This preview shows page 1-2-3-4-5-6-7-8-9-10-11-74-75-76-77-78-79-80-81-82-83-149-150-151-152-153-154-155-156-157-158-159 out of 159 pages.
SECURITY ASSURANCE FOR A RESOURCE-BASEDRBAC/DAC/MAC SECURITY MODELCharles Edward Phillips, Jr., Ph.D.University of Connecticut, 2004The day-to-day operations of corporations and government agencies rely oninter-operating software artifacts (e.g., legacy, commercial-off-the shelf (COTS),government-off-the-shelf (GOTS), databases, servers, etc.) and client applica-tions, which are brought together into a distributed environment running mid-dleware (e.g., CORBA, JINI, DCOM, etc.). In such a distributed environment,the interactions occur via the application programmer interfaces, APIs, of thesoftware artifacts, which are available for use by any and all client applications,without restriction. However, security administrators are interested in control-ling access by client applications to the methods of these artifact APIs as definedwithin a security policy. Specifically, they are interested in controlling: who(which client) can invoke which methods of artifact APIs at what times and how(data values). The “who” refers to whether the role and/or the security clearanceallows the method to be invoked. The “which” refers to an exact definition, foreach API, of the methods that can be invoked by each client (based on role orclearance level). The “what” refers to the time period that the method can beinvoked, allowing invocation constrained based on time. Finally, the “how” refersto the actual parameters of the invocation, constraining based on value(s). Thisdissertation will present the findings of our research effort on the unification ofrole-based access control (RBAC) and mandatory access control (MAC) into asecurity model and associated security enforcement framework that provides alevel of security assurance. Specifically, we provide the means for security officersto concretely and precisely specify a security policy for a distributed applicationusing a resource-based unified RBAC/MAC security model which will allow finegrained control to the API’s of software artifacts (operating in a environmentrunning middleware, e.g., CORBA, JINI, etc.). The RBAC/MAC security modelfeatures and accompanying security assurance assertions can be utilized to con-trol access to artifact APIs (methods) based on role, clearance/classification, timelimits, and data value constraints. In this dissertation, we report on the researchresults of this work, focusing on: a detailed discussion of our current unifiedRBAC/MAC security model - core definitions and role delegation; a review ofour accompanying security enforcement framework that utilizes our custom se-curity resource that supports the RBAC/MAC model; an in-depth examinationand proof of current security assurance guarantees, checked at design time andrun time, which provides for both safety (nothing bad can happen) and liveness(all good things can happen)in attainment of the security policy; and a review ofCharles Edward Phillips, Jr.––University of Connecticut, 2004our prototyping efforts. In addition, we report on related research and highlightthe contributions of the research.SECURITY ASSURANCE FOR A RESOURCE-BASEDRBAC/DAC/MAC SECURITY MODELCharles Edward Phillips, Jr.Master of Computer Science, Naval Postgraduate School, Monterey, CA 1989Bachelor of Science in Engineering, United States Military Academy, WestPoint, NY 1981A DissertationSubmitted in Partial Fulfillment of theRequirements for the Degree ofDoctor of Philosophyat theUniversity of Connecticut2004Copyright byCharles Edward Phillips, Jr.2004APPROVAL PAGEDoctor of Philosophy DissertationSECURITY ASSURANCE FOR A RESOURCE-BASEDRBAC/DAC/MAC SECURITY MODELPresented byCharles Edward Phillips, Jr.,Major AdvisorSteven A. DemurjianAssociate AdvisorT.C.TingAssociate AdvisorIan GreenshieldsUniversity of Connecticut2004iiACKNOWLEDGEMENTSFirst, I give many special thanks to my advisor Steven A. Demurjian, Sr.for his constant support, encouragement, and patience throughout this entirePh.D. process. I simply could not have reached this point without him and I willalways carry an unwavering appreciation and debt of gratitude for his efforts onmy behalf. Thank you for accepting me into this program, for pushing me, andfor helping me make it through every gate.I would like to thank Prof. Ting and Prof. Greenshields for participating inmy committee and taking the time to read the dissertation and provide usefulcomments. Also, thanks to Lester Lipsky, Alex Russell, Reda Ammar, EugeneSantos and Alex Shvartsman for their candid comments on my work. You all gavevaluable insights and constructive criticisms which made for a better product inthe end.Thanks to all my fellow graduate students who helped me in my research andprototyping efforts, I know I would not have made any progress with out you.There will always be a place in my heart for each of you and I will always consideryou my friends.I acknowledge the input, advice, and support of my colleagues in the USMA,Department of Electrical Engineering and Computer Science. I thank ProfessorCharles Reynolds, for the various formalisms, notations, and definitions in Chap-ters 3, 4, and 5. He really helped bring my work to culmination; Professor JeanBlair for protecting my time so I could finish this work; and CPT Jim Jacksonfor helping me through the growing-pains of Latex. I appreciate your supportmore than you probably realize.Finally, I thank my family for putting up with my mid-life crisis. You haveall had to sacrifice in different ways because of me and the time that has passedcan regrettably, never be recovered. Please know I tried my best to lessen theimpact of my work on you and that you were always in my thoughts and prayers.My dear wife Beth, I appreciate you more than I can say and I know I can nevermake up for everything you have done to support me over the years, but I willtry with all my everything.iiiTABLE OF CONTENTSChapter 1: Introduction 11.1 Security Assurance . . . . . . . . . . . . . . . . . . . . . . . . . . 31.2 Security Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . 61.3 A Unified RBAC/DAC/MAC Model/Enforcement Framework forAssurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111.3.1 Problem Approach . . . . . . . . . . . . . . . . . . . . . . 111.3.2 Relevance and Impact of Research . . . . . . . . . . . . . . 161.3.3 Expected Contributions . . . . . . . . . . . . . . . . . . . 181.4 Credits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211.5 Organization of
View Full Document
Unlocking...