Upload File

Download - Enforcing RFID Data Visibility Restrictions using XACML security policies

Transcript
Page 1: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

Slide 1

Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Mark Harrison, Sanjay Sarma, José Alves Marques

Técnico Lisboa, University of Cambridge, Massachusetts Institute of Technology

Page 2: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

Traceability systems assessment framework

Slide 2

http://trakchain.net

Page 3: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

Each individual item takes a unique path...

Slide 3

Page 4: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

Traceability data security

Slide 4

Page 5: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

SCAz – Supply Chain Authorization Language

• Classical authorization mechanisms - EAC – Enumerated Access Control

• Access control lists

- CCT – Chain of Communication Tokens

Slide 5

Page 6: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

Externalized security

•Authentication

- SAML

•Message level (cryptographic) protection

- TLS

•Authorization

- XACML

Slide 6

Page 7: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

eXtensible Access Control Markup Language

Slide 7

Page 8: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

XACML request processing

Slide 8

Page 9: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

Performance assessment tool

Slide 9

Page 10: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

EAC processing time breakdown for request evaluation

Slide 10

Page 11: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

EAC and CCT evaluation time with increasing item numbers

Slide 11

Page 12: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

Contributions

• Data sharing policies

• XACML translation

• Correctness check

• Performance assessment

• Future work - Pharma pedigree case study

- Combine approaches in expressive language

- “Automatic” authorization • minimize admin burden for traceability data sharing

Slide 12

Page 13: Enforcing RFID Data Visibility Restrictions using XACML security policies

Miguel Pardal, Enforcing RFID Data Visibility using XACML security policies

Visit http://trakchain.net

Slide 13

Merci!


Top Related

eXtensible Access Control Markup Language (XACML) Version 3docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.pdf · This specification defines Version 3.0 of the eXtensible
eXtensible Access Control Markup Language (XACML) Version 3docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.pdf · This specification defines Version 3.0 of the eXtensible
XACML Intellectual Property Control (IPC) Profile Version 1docs.oasis-open.org/xacml/3.0/ipc/v1.0/csprd03/xacml-3.0... · 2012-05-17 · XACML Intellectual Property Control (IPC)
XACML Intellectual Property Control (IPC) Profile Version 1docs.oasis-open.org/xacml/3.0/ipc/v1.0/csprd03/xacml-3.0... · 2012-05-17 · XACML Intellectual Property Control (IPC)
XACML Data Loss Prevention / Network Access Control (DLP ...docs.oasis-open.org/xacml/xacml-3.0-dlp-nac/v1.0/... · XACML Data Loss Prevention / Network Access Control (DLP/NAC) Profile
XACML Data Loss Prevention / Network Access Control (DLP ...docs.oasis-open.org/xacml/xacml-3.0-dlp-nac/v1.0/... · XACML Data Loss Prevention / Network Access Control (DLP/NAC) Profile
SAML 2.0 Profile of XACML 2.0 v2 - OASISdocs.oasis-open.org/xacml/3.0/xacml-profile-saml2.0-v2-spec-cs-01-en.pdfthis profile: 1) use of SAML 2.0 Attribute Assertions with XACML, including
SAML 2.0 Profile of XACML 2.0 v2 - OASISdocs.oasis-open.org/xacml/3.0/xacml-profile-saml2.0-v2-spec-cs-01-en.pdfthis profile: 1) use of SAML 2.0 Attribute Assertions with XACML, including
eXtensible Access Control Markup Language (XACML) Version ...docs.oasis-open.org/xacml/3.0/errata01/os/xacml-3... · xacml-3.0-core-spec-errata01-os-complete 12 July 2017 Standards
eXtensible Access Control Markup Language (XACML) Version ...docs.oasis-open.org/xacml/3.0/errata01/os/xacml-3... · xacml-3.0-core-spec-errata01-os-complete 12 July 2017 Standards
JSON Profile of XACML 3.0 Version 1.0 - OASISdocs.oasis-open.org/xacml/xacml-json-http/v1.0/cs... · Web viewThe order of the objects and values in XACML does not matter. Therefore,
JSON Profile of XACML 3.0 Version 1.0 - OASISdocs.oasis-open.org/xacml/xacml-json-http/v1.0/cs... · Web viewThe order of the objects and values in XACML does not matter. Therefore,
Ain't Nothing Like the Real Thing: Enforcing Land Use Restrictions
Ain't Nothing Like the Real Thing: Enforcing Land Use Restrictions
04 Fn42434en80gla0 Xacml Examples
04 Fn42434en80gla0 Xacml Examples