rbac-capability project design session ii zutao zhu derived from karthick jayaraman
DESCRIPTION
NOTICESTRANSCRIPT
![Page 1: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/1.jpg)
RBAC-Capability ProjectRBAC-Capability ProjectDesign Session II
Zutao Zhu
Derived from Karthick Jayaraman
![Page 2: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/2.jpg)
AgendaAgendaAnnouncementsDesign questions
◦Delegation◦Separation of duty◦Setuid
Task list for project
![Page 3: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/3.jpg)
NOTICESNOTICES
![Page 4: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/4.jpg)
NoticesNoticesDesign session I minutes are
online.Design document
◦Due on Monday, Nov 5, 2009◦You may just summarize your plan
for each design section.◦Please do not make an elaborate
document.
![Page 5: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/5.jpg)
DESIGN QUESTIONSDESIGN QUESTIONS
![Page 6: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/6.jpg)
DelegationDelegationCAP_ROLE_DELEGATE Delegated roles are available to
users immediately.User should explicitly activate
delegated roles.The delegated roles should be
available to all user-sessions.Delegation ends when machine
reboots or the delegating user revokes the delegation.
Revocation: Revoking a delegation chain is a challenge.
![Page 7: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/7.jpg)
Delegation - continuedDelegation - continuedQuestions:
◦Where to store delegated roles?◦How to enforce SSD and DSD for a
delegation?◦How to do revocation?
![Page 8: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/8.jpg)
Separation of DutySeparation of DutyStatic Separation of Duty (SSD)Dynamic separation of Duty
(DSD)When to check each?How to represent the rules?Who can update the rules?Can the rules keep changing
often?
![Page 9: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/9.jpg)
Setuid MechanismSetuid MechanismSetuid programsTraditional setuid programs
should work.Set-owner-role program: How
could a RBAC-aware support a setuid equivalent mechanism?
Do we need a different identification mechanism for set-owner-role program ?
![Page 10: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/10.jpg)
Setuid Mechanism - Setuid Mechanism - ContinuedContinuedWhat is the meaning of these
system calls in the RBAC model:◦Setuid()◦Seteuid()
Should these system calls be allowed for a set-owner-role program?
![Page 11: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/11.jpg)
STAGES IN PROJECTSTAGES IN PROJECT
![Page 12: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/12.jpg)
StagesStages Implementing commands to do UA and PA
assignment. Defining all kernel level data structures
required for supporting RBAC-Capability.◦ Representing roles and capabiities.◦ Representing session.◦ Additional data structure(s) to support delegation.◦ Changes to fproc structure.
Changing login.c to setup a session.
![Page 13: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/13.jpg)
Stages - continuedStages - continued Implementing role operations: Enable /
Disable / and Drop session. Implementing delegation.Writing functions and commands to check SSD
and DSD rules.Supporting set-owner-role programs.Changes to reference monitor.
![Page 14: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/14.jpg)
Next milestoneNext milestoneSetup all kernel data-structures
required for supporting RBAC-capability.
Implement all role operations.◦Should have a facility to printout all
role / capabilities for the process.◦Should be able to show the
correctness of all role operations.
![Page 15: RBAC-Capability Project Design Session II Zutao Zhu Derived from Karthick Jayaraman](https://reader034.vdocuments.us/reader034/viewer/2022052606/5a4d1aec7f8b9ab05997b492/html5/thumbnails/15.jpg)
Thank youThank you