roles on the users (professor) from different infospheres, e.g.•professor role, •trustworthy professor role, •semi-trustworthy professor role,•untrustworthy professor role.•We can enforce usage control on data by set up object attributes to different roles during permission-role-assignment, •e.g. professor role: 4 times a day,trustworthy role: 3 times a daysemi-trustworthy professor role: 2 times a day,untrustworthy professor role: 1 time a dayDissemination PoliciesRelease policies will determine to whom to release the data-What is the connection to access control-Is access control sufficient-Once the data is retrieved from the information source (e.g., database) should it be released to the userOnce the data is released, dissemination policies will determine who the data can be given to-Electronic music, etc.Risk Based Data Sharing/Access ControlWhat are the risks involved in releasing/disseminating the dataRisk modeling should be integrated with the access control modelSimple method: assign risk valuesHigher the risk, lower the sharingWhat is the cost of releasing the data?Cost/Risk/Security closely relatedTrust ManagementTrust Services-Identify services, authorization services, reputation servicesTrust negotiation (TN)-Digital credentials, Disclosure policiesTN Requirements-Language requirementsSemantics, constraints, policies-System requirementsCredential ownership, validity, alternative negotiation strategies, privacyExample TN systems-KeyNote and Trust-X (U of Milan), TrustBuilder (UIUC)Trust ManagementThe problem: establishing trust in open systems Mutual authentication- Assumption on the counterpart honesty no longer holds- Both participants need to authenticate each other Interactions between strangers - In conventional systems user identity is known in advance and can be used for performing access control- In open systems partecipants may have no pre-existing relationship and may not share a common security domainTrust NegotiationmodelA promising approach for open systems where most of the interactions occur between strangersThe goal: establish trust between parties in order to exchange sensitive information and services The approach: establish trust by verifying properties of the other partyTrust negotiation: the approach Interactions between strangers in open systems are different from traditional access control modelsPolicies and mechanisms developed in conventional systems need to be revisedUSER ID’s VS. SUBJECT PROPERTIESACCESS CONTROL POLICIESVS. DISCLOSURE POLICIESSubject properties: digital credentials Assertion about the credential owner issued and certified by a Certification Authority. CA CA CA CA Each entity has an associated set of credentials, describing properties and attributes of the owner.Use of CredentialsCredentialIssuerDigital Credentials-Julie-3 kids-Married-AmericanCompany ACompany BWant to know citizenshipWant to know marital status-Julie - American-Julie - MarriedAliceCheckCheckReferenced from http://www.credentica.com/technology/overview.pdfCredentialsCredentials can be expressed through the Security Assertion Mark-up Language (SAML)SAML allows a party to express security statements about a given subject-Authentication statements-Attribute statements-Authorization decision statementsDisclosure policiesDisclosure policies govern:Access to protected resourcesAccess to sensitive informationDisclosure of sensitive credentialsDisclosure policies express trust requirements by means of credential combinations that must be disclosed to obtain authorizationDisclosure policiesDisclosure policies - Example Suppose NBG Bank offers loans to studentsTo check the eligibility of the requester, the Bank asks the student to present the following credentials-The student card-The ID card-Social Security Card-Financial information – either a copy of the Federal Income Tax Return or


View Full Document

UTD CS 6V81 - LECTURE NOTES

Documents in this Course
Botnets

Botnets

33 pages

Privacy

Privacy

27 pages

Privacy

Privacy

27 pages

Load more
Download LECTURE NOTES
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view LECTURE NOTES and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view LECTURE NOTES 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?