Your SlideShare is downloading. ×
0
Purpose-Centric Secure Information Sharing
Purpose-Centric Secure Information Sharing
Purpose-Centric Secure Information Sharing
Purpose-Centric Secure Information Sharing
Purpose-Centric Secure Information Sharing
Purpose-Centric Secure Information Sharing
Purpose-Centric Secure Information Sharing
Purpose-Centric Secure Information Sharing
Purpose-Centric Secure Information Sharing
Purpose-Centric Secure Information Sharing
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Purpose-Centric Secure Information Sharing

925

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
925
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Purpose-Centric Secure Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security (ICS) University of Texas at San Antonio September 2009 ravi.sandhu@utsa.edu www.profsandhu.com © Ravi Sandhu
  • 2. Butler Lampson Paraphrased (I think) <ul><li>Computer scientists could never have designed the web because they would have tried to make it work. </li></ul><ul><li>But the Web does “work.” </li></ul><ul><li>What does it mean for the Web to “work”? </li></ul><ul><li>Security geeks could never have designed the ATM network because they would have tried to make it secure. </li></ul><ul><li>But the ATM network is “secure. </li></ul><ul><li>What does it mean for the ATM network to be “secure”? </li></ul>© Ravi Sandhu
  • 3. Security Objectives INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure © Ravi Sandhu
  • 4. Security Objectives INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure USAGE purpose © Ravi Sandhu
  • 5. Security Objectives INTEGRITY modification AVAILABILITY access CONFIDENTIALITY disclosure USAGE purpose USAGE © Ravi Sandhu
  • 6. Information Sharing Modes © Ravi Sandhu <ul><li>Fundamental Goal: Share BUT Protect </li></ul><ul><li>I. Dissemination-Centric Sharing </li></ul><ul><ul><li>Digital Rights Management </li></ul></ul><ul><ul><li>Enterprise Rights Management </li></ul></ul><ul><ul><li>XrML </li></ul></ul><ul><li>II. Query-Centric Sharing </li></ul><ul><ul><li>Queries wrt a protected dataset </li></ul></ul><ul><ul><li>Several talks yesterday focused on privacy protection </li></ul></ul><ul><ul><li>More generally de-aggregation/inference protection </li></ul></ul><ul><li>III. Purpose-Centric Sharing </li></ul><ul><ul><li>Sharing for a purpose </li></ul></ul><ul><ul><li>Mission-centric sharing </li></ul></ul><ul><ul><li>Group-centric sharing </li></ul></ul>
  • 7. Information Protection Models <ul><li>Discretionary Access Control (DAC) </li></ul><ul><ul><li>Owner-based discretion </li></ul></ul><ul><ul><li>Classic formulation fails to distinguish copy from read </li></ul></ul><ul><li>Lattice-Based Access Control (LBAC) </li></ul><ul><ul><li>One directional information flow in a lattice of security labels </li></ul></ul><ul><ul><li>Rigid and coarse-grained due to strict one-directional information flow within predefined security labels </li></ul></ul><ul><li>Role-Based Access Control (RBAC) </li></ul><ul><ul><li>Role is central, administration is simplified </li></ul></ul><ul><ul><li>Flexible: can be configured to do DAC or LBAC </li></ul></ul><ul><ul><li>Role engineering/discovery is challenging </li></ul></ul><ul><li>Attribute-Based Access Control (ABAC) </li></ul><ul><ul><li>Subsumes security labels, roles and more </li></ul></ul><ul><ul><li>Attribute engineering even more challenging </li></ul></ul><ul><li>Usage Control (UCON) </li></ul><ul><ul><li>ABAC on steroids </li></ul></ul><ul><ul><li>Consumable rights, usage limits, obligations, conditions </li></ul></ul>© Ravi Sandhu
  • 8. Group-Centric Sharing (g-SIS) <ul><li>Brings users & objects together in a group for some purpose </li></ul><ul><li>Metaphor: secure meeting room </li></ul><ul><li>Research goal: combine elements of DAC, LBAC, RBAC, ABAC, UCON, g-SIS into a coherent framework for purpose-centric information sharing while leveraging dissemination-centric and data-centric information sharing </li></ul><ul><li>Initial focus: understand and formalize g-SIS </li></ul>© Ravi Sandhu Group Authz (u,o,r)? join leave add remove Users Objects
  • 9. PEI Layers World-View © Ravi Sandhu Security and system goals Policy models Enforcement models/architectures Implementation models/architectures/platforms Concrete System <ul><li>Necessarily informal </li></ul><ul><li>Specified in terms of users, subjects, objects, administrators, labels, roles, groups, etc. in an idealized setting. </li></ul><ul><li>Security analysis (e.g. security objectives, security properties, etc.) </li></ul><ul><li>Approximated policy realized using system architecture with trusted servers, secure protocols, etc. in a real-world setting </li></ul><ul><li>Enforcement level security analysis (e.g. safe approximations with respect to network latency, protocol proofs, security properties, etc.) </li></ul><ul><li>Technologies and standards such as SOA, Cloud, SaaS, TCG/TPM, MILS, X.509, SAML, XACML, Oath, Oauth, etc. </li></ul><ul><li>Implementation level security analysis (e.g. vulnerability analysis, penetration testing, protocol proofs, security properties, etc.) </li></ul><ul><li>Layered software stacks executing on hardware </li></ul>
  • 10. Published Results to Date <ul><li>Ram Krishnan, Ravi Sandhu, Jianwei Niu and William Winsborough, Foundations for Group-Centric Secure Information Sharing Models. Proc. 14th ACM Symposium on Access Control Models and Technologies (SACMAT), Stresa, Italy, June 3-5, 2009, pages 115-124. </li></ul><ul><li>Ram Krishnan, Ravi Sandhu, Jianwei Niu and William Winsborough, A Conceptual Framework for Group-Centric Secure Information Sharing. Proc. 4th ACM Symposium on Information, Computer and Communications Security (AsiaCCS) , Sydney, Australia, March 10-12, 2009, pages 384-387. </li></ul><ul><li>Ram Krishnan, Jianwei Niu, Ravi Sandhu and William Winsborough, Stale-Safe Security Properties for Group-Based Secure Information Sharing . Proc. 6th ACM-CCS Workshop on Formal Methods in Security Engineering (FMSE) , Alexandria, Virginia, October 27, 2008, pages 53-62. </li></ul><ul><li>Ram Krishnan and Ravi Sandhu, A Hybrid Enforcement Model for Group-Centric Secure Information Sharing. Proc. IEEE International Symposium on Secure Computing (SecureCom-09), Vancouver, Canada, August 29-31, 2009. </li></ul><ul><li>Ram Krishnan and Ravi Sandhu, Enforcement Architecture and Implementation Model for Group-Centric Information Sharing. Proc. 1st International Workshop on Security and Communication Networks (IWSCN), Trondheim, Norway, May 20-22, 2009. </li></ul>© Ravi Sandhu

×