320 likes | 439 Views
Ontology based Policy Interoperability. Dr. Latifur Khan Tahseen Al-Khateeb Mohammad Alam Mohammad Farhan Husain. Outline. Motivating example ← XACML Recap The problem of heterogeneity OPI: Our solution to the problem Demonstration Future Works. An example scenario.
E N D
Ontology based Policy Interoperability Dr. Latifur Khan Tahseen Al-Khateeb Mohammad Alam Mohammad Farhan Husain
Outline • Motivating example ← • XACML Recap • The problem of heterogeneity • OPI: Our solution to the problem • Demonstration • Future Works
An example scenario • Suppose there are two organizations: OrgA and OrgB, both having geo-spatial data. • Access control policy in XACML. • They form a federation and want that • subjects (e.g. People, client s/w etc.) of one organization will be able to access resources (e.g. Data, file etc.) of other organization based on existing policies without any modification & human assistance
Problem faced • Both organizations have policies based on their own naming convention, data type • Not recognized by other organization • Access request will contain organization specific keywords and data type • Requests will fail if evaluated by existing XACML processing model
Geo-spatial data specific improvement • For some data in case full permission cannot be given, Partial Permit can be provided • Partial Permit will essentially mean getting a part of data the request wanted to get
Outline • Motivating example • XACML Recap ← • The problem of heterogeneity • OPI: Our solution to the problem • Demonstration • Future Works
XACML: brief introduction • XACML stands for eXtensible Access Control Markup Language. • It is a declarative access control policy language implemented in XML • It also includes a processing model, describing how to interpret the policies. • Latest version 2.0 was ratified by OASIS standards organization on 1 February 2005.
rule rule rule PDP 2 3 Decision request (Premise) Decision response (Conclusion) Attributes Decision, Obligations 1 4 Access request Access request PEP PDP – Policy Decision Point PEP – Policy Enforcement Point PEP fulfills obligations 5 XACML Request processing
More about XACML • Elements • Attribute • Function • Rule • Policy • Policy Set • Rule effects • Permit • Deny
Rule combination algorithms • If there are multiple rules in a policy, they must be combined to get a single decision. The XACML normative rule combination algorithms are:
An example policy • Here is a simple example Policy in the following slide. • Policy target says that Policy applies to requests for High access objects (e.g. sys-admin) • Policy has a Rule which applies to viewing Airport data. • A request is permitted if Subject is trying to view data between 10am and 2pm.
Policy Target Rule Effect
Outline • Motivating example • XACML Recap • The problem of heterogeneity ← • OPI: Our solution to the problem • Demonstration • Future Works
The problem of heterogeneity • Types of heterogeneity • Naming heterogeneity • Data type heterogeneity • Subjects, resources and attributes can be differently defined in different organizations • For example • Network Administrator = System Admin • Read = View • Directory = Folder • In such case, policy of one organization is not applicable to another when they form a federation
Outline • Motivating example • XACML Recap • The problem of heterogeneity • OPI: Our solution to the problem ← • Demonstration • Future Works
OPI: our approach to solve the problem • In case a directly applicable policy or rule is not found for a request, we will use a domain ontology for • Subjects • Resources • Actions
New rule effect: Partial Permit • We have added new rule effect: “Partial Permit” to XACML to grant request partially. • Example • Grant only the outer boundary of some object e.g. airport • Return a map with lower resolution than requested
Steps taken: Suppose, a subject of OrgA sends request to OrgB. Following steps will be taken: • Within all the policies and rules of OrgB, find the rule which has a subject of minimum semantic distance from the subject of the request in the ontology of subjects. • In case of ties, find the rule among the tied rules which has a resource of minimum semantic distance from the resource of the request in the ontology of resources. • In case of ties, find the rule among the tied rules which has an action of minimum semantic distance from the action of the request in the ontology of actions
Steps taken: (continued) • Use a semantic distance score formula to get a match score • If Score ≥ Full-effect threshold use its effect as the outcome. • If Score ≤ Full-effect threshold & Score ≥ Partial-effect threshold & Rule-effect == Permit Partial-permit • If Score < Partial-permit threshold Deny • In case of multiple rules having tie, we will use rule combination algorithm specified in the policy to break the tie.
Steps taken: • Rule-1 • Subject: GISAdmin • Resource: AIRPORT_area • Action: View • Effect: Permit • Request • Subject: SystemAdmin • Resource: AIRPORT_area • Action: View • Rule-2 • Subject: Lkhan • Resource: EMPLOYERS_point • Action: View • Effect: Deny • Rule-3 • Subject: LowAccessSubjects • Resource: AIRPORT_area • Action: View • Effect: Deny
Semantic distance score formula • To find the matching similarity score between two nodes C1 and C2, we first determine their closes common parent C. Then the score S(C1,C2) is formulated as follows: S(C1, C2) = • Where len is a length operator that calculates the shortest distance between two nodes in an ontology tree and D is the overall depth of the tree.
Semantic distance score formula (continued) • We calculate there different score values, SS(C1, C2), SR(C1, C2), and SA(C1, C2) for subject, resource and action parameters, respectively. The score values are combined by an aggregation function where is a set of 3-ary tuples and is the set of real numbers. The function, henceforth referred to as Aggregation function, is represented as • Aggregation function result is compared against a pre-determined threshold value to resolve the policy decision. The decision could be either one of the three effects: Permit, Deny, and Partial-Permit.
Outline • Motivating example • XACML Recap • The problem of heterogeneity • OPI: Our solution to the problem • Demonstration ← • Future Works
Outline • Motivating example • XACML Recap • The problem of heterogeneity • OPI: Our solution to the problem • Demonstration • Future Works ←
Future works: • Take all policies of all organizations into account • Address data type heterogeneity
Future Works: • GML rendering API in java • ArcGIS shows GML data but the process is cumbersome • ArcGIS does not provide API for GML display • Currently, no API in any language for displaying GML data