Upload
prosunjit-biswas
View
33
Download
0
Embed Size (px)
Citation preview
11World-Leading Research with Real-World Impact!
Prosunjit Biswas, Ravi Sandhu and Ram KrishnanDepartment of Computer Science
Department of Electrical and Computer EngineeringUniversity of Texas, San Antonio
Institute for Cyber Security
ABAC’17, March 24, 2017, Scottsdale, AZ, USA
Attribute Transformation forAttribute-Based Access Control
22World-Leading Research with Real-World Impact!
Outline
Summary
Motivation
Attribute Transformation
Attribute Reduction
Attribute Expansion
Conclusion
Q/A
33World-Leading Research with Real-World Impact!
Summary
We have presented a concept of attribute transformation and specify two types of
transformation---attribute reduction and attribute expansion.
44World-Leading Research with Real-World Impact!
Motivation
Attribute explosion!
Figure 1: Attributes defined for OpenStack Virtual Machines
55World-Leading Research with Real-World Impact!
Motivation (continuing)
incurs
difficulties in managing
Attribute Explosion
authorization policies attribute-value assignments
66World-Leading Research with Real-World Impact!
Motivation (continuing)
We cannot get rid of attributes we need.
But we can manage
with
Attribute Transformation
77World-Leading Research with Real-World Impact!
Attribute Transformation (assumptions)
Attribute types
Non-policy Attributes Policy Attributes
Examples:
Object attributes (Non-policy): size, created_by, shared, location
Object attributes (Policy): sensitivity, security-label
Assumptions:
Non-policy Attributes ∩ Policy Attributes = φNon-policy Attributes >> Policy Attributes
88
Attribute Transformation
World-Leading Research with Real-World Impact!
Types of attribute transformation
Reduction(Non-policy Attr → Policy Attr)
Expansion(Policy Attr → Policy Attr)
Attribute Transformation is the process of transforming one set of attribute-value assignments into another set of assignments.
Attribute Reduction
The process of transforming non-policy attribute-value assignments into policy attributes-value assignments.
9
size(f1)=100MB
created-by(f1) = system-d
location(f1)=/log/system-log
security-label(f) = sensitiveshared(f1)= false
Deriving assignmentsDerived assignments Effective assignments
Non-policy attributes
Policy attributes
Attribute transformation
security-label(f) = sensitive
1010
Attribute Reduction (motivation)
World-Leading Research with Real-World Impact!
Motivation from literature:
2. Concepts of Dynamic roles by Kuhn, Coyne and
Weil [2]
1. Attribute-Based User-Role Assignment [1]
Can-read ≡ security-label(o) = sensitive ʌ role(u)=manager
VM-mapping ≡ resource-type(o) = VM ʌ image-type(o) = corporate → security-label(o) = sensitive
Firewall-mapping ≡ resource-type(o) = firewall ʌ protocol(o) = UDP ʌ network(o) = internal → security-label(o) = sensitive
Attribute Reduction (usefulness)
12
Authorization policy with Policy attributes:
Mapping rules with Non-policy Attributes:
Attribute Reduction (mapping rules)
13
Example of mapping rule:
file-length(f) = 100 MB ˄ created-by(f) = system-d ˄ is-shared(f) = false → security-label(f) = sensitive
Attribute Reduction (issues)
resource-type(o) = VM
encryption(o) = plain
security-label(o) = regular
resource-type(o) = VM
image-type(o) = corporate
mapping1
mapping2
Conflicts resulting from multiple mappings
14
security-label(o) = sensitive
resource-type(o) = VM
encryption(o) = plain
security-label(o) = regular
mapping1
security-label(o) = sensitive
Der i ved valueExpl ici t ly assig ned
valu e
Attribute Reduction (issues)
Conflicts resulting from assigned and derived values
15
is-a-veteran(u)= True
benefits(u) = {b1,b2}
skills(u) = {skill1, skill2}
Deriving assignmentsDerived assignments Resulting assignments
Policy attributes
Policy attributes
leadership(u) = True
Policy attributes
is-a-veteran(u) = True
Attribute Expansion
Expansion
16
The process of transforming policy attribute-value assignments into a different set of policy attributes-value assignments.
skills(u) = {skill1, skill2}
Attribute Expansion (motivation)
Motivation from literature:
1. Hierarchical Group and Attribute-Based Access Control [3]
17
Conclusion
What next?
- Other forms of Attribute Transformation - Chain of Attribute Transformation - Fitting Attribute Transformation in ABAC models
18
References
1. Servos, Daniel, and Sylvia L. Osborn. "HGABAC: Towards a formal model of hierarchical attribute-based access control." International Symposium on Foundations and Practice of Security. Springer International Publishing, 2014.
2. Kuhn, D. Richard, Edward J. Coyne, and Timothy R. Weil. "Adding attributes to role-based access control." Computer 43.6 (2010): 79-81.
3. Servos, Daniel, and Sylvia L. Osborn. "HGABAC: Towards a formal model of hierarchical attribute-based access control." International Symposium on Foundations and Practice of Security. Springer International Publishing, 2014.
19