Upload
cassie
View
57
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Authorization and Trust in the Cloud. Prof. Ravi Sandhu Executive Director and Endowed Chair USECSW May 29, 2013 [email protected] www.profsandhu.com www.ics.utsa.edu. Joint work with Bo Tang and Qi Li. Cloud Computing. Shared infrastructure [ $$$] -----> [ $|$|$] Multi-Tenancy - PowerPoint PPT Presentation
Citation preview
World-Leading Research with Real-World Impact! 1
Institute for Cyber Security
Authorization and Trust in the Cloud
Prof. Ravi SandhuExecutive Director and Endowed Chair
USECSWMay 29, 2013
www.ics.utsa.edu
© ICS at UTSA
Joint work with Bo Tang and Qi Li
Cloud Computing
Shared infrastructure [$$$] -----> [$|$|$]
Multi-Tenancy Virtually dedicated resources
Drawbacks: Data Locked-in
oCollaborations can only be achieved through desktop.o E.g.: open files in Box with GoogleDoc.
How to collaborate?
World-Leading Research with Real-World Impact! 2
Source: http://blog.box.com/2011/06/box-and-google-docs-accelerating-the-cloud-workforce/
© ICS at UTSA
Collaborative Access Control
Centralized Facility Chance for centralized models in distributed systems
Agility Collaboration and collaborators are temporary
Homogeneity Handful of popular brands
Out-Sourcing Trust Built-in collaboration spirit
World-Leading Research with Real-World Impact! 3© ICS at UTSA
Market Place
Microsoft and IBM: Fine-grained data sharing in SaaS using DB schema Only feasible in DB
NASA: RBAC + OpenStack Lacks ability to support collaborations
Salesforce (Force.com): SSO + SAMLFocus on authenticationHeavy management of certificates
World-Leading Research with Real-World Impact! 4
Source: http://msdn.microsoft.com/en-us/library/aa479086.aspx http://nebula.nasa.gov/blog/2010/06/03/nebulas-implementation-role-based-access-control-rbac/http://wiki.developerforce.com/page/Single_Sign-On_with_SAML_on_Force.com
© ICS at UTSA
Literature
RBAC CBAC, GB-RBAC, ROBAC Require central authority managing collaborations
Delegation Models dRBAC and PBDM Lacks agility (which the cloud requires)
Grids CAS, VOMS, PERMIS Absence of centralized facility and homogeneous
architecture (which the cloud has)
World-Leading Research with Real-World Impact! 5
Problem:semantic mismatch
© ICS at UTSA
Literature (Contd.)
Role-based Trust RT, Traust, RMTN AND RAMARS_TM Calero et al: towards a multi-tenant authorization
system for cloud serviceso Implementation layer PoCoOpen for extensions in trust models
Suits the cloud (out-sourcing trust)
World-Leading Research with Real-World Impact! 6
Challenge:trust relation
© ICS at UTSA
Multi-Tenant Authorization as a Service (MT-AaaS)
World-Leading Research with Real-World Impact! 7
MT-AaaS
Multi-TenantAccess Control
Cross-Tenant Access
© ICS at UTSA
MTAS Trust Model
If A trusts B then B (resource owner) can assignB’s permissions to A’s roles; andB’s roles as junior roles to A’s roles.
World-Leading Research with Real-World Impact! 8
AuthStmtsResources
Tenant A Tenant B
AuthStmtsResources AuthStmtsResources
If No trust
If A trust B
AuthStmtsResources
User
© ICS at UTSA
MTAS
World-Leading Research with Real-World Impact! 9© ICS at UTSA
MT-RBAC Trust Model
World-Leading Research with Real-World Impact! 10
AuthStmtsResources
Tenant A Tenant B
AuthStmtsResources AuthStmtsResources
AuthStmtsResources
If B (resource owner) trusts A then A can assignB’s permissions to A’s roles; andB’s roles as junior roles to A’s roles.
User
If No trust
If B trust A
© ICS at UTSA
MT-RBAC
World-Leading Research with Real-World Impact! 11© ICS at UTSA
Trust Model Comparison
World-Leading Research with Real-World Impact! 12
A: resource ownerB: resource requester
© ICS at UTSA
Finer-grained Trust Models
World-Leading Research with Real-World Impact! 13© ICS at UTSA
Constraints
Role Cycles: lead to implicit role upgrades in the role hierarchy.
SoD: conflict of dutiesTenant-level
o E.g.: SOX compliance companies may not hire same the same company for both consulting and auditing.
Role-leveloAcross tenants
Chinese Wall: conflict of interests among tenants.
World-Leading Research with Real-World Impact! 14© ICS at UTSA
Collaboration Admin.
Decentralized managementTrusters maintain the trust relation
Immediately effective when trust changesAutomatic revocation of cross-tenant accessesAgility in cloud environments
World-Leading Research with Real-World Impact! 15© ICS at UTSA
PROTOTYPE AND EVALUATION
Cloud ServiceCloudStorage: an open source web based cloud storage
and sharing system.
Authorization ServiceCentralized PDPDistributed PEP
World-Leading Research with Real-World Impact! 16© ICS at UTSA
Evaluation: Performance
MT-RBAC vs RBACMore policy references incur more decision time
MT-RBAC2 introduces 6.82% overhead in average.
World-Leading Research with Real-World Impact! 17
Performance comparison at PDP File retrieval delay ratio introduced
© ICS at UTSA
Evaluation: Scalability
Scalable by eitherEnhancing PDP capability; orIncreasing PEP amount.
World-Leading Research with Real-World Impact! 18
Different Flavors of PDP Different Numbers of PEP
© ICS at UTSA
Summary
Collaboration needs in the cloud eco-systemNovel service model: MT-AaaSProposed formal models
MTASMT-RBACConstraints and administration
Prototype and evaluationPerformance overhead ≤ 6.82%Scalable in the cloud
Trust Model Comparison
World-Leading Research with Real-World Impact! 19© ICS at UTSA
Future Work
OpenStack Keystone extensions Integrate trust into ABAC: MT-ABAC Unified trust framework for the cloud
World-Leading Research with Real-World Impact! 20© ICS at UTSA
Institute for Cyber Security
Q & A
World-Leading Research with Real-World Impact! 21
• Bo Tang, Ravi Sandhu and Qi Li. Multi-Tenancy Authorization Models for Collaborative Cloud Services. CTS, 2013.
• Bo Tang, Qi Li and Ravi Sandhu. A Multi-Tenant RBAC Model for CollaborativeCloud Services. PST 2013.
© ICS at UTSA