enforcing rfid data visibility restrictions using xacml security policies
Post on 05-Dec-2014
703 Views
Preview:
DESCRIPTION
TRANSCRIPT
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
Slide 1
Enforcing RFID Data Visibility Restrictions using XACML security policies
Miguel Pardal, Mark Harrison, Sanjay Sarma, José Alves Marques
Técnico Lisboa, University of Cambridge, Massachusetts Institute of Technology
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
Traceability systems assessment framework
Slide 2
http://trakchain.net
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
Each individual item takes a unique path...
Slide 3
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
Traceability data security
Slide 4
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
SCAz – Supply Chain Authorization Language
• Classical authorization mechanisms - EAC – Enumerated Access Control
• Access control lists
- CCT – Chain of Communication Tokens
Slide 5
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
Externalized security
•Authentication
- SAML
•Message level (cryptographic) protection
- TLS
•Authorization
- XACML
Slide 6
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
eXtensible Access Control Markup Language
Slide 7
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
XACML request processing
Slide 8
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
Performance assessment tool
Slide 9
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
EAC processing time breakdown for request evaluation
Slide 10
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
EAC and CCT evaluation time with increasing item numbers
Slide 11
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
Contributions
• Data sharing policies
• XACML translation
• Correctness check
• Performance assessment
• Future work - Pharma pedigree case study
- Combine approaches in expressive language
- “Automatic” authorization • minimize admin burden for traceability data sharing
Slide 12
Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies
Visit http://trakchain.net
Slide 13
Merci!
top related