1 / 16

CPOL: High-Performance Policy Evaluation

This paper discusses the design and evaluation of CPOL, a high-performance policy evaluation solution. It compares CPOL to other current solutions and highlights its advantages in terms of expressiveness, volume handling, and performance.

castonguay
Download Presentation

CPOL: High-Performance Policy Evaluation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CPOL: High-Performance Policy Evaluation Kevin Borders Xin Zhao Atul Prakash University of Michigan ACM CCS 2005

  2. Overview • Motivation: Why High-Performance? • Current Solutions • CPOL Design • Evaluation of CPOL vs. Other Solutions • Conclusion and Future Work ACM CCS 2005

  3. Motivation: Why High-Performance? • Applications are emerging that require high-throughput policy evaluation • Example: Enforcing privacy policies for location-aware services • Large number of subscribers • Alice may want to give Bob access to her location only Monday through Friday 9 AM – 5 PM when she is in the computer science building • Example: Text messaging • Control who can send you information depending on the time and your location ACM CCS 2005

  4. Current Policy Evaluation Solutions • KeyNote Trust Management System • Delegation chains are used to grant trust • Not designed with performance in mind – very slow • SQL Database • More scalable than KeyNote, but throughput is still not good enough – approx. 2000 queries/second ACM CCS 2005

  5. CPOL Design Goals • Have expressiveness comparable to KeyNote • Express almost everything KeyNote can and some things that KeyNote cannot • Be able to handle a large volume of requests a single machine • Hundreds of thousands of requests/second ACM CCS 2005

  6. CPOL Policies CPOL Policy Fields Owner:The owner is the entity whose resources are controlled by this rule. Licensee(s): The licensee is the entity or group that will receive privileges. Access token: The access token contains information about the rights assigned by this rule.Condition:CPOL verifies that the condition is true before granting the access token to the licensee(s). Sample Policy Owner: AliceLicensee: BobAccessToken { LocationResolution = RoomLevel IdentityResolution = Name DelegationPrivileges = None}Condition { AfterTime = 9 AM BeforeTime = 5 PM InBuilding = {Library, CS} NotInRoom = {ConferenceRoom 1010 CS}} ACM CCS 2005

  7. CPOL Design Overview • CPOL takes advantage of the trend that the domain of policies for a particular application is usually fairly small • Instead of presenting a highly expressive interface at runtime, restrict the domain of policies at compile-time • Define access token and condition objects • CPOL also exploits caching to improve performance ACM CCS 2005

  8. Defining CPOL for an Application • Access Token • Define data members • Define Boolean AddAccess(newToken) – does this token have sufficient delegation privileges to add a new rule with newToken? • Condition • Define data members • Define Boolean Test(state) – is the condition true given an input state? ACM CCS 2005

  9. Caching • Correct invalidation is done using cache conditions • Cache Condition = Sum(Conditions) • Cache Condition is more compact than condition • Example: Calculate time-to-live and highest resolution of location conditions • Invalidated when Boolean StillGood(oldState, newState) is false ACM CCS 2005

  10. Testing Methodology • CPOL, KeyNote, and a MySQL database were all set up to evaluate privacy policies • Three experiments • Single request processing time (CPOL, KeyNote, MySQL) • Memory consumption (CPOL) • Simulated privacy request workload in a university environment (CPOL, MySQL) ACM CCS 2005

  11. Single Request Processing Time • CPOL and MySQL have O(1) processing time with respect to number of policies • KeyNote takes much longer to evaluate one policy with more policies in the system ACM CCS 2005

  12. Memory Usage • Important because CPOL is in memory system • Memory usage is per user, role, role membership, policy (rule), and cache entry • CPOL can store information for approximately 500,000 users with a 2,000,000 entry cache in 500 MB of memory ACM CCS 2005

  13. Simulated Privacy Workload • Movement data was generated using custom schedule-based generator for different numbers of users • Users’ privacy policies were created using information collected by surveying 30 potential users • Varying update frequency from one to thirty seconds ACM CCS 2005

  14. Future Work • Distribute CPOL over multiple servers to further enhance scalability • Minimize state replication between servers • Deploy CPOL in a real location-aware environment • New computer science building at University of Michigan will use CPOL for privacy policy enforcement • Use CPOL in other application domains such as mobile messaging ACM CCS 2005

  15. Conclusion • Applications are emerging that require high-performance policy evaluation • Current solutions (KeyNote and database server) are not efficient enough to handle a large workload • CPOL takes advantage of caching and compiled object attributes to deliver better performance • With 500 users and 5000 policies, CPOL is five to six orders of magnitude faster than KeyNote and two to three orders of magnitude faster than a MySQL implementation, depending on cache hit rate ACM CCS 2005

  16. Questions? • Please contact me if you wish to obtain source code for CPOL or for the schedule-based movement generator – source code will be available online soon! • E-mail: kborders@umich.edu ACM CCS 2005

More Related