An aspect-oriented approach towards enhancing optimistic access control with usage control

Padayachee, Keshnee

26 July 2010

With the advent of agile programming, lightweight software processes are being favoured over the highly formalised approaches of the 80s and 90s, where the emphasis is on "people, not processes". Likewise, access control may benefit from a less prescriptive approach and an increasing reliance on users to behave ethically. These ideals correlate with optimistic access controls. However, such controls alone may not be adequate as they are retrospective rather proactive. Optimistic access controls may benefit from the stricter enforcement offered by usage control. The latter enables finer-grained control over the usage of digital objects than do traditional access control policies and models, as trust management concerns are also taken into consideration. This thesis investigates the possibility of enhancing optimistic access controls with usage control to ensure that users conduct themselves in a trustworthy manner. Since this kind of approach towards access control has limited applicability, the present study investigates contextualising this approach within a mixed-initiative access control framework. A mixed-initiative access control framework involves combining a minimum of two access control models where the request to information is mediated by a mixture of access policy enforcement agents. In order for this type of integration to be successful, a software development approach was considered that allows for the seamless augmentation of traditional access control with optimistic access control enhanced with usage control, namely the aspect-oriented approach. The aspect-oriented paradigm can facilitate the implementation of additional security features to legacy systems without modifying existing code. This study therefore evaluates the aspect-oriented approach in terms of implementing security concerns. It is evidently difficult to implement access control and in dynamic environments preconfigured access control policies may often change dramatically, depending on the context. In unpredicted circumstances, users who are denied access could often have prevented a catastrophe had they been allowed access. The costs of implementing and maintaining complex preconfigured access control policies sometimes far outweigh the benefits. Optimistic controls are retrospective and allow users to exceed their normal privileges. However, if a user accesses information unethically, the consequences could be disastrous. Therefore it is proposed that optimistic access control be enhanced with some form of usage control, which may prevent the user from engaging in risky behaviour. An initiative towards including security in the earlier phases of the software life cycle is gaining momentum, as it is much easier to design with security from the onset than to use the penetrate-and-patch approach. Unfortunately, incorporating security into software development takes time and developers tend to focus more on the features of the software application. The aspect-oriented paradigm can facilitate the implementation of additional security features in legacy systems without modifying existing code. The current study evaluates the aspect-oriented approach towards enhancing optimistic access control with usage control. The efficacy of the aspect-oriented paradigm has been well established within several areas of software security, as aspect-orientation facilitates the abstraction of these security-related tasks so as to reduce code complexity. / Thesis (PHD)--University of Pretoria, 2010. / Computer Science / unrestricted

Aspect-oriented programming

Usage control

Access control

Optimistic access control

UCTD

FreeIPA - správa přístupu dle URI / FreeIPA - URI Based Access Management

Hellebrandt, Lukáš

January 2016

Cílem práce je navržení a implementace řízení přístupu na základě URI požadovaného zdroje. Pro implementaci bylo jako základ použito rozšíření Host Based Access Control v nástroji pro správu identit FreeIPA. Zároveň bylo třeba rozšířit související infrastrukturu, především program SSSD. Jako příklad aplikace využívající HBAC na základě URI byl implementován autorizační modul pro Apache HTTP Server. Zásadním řešeným problémem byl návrh infrastruktury pro komunikaci nezbytných parametrů a návrh strategie vyhodnocení HBAC pravidel definujících přístupová práva. Kompletní řešení bylo předvedeno na příkladu zabezpečení instance webové aplikace Wordpress.

Designing an Access Control System for Internet of Things / Utformning av ett accesskontrollsystem för sakernas internet

Grape, Felix

January 2017

For many Internet of Things (IoT) devices security have not been a priority during the development, but what happens if the makers of IoT devices use a secure framework for developing their devices? In this thesis a number of such frameworks have been evaluated for their suitability to build an access control system around. Both Vanadium and Protocol of Things (PoT) were found to be suitable candidates. Both frameworks employ a distributed access control model where the owner of a device can grant other users access to the device by generating a signed authorization. PoT was ultimately chosen as the framework around which to design the prototype access control system because it was deemed to be slightly more suitable than Vanadium. The prototype takes the rule based and discretionary access control model from the underlying framework and makes it possible for administrators to transparently authorize users to devices through role abstractions. Thus it is possible to transparently manage a class of users at the same time instead of having to manage each individual user. Furthermore the prototype is able to do this in a generic way. The prototype does not contain any code of functionality for any specific device it manages, it is capable of managing access to any PoT device. The design and implementation is deemed both scalable and efficient. Running on a single thread it is possible to generate over one thousand signed authorizations per second. In a system where users are granted access to 200 unique device permissions the total file size of the signed authorizations and accompanying meta data does not exceed 150 kB. It takes approximately 70 ms to establish a secure connection between the client and server software. For large data transfers the throughput is approximately 2.6-2.8 MB per second, including encryption and decryption of request and response from the client to the server. / För många enheter tillhörande sakernas internet har säkerhet inte varit en prioritet under utvecklingen, men vad händer om tillverkare istället använder ett säkert ramverk för att utveckla sina produkter? I den här rapporten presenteras en utvärdering av några sådana ramverks lämplighet för att användas för att bygga ett accesskontrollsystem kring. Både Vanadium och Protocol of Things (PoT) finns vara lämpliga kandidater. Båda ramverken använder en decentraliserad säkerhetsmodell där ägaren av en enhet kan ge andra användare tillgång till enheten genom att generera en signerad auktorisation. PoT är det ramverk som användes för att utforma accesskontrollsystemprototypen kring för att det ansågs vara något mer lämpligt jämfört med Vanadium. Prototypen använder en rollabstraktion för att underlätta arbetet för administratörer att ge användare rätt behörigheter. På så vis blir det möjligt att konfigurera en klass av användare samtidigt istället för att behöva konfigurera varje användare individuellt. Prototypen kan göra allt detta på ett generiskt sätt. Det innebär att prototypen inte innehåller någon kod eller funktionalitet som är specifik för någon enhet så länge det är en PoT-enhet. Den föreslagna designen och implementationen är skalbar och effektiv. Över ett tusen signerade auktorisationer kan genereras per sekund på en exekveringstråd. I ett system där användare ges behörighet till 200 unika behörigheter på olika enheter uppgår den totala filstorleken för de signerade auktorisationerna och tillhörande metadata till mindre än 150 kB. Det tar uppskattningsvis 70 ms att skapa en säker anslutning mellan klient- och server-mjukvara. För stora dataöverföringar är överföringshastigheten uppskattningsvis 2.6-2.8 MB per sekund, vilket inkluderar kryptering och avkryptering av fråga och svar från klienten till servern.

IoT

internet of things

access control system

security

generic

remote procedure call

rpc

access control

distributed access control

decentralized access control

generic access control system

sakernas internet

accesskontrollsystem

accesskontroll

generisk accesskontroll

generisk

Computer Sciences

Datavetenskap (datalogi)

A Certificate Based, Context Aware Access Control Model For Multi Domain Environments

Yortanli, Ahmet

01 February 2011

A certificate based approach is proposed for access control operations of context aware systems for multi domain environments. New model deals with the removal of inter-domain communication requirement in access request evaluation process. The study is applied on a prototype implementation with configuration for two dierent cases to show the applicability of the proposed certificate based, context aware access control model for multi domain environments. The outputs for the cases show that proposed access control model can satisfy the requirements of a context aware access control model while removing inter domain communication needs which may cause some latency in access request evaluation phase.

QA Computer Software 76.75-76.765

Increasing Efficiency and Scalability in AWS IAM by Leveraging an Entity-centric Attribute- & Role-based Access Control (EARBAC) Model

Karlsson, Rasmus, Jönrup, Pontus

January 2023

Cloud computing is becoming increasingly popular among all types of companies due to its inherent benefits. However, because of its infrastructure, it might be difficult to manage access rights between users and resources. To address these difficulties, Amazon Web Services (AWS) provides Identity and Access Management (IAM) and features that support the use of different access control models, for example, Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC). Access control models are used for authorisation within systems to decide who gets access to what. Therefore, to determine what constitutes an efficient (the average time it takes to perform a task in AWS IAM) and secure access control model, a thorough study of background material and related work was conducted. Through this study, it was found that RBAC lacked scalability whilst ABAC lacked administrative capabilities. It was also found that flexibility and scalability were two important factors when designing access control models. Furthermore, by conducting a survey and designing an access control model for AWS through various iterations, a new access control model called Entity-centric Attribute- & Role-based Access Control (EARBAC) was developed. In an experiment comparing it with the RBAC model, the EARBAC model was found to be both efficient and secure, in addition to its flexibility and scalability. Furthermore, EARBAC was also found to be 27% faster than RBAC in AWS IAM. These results suggest that the model is useful when developing cloud infrastructures in AWS.

Cloud

Authorisation

Security

AWS

Amazon

RBAC

ABAC

EARBAC

Access Control

Access Control Model

Access Control Models

Principle of Least Privilege

Computer Sciences

Datavetenskap (datalogi)

Electronic patient record security policy in Saudi Arabia National Health Service

Aldajani, Mouhamad

January 2012

Saudi Arabia is in the process of implementing Electronic Patient Records (EPR) throughout its National Health services. One of the key challenges during the adoption process is the security of EPR. This thesis investigates the current state of EPR security in Saudi Arabia’s National Health Services (SA NHS) both from a policy perspective and with regard to its implementation in SA NHS’s information systems. To facilitate the analysis of EPR security, an EPR model has been developed that captures the information that is stored as part of the electronic record system in conjunction with stated security requirements. This model is used in the analysis of policy consistency and to validate operational reality against stated policies at various levels within the SA NHS. The model is based on a comprehensive literature survey and structured interviews which established the current state of practice with respect to EPRs in a representative Saudi Arabian hospital. The key contribution of this research is the development and evaluation of a structured and model-based analysis approach to EPR security at the early adoption stage in SA, based on types of information present in EPRs and the needs of the users of EPRs. The key findings show that the SA EPR adoption process is currently proceeding without serious consideration for security policy to protect EPR and a lack of awareness amongst hospital staff.

600

Towards securing pervasive computing systems by design: a language approach

Jakob, Henner

27 June 2011

Dans de multiples domaines, un nombre grandissant d'applications interagissant avec des entités ommunicantes apparaissent dans l'environnement pour faciliter les activités quotidiennes (domotique et télémédecine). Leur impact sur la vie de tous les jours des utilisateurs rend ces applications critiques: leur défaillance peut mettre en danger des personnes et leurs biens. Bien que l'impact de ces défaillances puisse être majeur, la sécurité est souvent considérée comme un problème secondaire dans le processus de développement et est traitée par des approches ad hoc. Cette thèse propose d'intégrer des aspects de sécurité dans le cycle de développement des systèmes d'informatique ubiquitaire. La sécurité est spécifiée à la conception grâce à des déclarations dédiées et de haut niveau. Ces déclarations sont utilisées pour générer un support de programmation afin de faciliter l'implémentation des mécanismes de sécurité, tout en séparant ces aspects de sécurité de la logique applicative. Notre approche se concentre sur le contrôle d'accès aux entités et la protection de la vie privée. Notre travail a été implémenté et fait levier sur une suite outillée existante couvrant le cycle de développement logiciel.

access control

security

conflict resolution

CRYPTOGRAPHIC PROTECTION IN A TYPE 10BASE5 LOCAL AREA NETWORK INTERFACE

Hsu, Chilo Gerald, 1959-

January 1986

No description available.

Computers -- Access control.

Local area networks (Computer networks)

Evolving access control : formal models and analysis

Sieunarine, Clint Vaalmicki

January 2011

Any model of access control has two fundamental aims: to ensure that resources are protected from inappropriate access and to ensure that access by authorised users is appropriate. Traditionally, approaches to access control have fallen into one of two categories: discretionary access control (DAC) or mandatory access control (MAC). More recently, role-based access control (RBAC) has offered the potential for a more manageable and flexible alternative. Typically, though, whichever model is adopted, any changes in the access control policy will have to be brought about via the intervention of a trusted administrator. In an ever-more connected world, with a drive towards autonomic computing, it is inevitable that a need for systems that support automatic policy updates in response to changes in the environment or user actions will emerge. Indeed, data management guidelines and legislation are often written at such a high level of abstraction that there is almost an implicit assumption that policies should react to contextual changes. Furthermore, as access control policies become more complicated, there is a clear need to express and reason about such entities at a higher level of abstraction for any meaningful analysis to be tractable, especially when consideration of complex state is involved. This thesis describes research conducted in formalising an approach to access control, termed evolving access control (EAC), that can support the automatic evolution of policies based on observed changes in the environment as dictated by high-level requirements embodied in a metapolicy. The contribution of this research is a formal, conceptual model of EAC which supports the construction, analysis and deployment of metapolicies and policies. The formal EAC model provides a framework to construct and describe metapolicies and to reason about how they manage the evolution of policies. Additionally, the model is used to analyse metapolicies for desirable properties, and to verify that policies adhere to the high-level requirements of the metapolicy. Furthermore, the model also allows the translation of verified policies to machine-readable representations, which can then be deployed in a system that supports fine-grained, dynamic access control.

005.8

Diseño de un protocolo MAC con una multiplexión temporal eficiente para redes inalámbricas locales energéticamente autosustentables equipados con dispositivos captadores de energía

Torres Norambuena, Boris Antonio

January 2016

Magíster en Ciencias de la Ingeniería, Mención Eléctrica. Ingeniero Civil Eléctrico / En la actualidad existe un crecimiento acelerado en el número de dispositivos que utilizan la red para comunicarse, sumado a que la de manda por velocidades de transmisión más altas ha aumentado. Conjuntamente con este requerimiento, existe una exigencia tácita: dispositivos más autónomos, es decir, dispositivos que tengan baterías lo suficientemente eficiente para no tener que cargarlos frecuentemente. Esto ha creado la necesidad de contar con protocolos que utilicen eficientemente el ancho de banda disponible de Internet, además de que sean considerados con la batería de los equipos. Una de las soluciones que se han planteado es la de utilizar frecuencias más elevadas de comunicación, llegando en la actualidad a transmitir a frecuencias de decenas de Gigahertz. Una banda que tiene especial interés, es la banda de 60 Ghz (58 -61 GHz), pues es una banda no licenciada y provee una alta tasa de transmisión de datos. Esta tesis presenta un protocolo Media Access Control (MAC), orientado a las ondas milimétricas (ondas que trabajan a frecuencias entre 30 y 300 GHz), que mejora el desempeño del protocolo Process-Stacking Multiplexing Access (PSMA) y adaptarlo a una red centralizada. Aquí se propone el protocolo Variable Slot Time-Time Division Multiple Access (VST-TDMA). Este usa de forma más eficiente el ancho de banda pues no desperdicia tiempo, como si ocurre en Multiplexación por División de Tiempo (TDMA, Time Division Multiple Access). Además, es energéticamente eficiente y autosustentable, pues variará su tasa de transmisión dependiendo del estado de carga (SOC, State of Charge) de la batería del dispositivo. Para diseñar este, se mantuvo el funcionamiento general del protocolo PSMA, cuya idea central es la de agendar procesos, reservando el uso de canal a medida que los equipos que integran la red soliciten usarla, asignando a cada uno de ellos el tiempo exacto que requieran de utilización del canal. No obstante, el principal cambio que se añade es que la Estación Base (BS, Base Station) envía cíclicamente un broadcast, para para incorporar y/o sincronizar cualquier dispositivo que requiera acceder la red, o si la BS necesita enviar datos a alguno de los nodos. Seguidamente, se describirá el algoritmo que se usó para la estimación de los parámetros que condicionan el comportamiento de la batería. El principal resultado de VST-TDMA, es lo relacionado con la batería. En términos de desempeño en transferencia de datos, tiene un resultado similar a PSMA. No obstante, en lo relacionado a la energía, se puede notar que la información que se puede obtener de la batería permite que el protocolo decida en qué momento debe bajar su tasa de transferencia, para no degradarla, y de esta forma tenga mayor vida útil. Además, se llegó al hecho que el parámetro que condiciona principalmente a la batería es el parámetro α, logrando errores bajos en el caso de ser estimado con precisión. Como trabajo futuro, para empezar, se propone el implementar completamente el protocolo en Opnet, tanto desde el punto de vista de funcionamiento, como de la estimación de los parámetros que modelan la batería. De esta forma, será posible conocer el comportamiento más completo del protocolo. Finalmente, se podría implementar este protocolo con algún medio físico, y a las frecuencias a la cual fue diseñado. Se podría utilizar field-programmable gate array (FPGA), dónde se programaría el protocolo y se podría observar el comportamiento en un ambiente real.

Telecomunicaciones

Sistemas de transmisión de datos

Baterías eléctricas

Multiplexion

Media Access Control