Add to collection(s) Add to saved
  1. No category

Role-based Trust Management Security Policy Analysis and

advertisement 
Role-based Trust
Management Security Policy
Analysis and Correction
Environment (RT-SPACE).
Gregory T. Hoffer
CS7323 – Research Seminar (Dr. Qi Tian)
Overview




Role Based Trust by Example
Proposed Framework
Discussion
References
Role Based Trust by Example

Two principals involved in transaction – can they trust
each other?
Alice
Mortgage
Alice wants to see if she is eligible for a mortgage before she wastes time with the
application process.
Role Based Trust by Example

Two principals involved in transaction – can they trust
each other?
Alice
Bank
The bank is willing to reveal that its loan-approval policy uses one’s Date of Birth
(DoB), current salary, and length of current employment.
Further details, though, are a trade secret and confidential.
Alice does not wish to disclose DoB nor salary level – considers it sensitive.
Role Based Trust by Example

Two principals involved in transaction – can they trust
each other?
Alice
Bank
Winsborough, among others, have developed cryptographic credential schemes to
address this.
Imagine if both principals in communication had trust capabilities, and mechanism for
exchanging information according to desired privacy?
For example, Bank is certified by Better Business Bureau and FDIC, so Alice can trust
it. Alice, on the other hand, is certified by DMV, or DoD, or similar.
Role Based Trust by Example 2

Bookstore that discounts for approved students.
Andy
Amazon.com offers discount to students under the age of 21 who attend UTSA.
Role-based trust policies can be used to implement this.
Role Based Trust by Example 2

Bookstore that discounts for approved students.
Andy
The credentials and policies of Amazon.com (image from [2])
Role Based Trust by Example 3

Hostile / Friendly Identification.
“Alan”
Can “Alan” trust “Sgt. Sam”?
Can “Sgt. Sam” trust “Alan”?
“Sgt. Sam”
Formalizing Access Control Policies


Policies must be written and maintained for accesscontrolled services.
Policies are subject to change
(consider last example – employees change frequently, as do roles and
responsibilities, relationships, etc.)

Change introduces risk …
Proposal : Policy Analysis & Correction
Framework
“When access control policies are subject to change,
analyzing them for security properties such as
safety (e.g., access to the database is limited to
employees) and liveness (e.g., managers will always
have access to the database) requires significant
tool support” [1]

RT-SPACE* is introduced as a tool for authoring,
verifying, and correcting RT (Role-based Trust)
policies.
* Role-based
Trust Management Security Policy Analysis and Correction Environment
RT-SPACE Process
RT-SPACE Process






Policy author builds or changes policy, then submits.
Tool performs conservative conversion into one or more policy models.
Each model automatically verified
For model that fails to satisfy desired properties, the checker produces set of counterexamples.
Policy Correction component analyses counterexamples to generate set of suggested corrections,
from which policy author may select appropriate one.
Modified policy serves as input to next iteration (to ensure other properties not invalidated).
Policy Analysis Framework Components






Graph Construction
Optimization
Translation
Model Checking
Correction
Visualization
RT-SPACE in Action
Summary



Role-based trust is important field for security and
privacy in Access Control.
Policies can be tedious (and error-prone) to create
and manage
RT-SPACE facilitates the creation and management
process in order to achieve security and liveness
efficiently and effectively.
Questions and Discussion

Any questions or comments?
References
[1] Mark Reith, Jianwei Niu, and William H. Winsborough. 2008. Role-based trust management
security policy analysis and correction environment (RT-SPACE). In Companion of the 30th
international conference on Software engineering (ICSE Companion '08). ACM, New York, NY,
USA, 929-930. DOI=10.1145/1370175.1370192
http://doi.acm.org/10.1145/1370175.1370192.
[2] M. Reith, J. Niu, and W. H. Winsborough. Policy analysis framework for verification and
correction. Technical Report CS-TR-2007-006, UTSA, 2007.
[3] Jiangtao Li, Ninghui Li, and William H. Winsborough. 2009. Automated trust negotiation using
cryptographic credentials. ACM Trans. Inf. Syst. Secur. 13, 1, Article 2 (November 2009), 35
pages. DOI=10.1145/1609956.1609958 http://doi.acm.org/10.1145/1609956.1609958
[4] Ninghui Li, John C. Mitchell, and William H. Winsborough. Design of a role-based trust
management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy,
pages 114–130. IEEE Computer Society Press, May 2002.
Related documents
Amerikanska författare i Karros bibliotek
Amerikanska författare i Karros bibliotek
Career-Lesson
Career-Lesson
Character List - Cloudfront.net
Character List - Cloudfront.net
Jeopardy Template
Jeopardy Template
File - 8th Grade Language Arts
File - 8th Grade Language Arts
POLICY FORMAT - PROPOSED
POLICY FORMAT - PROPOSED
Assignment Correction code
Assignment Correction code
Clinical Low Vision Referral Form
Clinical Low Vision Referral Form
Role-Based Security in a Distributed Resource Environment
Role-Based Security in a Distributed Resource Environment
Download
advertisement