330 likes | 439 Views
Design and implementation of a distributed role concept for access control In Traceability Networks. Student: Weixun Li Tutor: Dipl.-Medien-Inf. Eberhard Grummt Responsible Professor: Prof. Dr. rer. nat. habil. Dr. h. c. Alexander Schill. April 1 , 200 8, Dresden.
E N D
Design and implementation of a distributed role concept for access control In Traceability Networks Student: Weixun Li Tutor: Dipl.-Medien-Inf. Eberhard Grummt Responsible Professor: Prof. Dr. rer. nat. habil. Dr. h. c. Alexander Schill April1, 2008, Dresden
Overview • 1. Motivation and Introduction • 2. Requirement Analysis • 3. Concepts • 4. Comparison and Evaluation • 5. Conclusion • 6. References
Motivation • Figure. A RFID tag • The information read from RFID tag can be easily transferred into data record by EPCIS. • RFID tag is a tag that carries information about item. It can be tagged on a item and read at certain point. • The use of RFID tags enables many innovative implementation. E.g. Counterfeit, Callback
The Routing Process • Figure. Theseos infrastructure[1]
Security issues • Security issues in Traceability Networks: • Protections on Companies’ IP and physical addresses. • Strict and precise controls for a sharing of companies’ item information. E.g., Who can get what kind of information from whom.
Extended Role-based Access control • Extended Role-based Access control (ERBAC) • A extension set of RBAC to deal with Distributed Environment’s requirement. • A concept integrates many up-to-date technologies: RBAC, EPCIS, X.509, Web Service, etc. • A complementary solution to existing traceability solutions.
An Use Case • Figure. Infrastructure of ERBAC
Basics • Data schemas related to access control in RSS: • roleGrant(lid varchar(50) not null, EPCClass varchar(50) not null, • comName varchar(50) not null, roleID char(12), roleName varchar(20), • expireDate date, primary key(address, EPCClass)) • company(lid varchar(50) not null primary key, comName varchar(50) • not null, address varchar(100)) • Data schemas related to access control in Single EPCIS server: event(eid char(12) not null, lid varchar(50) not null, ts timestamp not • null, primary key (eid, lid, ts)) • location(lid varchar(50) not null primary key, address varchar(100) • sProp(eid char(12) not null primary key, color varchar(20),minTemperature Integer, maxTemperature Integer) • contains(eid char(12) not null, contained eid char(12) not null, ts • timestamp not null, primary key (eid, contained eid, ts)) receivedFrom(eid char(12) not null, dbid varchar(50), ts timestamp • not null, primary key(eid, ts)) • sentTo(eid char(12) not null, dbid varchar(50), ts timestamp not null, • primary key(eid, ts))
Basics • Data schemas related to access control in Single EPCIS server (Cont.): roleGrant(lid varchar(50) not null, EPCClass varchar(50) not null, • comName varchar(50) not null, roleID char(12), roleName varchar(20), • expireDate date, primary key(address, EPCClass)) • company(lid varchar(50) not null primary key, comName varchar(50) • not null, address varchar(100)) • rolePermission(roleID char(12) not null, permissionID char(12) not null, primary key(roleID, permissionID))
Basics • Figure. Role Hierarchy in single EPCIS server
An Use Case • Figure. Infrastructure of ERBAC
Role types • Roles in the traceability network are classified into two types • General Roles: • General Roles are defined by Supply Chain (SC) participants’ properties in the view of the whole SC • E.g., Manufacturer, Distributor, Wholesaler, Retailer. • Perspective Roles: • Perspective Roles are defined by directed connected partner in the view of mutual relationship • E.g., Directly Connected Wholesaler, Competitive Wholesaler, Directly Connected Laptop Wholesaler, Directly Connected CPU Wholesaler
Role Constraints Traditional RBAC concept: Roles are usually defined by the administrator or company’s committee based on the result of a requirement analysis, and then is granted to subjects as needed. The system can predict all the roles that could appear, and each system is independent from each other. The administrator extends, deletes, grants and revokes roles without consideration about other systems. However, the story in the SCMS is different. In traceability network: A single company can play various roles. One company A could play as Manufacture for Company C because it sells many products produced by itself to C. Meanwhile, it also plays a Retailer for D because it sells some raw materials to D. Role Administration can not be done with only one company’s decision most of time.
Role Constraints Figure. Role Constraint
Role Constraints Mutual exclusive: In traditional RBAC, two roles are mutual exclusive means they can not be assigned to a same user. In traceability network, mutual exclusive roles are associated Object Class(es). That means, one company can not be assigned two roles with the same EPC Object Class(es). Or in other words, two roles are mutual exclusive when associating with same EPC Object Class(es).
Role administration • One motivation behind employing a RBAC system is to ease the authorization process. However, employing a RBAC system into large enterprise level system could result in thousands or even millions of roles creation. To manage these roles efficiently becomes a new challenge to the engineers designing the RBAC system. • ERBAC concept provides some distributed ways to deal with Role Administration.
Assign Role • Figure. Role Assignment
Assign Role (Cont.) • Figure. Assign Role
Revoke Role • Figure. Revoke Role
Add Role • Figure. Add Role
Delete Role • Figure. Delete Role
Conclusion • ERBAC: • Low expense to adopt • Extend traditional RBAC to distributed implementation • Easy to be integrated into existing systems
References • [1] Chand. Raphael and Felber. Pascal “Semantic Peer-to-Peer Overlays for Publish/Subscribe Networks,” Euro-Par 2005 Parallel processing, 30 August - 2 Septempber 2005, Lisbon, Portugal • [2] Chan, C.Y., Fan, W., Felber, P., Garofalakis, M., Rastogi, R.: , “Tree Pattern Aggregation for Scalable XML Data Dissemination,” In: Proceedings of VLDB. (2002).
Thank you! • & • Questions?
A figure to explain X.509 • Figure. Insert operation[1]
Figure. An requirement of counterfeit[1] Introduction of Traceability Network
Activity Diagram for Role Assignment • Figure. Activity Diagram for Role Assignment
Organizing Peers According to Containment • Maintaining the Containment Hierarchy Tree • Join steps: • Calculate containment relationship • Connect to parent with the highest depth • Reorganizing the Hierarchy Tree (always, never, periodically) • Leave steps: • If the node is part of an equivalence tree, simply perform a leaf promotion • If the node is not part of an equivalence tree, reconnecting this node’s children to their grand-parent.
Organizing Peers According to Containment • Figure. Insert operation[1]