1 / 57

463.0.2 Attribute-Based Security and Messaging

463.0.2 Attribute-Based Security and Messaging. Fariba Khan UIUC CS 463. Outline. Attributes Attribute-Based Security Case Studies Attribute-Based Messaging Shibboleth Secure RSS Project Schedule. Resources. Attribute-Based Messaging XACML XACML Sun Implementation SAML Demo videos

elina
Download Presentation

463.0.2 Attribute-Based Security and Messaging

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. 463.0.2 Attribute-Based Security and Messaging Fariba Khan UIUC CS 463

  2. Outline • Attributes • Attribute-Based Security • Case Studies • Attribute-Based Messaging • Shibboleth • Secure RSS • Project Schedule

  3. Resources • Attribute-Based Messaging • XACML • XACML Sun Implementation • SAML • Demo videos • ABM • PolicyMorph

  4. Attributes • Person • ID’s • Driver’s license, student id, library card • Student • year, department, courses, grades • Employee • Rank, division, projects • Resources • ID’s • PID, machine serial, room no. • File • Size, type, owner • Office space • Floor, window, corridor, size, officemates (room)

  5. Attribute-Based Security • Attribute-based systems include • Access Control, Encryption, Signature • Messaging • Identity, role and attribute • Identity-Based • “Alice” can read the file • “Trudy” cannot open the door • “Bob” will get the email • Role-Based • Any “Agent” can read the file • No “Doctor” can view the patient bill • Attribute-Based • “Alice” can drink if her age > 18 • “Bob” can watch CS463 class videos if he registered student. • Anybody can read the CS463 class webpage.

  6. Attribute-Based Messaging

  7. To: faculty going on sabbatical Introduction to ABM Attribute-Based Messaging (ABM): Targeting messages based on attributes. BobbaFKGK06

  8. Why ABM? • Attribute-based systems have desirable properties • flexibility, privacy and intuitiveness • Attribute-Based Messaging (ABM) brings these advantages to e-mail messaging • enhances confidentiality by supporting targeted messaging • via dynamic and transient groups • enhances relevance of messages • by reducing unwanted messages

  9. Challenges • Access Control • access to such a system should be carefully controlled • potential for spam • privacy of attributes • Deployability • system should be compatible with existing infrastructure • Efficiency • system should have comparable performance to regular e-mail

  10. Policy Decision ABM Server E-mail MTA To: Managers Enterprise Architecture • Ensuing Issues • ABM Address Format, Client I/F • Access Control - policy specification and enforcement • Attribute Database creation and maintenance Attr. DB

  11. OR AND AND AND OR Rank = Rank = Rank = Course = 463 Course = 463 Course = 591RHC Course = 591RHC ABM Address Format • Logical expressions of attribute value pairs • Disjunctive normal form • Example • All students taking CS463 and CS591RHC

  12. OR AND AND Rank = Rank = Course = 463 Course = 591RHC ABM Address Format • Logical expressions of attribute value pairs • Disjunctive normal form • Example • All students taking CS463 and CS591RHC

  13. Attribute Database • Attribute database • all enterprises have attribute data about their users • data spread over multiple, possibly disparate databases • assume that this attribute data is available to ABM system • Microsoft SQL Server • Native XML database support • eXtensible Markup Language • Easy to generate ‘dialects’, Human-legible • Accommodates easier data sharing and understanding in a flexible architecture.

  14. Access Control • Attribute-Based Access Control (ABAC) • uses same attributes used to target messages • Example • Alice wants send an email to “All faculty going on sabbatical” • Prof Eve is on that list. • Prof Eve has policy that only students taking his course and other faculty can send him email.

  15. Access Policy Language • XACML is used to specify access policies • Sun’s XACML engine is used for policy decision • XACML policy structure • Subject • Resource • Eve • Rule • Her students and all faculty OR Rank= AND Rank= Course = 463

  16. OR AND Rank= Rank= Rank= Course = 463 Access Policy Language • Problem • need policy per logical expression • policy explosion • Solution • one policy per <attribute,value> • XACML policy structure • Subject • Resource – • faculty • Rule • Her students, TA’s and faculties

  17. Deployability • Use existing e-mail infrastructure (SMTP) • address ABM messages to the ABM server (MUA) and add ABM address as a MIME attachment • No modification to client • use a web server to aid the sender in composing the ABM address via a thin client (web browser) • E-mail like semantics • policy specialization

  18. AR1 Policy xml AR2 Web Server Windows IIS MTA AR4 AR3 PS7 Attribute DB MS SQL Server PS2 ABM Server PS8 Sender PS1 MS2 MS1 Putting It All Together PDP Sun’s XACML Engine Legend PS: Policy Specialization MS: Messaging AR: Address Resolution

  19. Experimental Setup • Measured • latency over regular e-mail • with and without access control • latency of Policy Specialization • Setup • up to 60K users • 100 attributes in the system • 20% of attributes common to most users • 80% of attributes sparsely distributed

  20. Experimental Setup • Measured • latency over regular e-mail • with and without access control • latency of Policy Specialization • Setup • up to 60K users • 100 attributes in the system • 20% of attributes common to most users • 80% of attributes sparsely distributed

  21. Other Considerations • Policy Administration • one policy per <attribute ,value> • further be reduced to one policy per attribute • incremental deployment • Privacy • of sender and receivers • of ABM address • Usability • user interfaces • Email Exploits • MTA configured with SMTP authentication

  22. Future Work • Inter-domain ABM • e.g., address doctors in the tri-state area who have expertise in a specific kind of surgical procedure • challenge – “attribute mapping” • application in ‘emergency communications’ • Encrypted ABM

  23. Shibboleth Nori, Shankesi

  24. Shibboleth • An Internet2/MACE initiative to develop a standards-based architecture and policy framework supporting the sharing of secured web resources and services • A software project delivering an open source implementation of the architecture and framework • Based on the OASIS SAML standard

  25. Shibboleth Properties • Enables inter-institutional collaboration • Leverages existing infrastructure • Access control based on attributes • A standard but extensible AttributeValue vocabulary • Promotes secure web application interoperability

  26. User Shibboleth Login * Shibboleth vs. Athens “What the user sees during login”, MIMAS Team

  27. User 1 Service Provider Shibboleth Login 1. User wants a given resource

  28. User 1 2 Service Provider Shibboleth Login 2. User is prompted to login

  29. User 1 2 Service Provider Shibboleth Login User presses login button

  30. User 1 2 Service Provider Shibboleth Login User presses login button

  31. User WAYF 3 2 1 Service Provider Shibboleth Login 3. “Where Are You From?” service is contacted

  32. User WAYF 4 3 2 1 Service Provider Shibboleth Login 4. User is prompted for their “home” institution

  33. User WAYF 4 3 2 1 Service Provider Shibboleth Login User selects their “home” institution from drop-down list

  34. User WAYF 4 3 2 1 Service Provider Shibboleth Login User selects their “home” institution from drop-down list

  35. User WAYF 5 4 3 2 1 Service Provider Shibboleth Login 5. Selected institution is returned to WAYF

  36. User WAYF 5 4 3 6 2 1 Home Institution Service Provider Shibboleth Login 6. “Home” institution is contacted

  37. User WAYF 5 4 3 6 2 7 1 Home Institution Service Provider Shibboleth Login 7. User is prompted for “home” credentials

  38. User WAYF 5 4 3 6 2 7 1 Home Institution Service Provider Shibboleth Login User enters credentials at “home” institution

  39. User WAYF 5 4 3 6 2 7 1 Home Institution Service Provider Shibboleth Login User enters credentials at “home” institution

  40. User WAYF 5 4 3 6 2 7 1 8 Home Institution Service Provider Shibboleth Login 8. Credentials sent to “home” institution

  41. User WAYF 5 4 3 6 2 7 1 8 9 Home Institution Service Provider Shibboleth Login 9. Shibboleth handle sent to Service Provider

  42. User WAYF 5 4 3 6 2 7 1 8 9 Home Institution Service Provider Shibboleth Login 9. Shibboleth handle sent to Service Provider

  43. User WAYF 5 4 3 6 2 7 1 8 9 Home Institution Service Provider Shibboleth Login 9. Shibboleth handle sent to Service Provider

  44. User WAYF 5 4 3 6 2 7 1 8 9 10 Home Institution Service Provider Shibboleth Login 10. Attributes are requested from “home” institution

  45. User WAYF 5 4 3 6 2 7 1 8 9 10 11 Home Institution Service Provider Shibboleth Login 11. Attributes are returned to the Service Provider

  46. User WAYF 5 4 3 6 2 7 1 8 9 10 11 Home Institution Service Provider Shibboleth Login An authorisation decision is made based on attributes received

  47. User WAYF 5 4 3 6 2 7 1 8 12 9 10 11 Home Institution Service Provider Shibboleth Login 12. User is given access to the resource

  48. User WAYF 5 4 3 6 2 7 1 8 12 9 10 11 Home Institution Service Provider Shibboleth Login 12. User is given access to the resource

  49. Shibboleth® Enabled Applications and Services • Napster • Twiki • WebCT • ProQuest SEAS

  50. Secure RSS

More Related