1 / 27

Janice Warner and Vijayalakshmi Atluri Rutgers University

A Credential-Based Approach for Facilitating Automatic, Secure Resource Sharing Among Ad-hoc Dynamic Coalitions. Janice Warner and Vijayalakshmi Atluri Rutgers University. Ravi Mukkamala Old Dominion University. August 2005. Coalition Resource Sharing.

clove
Download Presentation

Janice Warner and Vijayalakshmi Atluri Rutgers University

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Credential-Based Approach for Facilitating Automatic, Secure Resource Sharing Among Ad-hoc Dynamic Coalitions Janice Warner and Vijayalakshmi Atluri Rutgers University Ravi Mukkamala Old Dominion University August 2005

  2. Coalition Resource Sharing • Dynamic and Ad-hoc – members may leave and new members may join • Examples: • Natural Disaster: government agencies, non-government organizations and private organizations may share data about victims, supplies and logistics. • Homeland Security: Information collected by various governmental agencies shared for comprehensive data mining • Virtual Enterprises: Collaboration between companies IFIP05-Warner, Atluri and Mukkamala

  3. Current Approaches to Resource Sharing • Form teams (workgroups) comprising of users from all coalition entities Problems: not viable and scalable - may result in delays • User ids given to each external member of the coalition and access control is provisioned on these ids. Problem: administratively burdensome; requires explicit revocation upon coalition or user termination • Single access id provided to each external coalition entity Problem: Fine-grained access control is not possible • Resources are copied to external coalition member Problem: Updates are difficult and may result in uncontrolled sharing IFIP05-Warner, Atluri and Mukkamala

  4. Outline • Motivation • What is needed • CBAC Model • DCBAC Model • Conclusions and Future Work IFIP05-Warner, Atluri and Mukkamala

  5. Resource Sharing among Coalitions • Typically, the policies for sharing are stated at the coalition level • Example – The Red Cross and Doctors without Borders will work together to investigate the spread of infectious diseases in the wake of a natural disaster. • Enforcing coalition-level security policies requires transforming them to implementation level • Example - Dr. Roberts of Doctors without Borders can access reports on the spread of infectious diseases in Turkey. IFIP05-Warner, Atluri and Mukkamala

  6. Our Preliminary Solution (presented at ICDCIT04) • A formal model comprising of three levels (user-object, role, coalition levels) • Enables handshaking of relevant information by appropriate levels of the agencies • Allows distributed access control – control remains in the hands of the resource owner IFIP05-Warner, Atluri and Mukkamala

  7. coalition segment role segment user-object request Layered CBAC Model = 555444555, DB99, RC11,doctor (location: Turkey, specialty: immunology) concept: disease, type: data  role segment user-object request Coalition Level Coalition Level role segment user-object request = doctor (location: Turkey, specialty: immunology) concept: disease, type: data  = doctor (location: Turkey, specialty: immunology) concept: disease, type: data  Role Level Role Level User-Object Level User-Object Level user-object request user-object request =RID799, RID223 =roberts, concept: disease, type: data Entity A Drs-w/o-Borders Entity B Red Cross IFIP05-Warner, Atluri and Mukkamala

  8. Limitations of CBAC Model • Coalitions need to have high level agreements in place before there is a flow of information: • Coalition entities know what is available and how to find it. • Coalition entity ids are pre-assigned. • Credentials requirements are union of all associated with role that has access to requested object. IFIP05-Warner, Atluri and Mukkamala

  9. Dynamic Coalition-Based Access Control Model (DCBAC) • Dynamic because: • Employs a Coalition Service Registry (CSR) where shared resources and coalition level policies are publicized Agreements do not need to established between coalition partners beforehand • Computes credentials needed by external user from local access control policies through Mapper layer. Coalition access control policy determined through transformation of local access control policy IFIP05-Warner, Atluri and Mukkamala

  10. Principals of DCBAC • Existing access control mechanisms within each coalition entity remain intact. • Access rights are granted to subjects only if they belong to an organization recognized by the coalition. • Subjects of a coalition entity must have credentials with attribute values comparable to those of local subjects. IFIP05-Warner, Atluri and Mukkamala

  11. DCBAC Architecture Network (e.g., Internet) Coalition Access Point (CAP) Coalition Level Coalition Service Registry (CSR) Coalition Level Credential Filter Credential Filter Credential to LAC Mapper Credential to LAC Mapper Local Services (shared and private) Local Access Control (LAC) Local Access Control (LAC) Local Services (shared and private) Local User Interface Local User Interface IFIP05-Warner, Atluri and Mukkamala

  12. Example Emergency Management Scenario International Red Cross makes available its Emergency Response IS subject to: Organization Level Policy: Must be member of a non-profit, certified, relief organization. Individual Policy: Access is restricted to information concerning the emergency site in which they are currently working. Policy Based on LAC Mapping: Credentials must be comparable with those of internal users. IFIP05-Warner, Atluri and Mukkamala

  13. Coalition Service Registry Coalition Service Registry (CSR) • Similar to UDDI Web Service Registry • Advertises resources that coalition entities make available • Describes interface to resources • Describes credentials needed to access resources • Verifies organizational-level credentials • Issues a “ticket” which can be submitted by individuals in authenticated organization with request to access a specific resource. IFIP05-Warner, Atluri and Mukkamala

  14. UDDI:name UDDI:discovery URL UDDI:contacts UDDI:description Coalition Service Registry (CSR) CSR is a UDDI-like Registry businessEntity UDDI:name businessService UDDI:description UDDI:category bag UDDI:accessPoint UDDI:description bindingTemplate UDDI:category bag UDDI:tModelInstanceDetails IFIP05-Warner, Atluri and Mukkamala

  15. UDDI:name UDDI:discovery URL UDDI:contacts UDDI:description Coalition Service Registry (CSR) CSR is a UDDI-like Registry Resources listed in the CSR are searchable based on resource identifiers, name, keywords or category. businessEntity UDDI:name businessService UDDI:description UDDI:category bag UDDI:accessPoint UDDI:description bindingTemplate UDDI:category bag UDDI:tModelInstanceDetails IFIP05-Warner, Atluri and Mukkamala

  16. UDDI:name UDDI:discovery URL UDDI:contacts UDDI:description Coalition Service Registry (CSR) CSR is a UDDI-like Registry businessEntity Provides network address of Coalition Access Point from which resource can be requested. UDDI:name businessService UDDI:description UDDI:category bag Provides credential info and other access requirements UDDI:accessPoint UDDI:description bindingTemplate UDDI:category bag UDDI:tModelInstanceDetails IFIP05-Warner, Atluri and Mukkamala

  17. Example – Resource request is made Network (e.g., Internet) Coalition Level Coalition Service Registry (CSR) 〈744, (location:Turkey, specialty: infectious disease), Red_Cross_RID_730〉 Credential Filter 〈744, (degree:MD, gender:M, location:Turkey, specialty: infectious disease), concept: disease type: data 〉 Credential to LAC Mapper Local Access Control (LAC) 〈744, roberts, concept: disease type: data 〉 Local User Interface IFIP05-Warner, Atluri and Mukkamala

  18. Example – Obtain organizational assertion Network (e.g., Internet) • Doctors-Without-Borders CAP consults the CSR: • to find the resource(s) (if it has not been located before) • to obtain a valid organizational assertion (if it does not currently have one) Coalition Level Coalition Service Registry (CSR) Credential Filter Credential to LAC Mapper Local Access Control (LAC) Local User Interface IFIP05-Warner, Atluri and Mukkamala

  19. Tickets are SAML assertions Coalition Service Registry (CSR) • Assertions are declarations of facts: • Issuer ID and issuance timestamp • Assertion ID • Subject • “Conditions” under which assertion is valid (e.g., validity period) • CSR declares that organizational credentials were submitted and validated. • Assertions can be digitally signed (and should be) IFIP05-Warner, Atluri and Mukkamala

  20. Example – Request send to provider’s CAP Network (e.g., Internet) Coalition Level 〈744, Doctors Without Borders, Red Cross, SAML Assertion, Red_Cross_RID_730, (location:Turkey, specialty: infectious disease) 〉 Coalition Level Credential Filter Credential Filter Credential to LAC Mapper Credential to LAC Mapper Local Access Control (LAC) Local Access Control (LAC) Local Services (shared and private) Local User Interface Local User Interface IFIP05-Warner, Atluri and Mukkamala

  21. Example – Provider evaluates request Network (e.g., Internet) Coalition Level Coalition Level Validates organizational credentials Credential Filter Credential Filter 〈744, Red_Cross_RID_730, (location:Turkey, specialty: infectious disease) 〉 Credential to LAC Mapper Credential to LAC Mapper Local Access Control (LAC) 〈744, Red_Cross_RID_730〉 Local Access Control (LAC) Local Services (shared and private) Local User Interface Local User Interface IFIP05-Warner, Atluri and Mukkamala

  22. Conclusions • DCBAC automates translation of coalition level policies into subject-resource level. • Depends upon credentials – both organizational level and user. • Maps roles to credentials commonly held by members of the role. • Uses a Coalition Service Registry so that ad-hoc coalitions can be formed simply by discovering resources that are needed. • Can be built using currently available standard protocols – XACML, UDDI and SAML. IFIP05-Warner, Atluri and Mukkamala

  23. Ongoing Work • Mapper – Details on mapping local policies to credentials submitted to ICISS 2005 • Graph-based approach • Strategies for inclusion of similar credentials • Data mining of logs, local policies, and other security related data to obtain: • Groupings of users with similar data requirements and attributes • Groupings of resources • Resolving semantic heterogeneity between policies and credential attributes. IFIP05-Warner, Atluri and Mukkamala

  24. Coalition Level Credential Filter Credential to LAC Mapper Local Access Control (LAC) Local User Interface DCBAC – Coalition Level • Interacts with the coalition level at other coalition entities through the Coalition Access Point (CAP). • Incoming: Processes requests by validating CSR ticket. • Outgoing: Obtains ticket, appends to user request and forwards it to appropriate CAP. IFIP05-Warner, Atluri and Mukkamala

  25. Coalition Level Credential Filter Credential to LAC Mapper Local Access Control (LAC) Local User Interface DCBAC – Credential Filter • Incoming Requests: • Determines whether user credentials sent with request are adequate. • Optionally, can downgrade or upgrade the credentials of users from specific entities. • Outgoing Requests: • Filters user credentials such that only those necessary to obtain access are sent. IFIP05-Warner, Atluri and Mukkamala

  26. Coalition Level Credential Filter Credential to LAC Mapper Local Access Control (LAC) Local User Interface DCBAC - Mapper • Assumes RBAC local access control although this is not essential. • Incoming – Compares user credentials to internal roles that have rights to requested resource. • Outgoing – Determines role played by requester and retrieves credentials common to users playing that role. IFIP05-Warner, Atluri and Mukkamala

  27. Coalition Level Credential Filter Credential to LAC Mapper Local Access Control (LAC) Local User Interface DCBAC – LAC • Enforces control on local services for both local and non-local requests. • Local requests are received through the local user interface. • External requests are received through the mapper. IFIP05-Warner, Atluri and Mukkamala

More Related