prof. ravi sandhu - institute for cyber security … › miscppt › dbsec_170719.pdfno!! never!! is...

Post on 04-Jul-2020

4 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

1

Attribute-Based Access Control: Insights and Challenges

Prof. Ravi SandhuExecutive Director and Endowed Chair

DBSecPhiladelphiaJuly 19, 2017

ravi.sandhu@utsa.eduwww.profsandhu.com

www.ics.utsa.edu

© Ravi Sandhu World-Leading Research with Real-World Impact!

Institute for Cyber Security

© Ravi Sandhu 2World-Leading Research with Real-World Impact!

Access Control Evolution

Discretionary Access Control (DAC), 1970

Mandatory Access Control (MAC), 1970

Role Based Access Control (RBAC), 1995

Attribute Based Access Control (ABAC), ????

© Ravi Sandhu 3World-Leading Research with Real-World Impact!

Access Control Evolution

Discretionary Access Control (DAC), 1970

Mandatory Access Control (MAC), 1970

Role Based Access Control (RBAC), 1995

Attribute Based Access Control (ABAC), ????

Born 1990s

© Ravi Sandhu 4World-Leading Research with Real-World Impact!

Access Control Evolution

Discretionary Access Control (DAC), 1970

Mandatory Access Control (MAC), 1970

Role Based Access Control (RBAC), 1995

Attribute Based Access Control (ABAC), ????

Relationship Based Access Control (ReBAC)

????

Provenance BasedAccess Control (PBAC)

????

Born 1990s

Born mid 2000s

Born late2000s

NO!! Never!!

Is ABAC the right word for the moment? Certainly a strong candidate Already too late?

ReBAC (relationship-based access control) not ABAC Big Data, Analytics and AI will take care of everything

What is lacking in ABAC?Usage Control (UCON) concepts of attribute mutability,

enforcement and obligation continuity, and post-obligationsTask-Based Access ControlRisk-Based Access ControlPolicy-Based Access Control…………….

© Ravi Sandhu 5World-Leading Research with Real-World Impact!

ABAC = Final Word?

ABAC is orders of magnitude more complex than anything that has been an Access Control winner so far (DAC, MAC, RBAC)

We need the complexity, but need to manage it

If Google can index the web, we can do ABAC!!

Cloud-enabled IoT may be the killer app

© Ravi Sandhu 6World-Leading Research with Real-World Impact!

The ABAC Challenge

7World-Leading Research with Real-World Impact!

ABAC Research Agenda

© Ravi Sandhu

1. Foundational Principles and Theory

2. Core ABAC Models

3. AdministrativeABAC Models

4. ExtendedABAC Models5. ABAC Policy

Architectures and Languages

6. ABAC Enforcement Architectures

7. ABAC Design, Engineering and Applications

Based on RBAC experience

8World-Leading Research with Real-World Impact!

ABAC Research Agenda

© Ravi Sandhu

1. Foundational Principles and Theory

2. Core ABAC Models

3. AdministrativeABAC Models

4. ExtendedABAC Models5. ABAC Policy

Architectures and Languages

6. ABAC Enforcement Architectures

7. ABAC Design, Engineering and Applications

© Ravi Sandhu 9World-Leading Research with Real-World Impact!

2. Core ABAC Models: UCON

Usage Control Models, early 2000sPark, Sandhu, Pretschner

Rights(R)

Authorizations

(A)

Subjects(S)

Objects(O)

Subject Attributes (SA) Object Attributes (OA)

Obligations(B)

Conditions(C)

UsageDecisions

before-usage ongoing-Usage after-usage

Continuity ofDecisions

pre-decision ongoing-decision

pre-update ongoing-update post-update

Mutability ofAttributes

• unified model integrating• authorization• obligation• conditions

• and incorporating• continuity of decisions• mutability of attributes

© Ravi Sandhu 10World-Leading Research with Real-World Impact!

2. Core ABAC Models: ABACα

Policy Configuration Points

Can be configured to do simple forms of DAC, MAC, RBAC

Jin, Krishnan, Sandhu 2012

© Ravi Sandhu 11World-Leading Research with Real-World Impact!

2. Core ABAC Models: ABACβ

Can further be configured to do many RBAC extensions

Jin, Krishnan, Sandhu 2014

2. Core ABAC Models: HGABAC

© Ravi Sandhu World-Leading Research with Real-World Impact! 12

U: UserUG: User-GroupS: SubjectUA: User AttributesO: ObjectOG: Object-GroupOA: Object AttributesOP: Operations

Hierarchical Group and Attribute Based Access Control (HGABAC) Introduces the notion of User and Object Groups Core advantage is simplified administration of attributes User and Objects are assigned set of attributes in one go as compared to

single assignment at a time.

Servos and Osborn, 2015

13World-Leading Research with Real-World Impact!

ABAC Research Agenda

© Ravi Sandhu

1. Foundational Principles and Theory

2. Core ABAC Models

3. AdministrativeABAC Models

4. ExtendedABAC Models5. ABAC Policy

Architectures and Languages

6. ABAC Enforcement Architectures

7. ABAC Design, Engineering and Applications

© Ravi Sandhu 14World-Leading Research with Real-World Impact!

3. Administrative ABAC Models: GURA and GURAG

Jin, Krishnan, Sandhu, 2012Gupta, Sandhu, 2016

15World-Leading Research with Real-World Impact!

ABAC Research Agenda

© Ravi Sandhu

1. Foundational Principles and Theory

2. Core ABAC Models

3. AdministrativeABAC Models

4. ExtendedABAC Models5. ABAC Policy

Architectures and Languages

6. ABAC Enforcement Architectures

7. ABAC Design, Engineering and Applications

© Ravi Sandhu 16World-Leading Research with Real-World Impact!

4. Extended ABAC Models: ReBAC versus ABAC

ReBAC Framework

Ahmed and Sandhu, 2017

© Ravi Sandhu 17World-Leading Research with Real-World Impact!

4. Extended ABAC Models: ReBAC versus ABAC

ABAC Framework

© Ravi Sandhu 18World-Leading Research with Real-World Impact!

4. Extended ABAC Models: ReBAC versus ABAC

Equivalence of ReBAC and ABAC Structural Variants

© Ravi Sandhu 19World-Leading Research with Real-World Impact!

4. Extended ABAC Models: ReBAC versus ABAC

Non-Equivalence of ReBAC and ABAC Variants

20World-Leading Research with Real-World Impact!

ABAC Research Agenda

© Ravi Sandhu

1. Foundational Principles and Theory

2. Core ABAC Models

3. AdministrativeABAC Models

4. ExtendedABAC Models5. ABAC Policy

Architectures and Languages

6. ABAC Enforcement Architectures

7. ABAC Design, Engineering and Applications

A single infinite attribute with no creation leads to undecidable safety. Rajkumar 2012

Pre_UCON with finite attributes and unbounded creation has decidable safety. Rajkumar, Sandhu 2016

ABACα has decidable safety. Ahmed, Sandhu 2017 GURA has decidable safety/reachability. Jin, Krishnan,

Sandhu 2017

© Ravi Sandhu 21World-Leading Research with Real-World Impact!

1. Foundations: Safety

22World-Leading Research with Real-World Impact!

ABAC Research Agenda

© Ravi Sandhu

1. Foundational Principles and Theory

2. Core ABAC Models

3. AdministrativeABAC Models

4. ExtendedABAC Models5. ABAC Policy

Architectures and Languages

6. ABAC Enforcement Architectures

7. ABAC Design, Engineering and Applications

© Ravi Sandhu 23World-Leading Research with Real-World Impact!

5. Policy Architecture: Centralized ABACα style

Policy Configuration Points

© Ravi Sandhu 24World-Leading Research with Real-World Impact!

5. Policy Architecture: Diffused AWS style

25World-Leading Research with Real-World Impact!

ABAC Research Agenda

© Ravi Sandhu

1. Foundational Principles and Theory

2. Core ABAC Models

3. AdministrativeABAC Models

4. ExtendedABAC Models5. ABAC Policy

Architectures and Languages

6. ABAC Enforcement Architectures

7. ABAC Design, Engineering and Applications

© Ravi Sandhu 26World-Leading Research with Real-World Impact!

6. ABAC Enforcement Architecture: Federated ABAC

Fisher 2015NCCOE, NIST, Building Block

27World-Leading Research with Real-World Impact!

ABAC Research Agenda

© Ravi Sandhu

1. Foundational Principles and Theory

2. Core ABAC Models

3. AdministrativeABAC Models

4. ExtendedABAC Models5. ABAC Policy

Architectures and Languages

6. ABAC Enforcement Architectures

7. ABAC Design, Engineering and Applications

Cloud Computing IaaSSingle tenantMulti tenantMulti cloud

© Ravi Sandhu 28World-Leading Research with Real-World Impact!

7. ABAC Applications: Cloud IaaS

Jin, Tang, Dang, Bijon, Pustchi, Zhang, Biswas, Ahmed, Cheng,Patwa, Krishnan, Sandhu

2012 onwards

© Ravi Sandhu 29World-Leading Research with Real-World Impact!

7. ABAC Applications: Cloud Enabled IoT

Alsheri, Bhatt,Patwa, Benson,

Sandhu2016 onwards

30World-Leading Research with Real-World Impact!

ABAC Research Agenda

© Ravi Sandhu

1. Foundational Principles and Theory

2. Core ABAC Models

3. AdministrativeABAC Models

4. ExtendedABAC Models5. ABAC Policy

Architectures and Languages

6. ABAC Enforcement Architectures

7. ABAC Design, Engineering and Applications

top related