1 / 13

End-to-end Authorization

End-to-end Authorization. Jon Howell and David Kotz Presented by James Newell. Background. Barriers impede authorization into hop-by-hop approaches Administrative domains Networks scale Levels of abstraction Different protocols

maia
Download Presentation

End-to-end Authorization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. End-to-end Authorization Jon Howell and David Kotz Presented by James Newell

  2. Background • Barriers impede authorization into hop-by-hop approaches • Administrative domains • Networks scale • Levels of abstraction • Different protocols • Gateways used to connect versions systems that bridge boundaries. End up making authorization decision on behalf of end-nodes.

  3. Motivation • End-to-end authorization approach spans all barriers • Make applications more secure • Reducing the number of programs that make access-control decisions • Giving more information to the access-control mechanisms • Providing more useful audit trails • Dynamic and Scalable Authorization

  4. Implementation • Snowflake • Built upon Simple Public Key Infrastructure (SPKI) • Principals, statements, and proofs are languages of the system • Statement is any assertion • Principle is any entity that can make a statement • Proof of authority is a collection of statements that together convince the reader of the truthfulness of the conclusion statement

  5. Signed-Certificate HD KS Transitivity HD KC·N Transitivity KS KC·N Name-monotonicity HKc· N  KC · N Signed-Certificate KS HKc· N Proofs • Send proof class to show authority • Transmitted in structure form • Proofs have expiration time • Structure of proof preserved (Tree)

  6. Prover • Tasks • Collects delegations in graph • Caches proofs • Constructs new Delegations • Graph • Nodes are principles and edges are proofs • Traverse graph breadth-first • Caches are “short-cuts” in the graph • Closures used to represent controlled principles

  7. Channels • Where authorization is propagated • Types • Secure network channel • Locally trustworthy channel • Signed request Client Server Channel with secret key KCH

  8. Secure Channel • Implementation of SSH with Java Sockets • Channel is a principle • Logic: • M  KCH K2  PC

  9. Local Channels • Trustworthy enough • No SSH channel • IPC pipes • No encryption in same JVM

  10. Signed Requests • Modified version of HTTP Authorization • Server’s Authenticate Message • Issuer that the client needs to speak for • Minimum restriction set • Client’s Authorization Message • Snowflake proof of the server’s message • Hash of the request • Server Authorization

  11. Applications • Web file server • Relational email database • Quoting protocol gateway

  12. Measurements • HTTP and RMI with Snowflake • HTTP and RMI with SSL • HTTP and RMI standard • Results • Major overhead on the order of many milliseconds with both Snowflake and SSL • Snowflake sometimes over two-times slower than SSL • Lack of performance may be due to slow libraries and no optimization

  13. Open Issues • Implementation issues (very abstract) • Performance is lacking • Does not address how logical assumptions are known to be true • How does administration work

More Related