SlideShare a Scribd company logo

multiparty access control

Download as PPTX, PDF
Levin Sibi
Levin Sibi

multiparty access control for online social networks : models and mechanisms

Engineering
1 of 25
WELCOME LEVIN SIBI ROLL NO.12 REG.NO.12122011
INTRODUCTION  ONLINE social networks (OSNs).  Virtual space and web pages.  User have no control over data residing outside their spaces.  Each user has a different privacy concerns about the data related to them. 15-04-2015COET DEPT CSE 2
 Each user can make a reference to his/her friends. Reporting to OSNs only allows us to either keep or delete the content. MPAC allows collaborative management of shared data. Effectiveness and Flexibility of MPAC. 15-04-2015COET DEPT CSE 3
LITERATURE REVIEW  Representing and Reasoning about Web Access Control Policies: Gail- Joon Ahn • Specifies access control policies for applications-mainly-cloud Moving Beyond Untagging Photo Privacy in a Tagged World: Andrew Besmer • Defines a set of rules A Collaborative Framework for Privacy Protection in Online Social Networks: Huaixi Wang • Provide encrypted data to server • Each user make use of public, private keys 15-04-2015COET DEPT CSE 4
MAJOR SCENARIOS Profile sharing. Content sharing. Relationship sharing. 15-04-2015COET DEPT CSE 5
MPAC MODEL • OSN can be represented by a relationship network , a set of user groups ,a collection of user data . • Existing access control schemes. • Single access control scheme. • Concept of Multiple controllers. 15-04-2015COET DEPT CSE 6
• Major controllers • Owner • Contributor • Stakeholder • Disseminator 15-04-2015COET DEPT CSE 7
15-04-2015COET DEPT CSE 8
ACCESSOR • Accessors are a set of users who are granted to access the shared data • sensitivity levels (SL) for conflict resolution. • SL are multi dimensional with varying degree of sensitivity. 15-04-2015COET DEPT CSE 9
MPAC POLICY A MPAC policy is a 5-tuple Controller Ctype Accessor Data Effect 15-04-2015COET DEPT CSE 10
EXAMPLE P = <controller; ctype; accessor; data; effect> Data is specified as a tuple p1 = (Alice,OW, {<friendOf,RN>},<status01, 0:50>, permit) 15-04-2015COET DEPT CSE 11
Multiparty policy evaluation process 15-04-2015COET DEPT CSE 12
• Different privacy concerns leads to conflicts • Naïve solution  Allow common users. Drawback  Too Restrictive • Need for Effective Conflict resolution strategy  Maintain privacy and flexibility 15-04-2015COET DEPT CSE 13
MULTIPARTY POLICY EVALUATION 1. Voting scheme for decision making. • Decision from each controller has an effect on final decision • DV = 0 if evaluation of policy = Deny 1 if Evaluation of policy =Permit • DVag=( DVow+DVcb+ 𝑖€𝑠𝑠 𝐷𝑉𝑠𝑡 ) × 1 𝑚 where m is the no of controllers. 15-04-2015COET DEPT CSE 14
• Sensitivity voting. Each controller assigns an SL to the shared data item to reflect her/his privacy concern. • A sensitivity score (SC) (in the range from 0.00 to 1.00) • SC=( SLow+SLcb+ 𝑖€𝑠𝑠 𝑆𝐿𝑠𝑡 ) × 1 𝑚 15-04-2015COET DEPT CSE 15
2.Threshold-Based Conflict Resolution • If the Sc is higher, the final decision has a high chance to deny access • Otherwise allow access • Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝑖𝑓 𝐷𝑉 𝑎𝑔 > 𝑆𝑐 𝐷𝑒𝑛𝑦 𝑖𝑓 𝐷𝑉 𝑎𝑔 ≤ 𝑆𝑐 • If any controller changes her/his policy or SL for the shared data item, the DV ag and Sc will be recomputed,and the final decision may be changed accordingly 15-04-2015COET DEPT CSE 16
3. STRATEGY-BASED CONFLICT RESOLUTION WITH PRIVACY RECOMMENDATION • Major strategies  Owner-overrides Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝐷𝑉𝑎𝑔 = 1 𝐷𝑒𝑛𝑦 𝐷𝑉𝑎𝑔 = 0  Full-consensus-permit Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝐷𝑉𝑎𝑔 = 1 𝐷𝑒𝑛𝑦 𝑜𝑡ℎ𝑒𝑟𝑤𝑖𝑠𝑒 15-04-2015COET DEPT CSE 17
 Majority-permit Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝐷𝑉𝑎𝑔 ≥ 1/2 𝐷𝑒𝑛𝑦 𝐷𝑉𝑎𝑔 < 1/2  Super-majority-permit Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝐷𝑉𝑎𝑔 ≥ 1/3 𝐷𝑒𝑛𝑦 𝐷𝑉𝑎𝑔 < 1/3 15-04-2015COET DEPT CSE 18
4.CONFLICT RESOLUTION FOR DISSEMINATION CONTROL • Disseminator can specify his policy concerns • Weaker policy problems • Deny Overrides strategy • Logical AND operation 15-04-2015COET DEPT CSE 19
15-04-2015COET DEPT CSE 20
PROTOTYPE MODEL 15-04-2015COET DEPT CSE 21
FUTURE SCOPE Auto-tagging Encrypted Data Sharing Advertisement policy specification 15-04-2015COET DEPT CSE 22
CONCLUSION Multiparty policy specification Mcontroller Flexible selection of strategies 15-04-2015COET DEPT CSE 23
REFERENCES  G. Ahn and H. Hu, “Towards Realizing a Formal RBAC Model in Real Systems,” Proc. 12th ACM Symp. Access Control Models and Technologies, pp. 215-224, 2007.  G. Ahn, H. Hu, J. Lee, and Y. Meng, “Representing and Reasoning about Web Access Control Policies,” Proc. IEEE 34th Ann. Computer Software and Applications Conf. (COMPSAC), pp. 137-146, 2010.  Besmer and H.R. Lipford, “Moving beyond Untagging: Photo Privacy in a Tagged World,” Proc. 28th Int’l Conf. Human Factors in Computing Systems, pp. 1563-1572, 2010.  L. Bilge, T. Strufe, D. Balzarotti, and E. Kirda, “All Your Contacts Are Belong to Us: Automated Identity theft Attacks on Social Networks,” Proc. 18th Int’l Conf. World Wide Web, pp. 551-560, 2009.  B. Carminati and E. Ferrari, “Collaborative Access Control in On- Line Social Networks,” Proc. Seventh Int’l Conf. Collaborative Computing: Networking, Applications and Worksharing (Collaborate- Com), pp. 231-240, 2011. 15-04-2015COET DEPT CSE 24
THANK YOU

Recommended

Multiparty Access Control For Online Social Networks : Model and Mechanisms.
Multiparty Access Control For Online Social Networks : Model and Mechanisms.Multiparty Access Control For Online Social Networks : Model and Mechanisms.
Multiparty Access Control For Online Social Networks : Model and Mechanisms.Kiran K.V.S.
 
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIA
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIARESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIA
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIANexgen Technology
 
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIA
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIARESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIA
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIANexgen Technology
 
Access control in decentralized online social networks applying a policy hidi...
Access control in decentralized online social networks applying a policy hidi...Access control in decentralized online social networks applying a policy hidi...
Access control in decentralized online social networks applying a policy hidi...IGEEKS TECHNOLOGIES
 
Social Network
Social NetworkSocial Network
Social NetworkSuraj Thapaliya
 
Microsoft access
Microsoft accessMicrosoft access
Microsoft accessCafeImantado
 
Microsoft access
Microsoft accessMicrosoft access
Microsoft accessZussetty Purihuamán Cespedes
 
Access point
Access pointAccess point
Access pointDanniel Cesmas
 

Recommended

Multiparty Access Control For Online Social Networks : Model and Mechanisms.
Multiparty Access Control For Online Social Networks : Model and Mechanisms.Multiparty Access Control For Online Social Networks : Model and Mechanisms.
Multiparty Access Control For Online Social Networks : Model and Mechanisms.Kiran K.V.S.
 
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIA
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIARESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIA
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIANexgen Technology
 
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIA
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIARESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIA
RESOLVING MULTI-PARTY PRIVACY CONFLICTS IN SOCIAL MEDIANexgen Technology
 
Access control in decentralized online social networks applying a policy hidi...
Access control in decentralized online social networks applying a policy hidi...Access control in decentralized online social networks applying a policy hidi...
Access control in decentralized online social networks applying a policy hidi...IGEEKS TECHNOLOGIES
 
Social Network
Social NetworkSocial Network
Social NetworkSuraj Thapaliya
 
Microsoft access
Microsoft accessMicrosoft access
Microsoft accessCafeImantado
 
Microsoft access
Microsoft accessMicrosoft access
Microsoft accessZussetty Purihuamán Cespedes
 
Access point
Access pointAccess point
Access pointDanniel Cesmas
 
Configuracion de un access point
Configuracion de un access pointConfiguracion de un access point
Configuracion de un access pointJeffry Amador
 
Configuracion del access point wireless
Configuracion del access point wirelessConfiguracion del access point wireless
Configuracion del access point wirelesskarla1108
 
Objetivos y conclusiones de Access 2010
Objetivos y conclusiones de Access 2010Objetivos y conclusiones de Access 2010
Objetivos y conclusiones de Access 2010juan1924
 
Social networking
Social networkingSocial networking
Social networkingvishnukdixit
 
Agile Data Warehouse Design for Big Data Presentation
Agile Data Warehouse Design for Big Data PresentationAgile Data Warehouse Design for Big Data Presentation
Agile Data Warehouse Design for Big Data PresentationVishal Kumar
 
Social Networking Project
Social Networking ProjectSocial Networking Project
Social Networking Projectjessduff44
 
TRABAJO FINAL DE ACCESS 2010
TRABAJO FINAL DE ACCESS 2010TRABAJO FINAL DE ACCESS 2010
TRABAJO FINAL DE ACCESS 2010George Guerrero Garzon
 
Oracle: DW Design
Oracle: DW DesignOracle: DW Design
Oracle: DW DesignDataminingTools Inc
 
Microsoft Access
Microsoft AccessMicrosoft Access
Microsoft Accesssegundocontador
 
Social Networking Project (website) full documentation
Social Networking Project (website) full documentation Social Networking Project (website) full documentation
Social Networking Project (website) full documentation Tenzin Tendar
 
Operating system.ppt (1)
Operating system.ppt (1)Operating system.ppt (1)
Operating system.ppt (1)Vaibhav Bajaj
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
 
How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...
How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...
How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...Prolifics
 
LTE Asia 2013 - Policy Control & Abstraction
LTE Asia 2013 - Policy Control & AbstractionLTE Asia 2013 - Policy Control & Abstraction
LTE Asia 2013 - Policy Control & AbstractionPatrick Nijsters
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesPLUMgrid
 
Taking IT Analytics to the Next Level
Taking IT Analytics to the Next LevelTaking IT Analytics to the Next Level
Taking IT Analytics to the Next LevelCA Technologies
 
Troubleshooting for Intent-based Networking
Troubleshooting for Intent-based NetworkingTroubleshooting for Intent-based Networking
Troubleshooting for Intent-based NetworkingOpen Networking Summit
 
Cloud-Scale BGP and NetFlow Analysis
Cloud-Scale BGP and NetFlow AnalysisCloud-Scale BGP and NetFlow Analysis
Cloud-Scale BGP and NetFlow AnalysisAlex Henthorn-Iwane
 
Openstack Group-Based Policy
Openstack Group-Based PolicyOpenstack Group-Based Policy
Openstack Group-Based PolicyVinod Borole
 
Service Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - KloudlearnService Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - KloudlearnKloudLearn
 
Measure Twice, Alert Once (or Less)
Measure Twice, Alert Once (or Less)Measure Twice, Alert Once (or Less)
Measure Twice, Alert Once (or Less)DevOps.com
 
Propagating Data Policies - A User Study
Propagating Data Policies - A User StudyPropagating Data Policies - A User Study
Propagating Data Policies - A User StudyEnrico Daga
 

More Related Content

Viewers also liked

Configuracion de un access point
Configuracion de un access pointConfiguracion de un access point
Configuracion de un access pointJeffry Amador
 
Configuracion del access point wireless
Configuracion del access point wirelessConfiguracion del access point wireless
Configuracion del access point wirelesskarla1108
 
Objetivos y conclusiones de Access 2010
Objetivos y conclusiones de Access 2010Objetivos y conclusiones de Access 2010
Objetivos y conclusiones de Access 2010juan1924
 
Agile Data Warehouse Design for Big Data Presentation
Agile Data Warehouse Design for Big Data PresentationAgile Data Warehouse Design for Big Data Presentation
Agile Data Warehouse Design for Big Data PresentationVishal Kumar
 
Social Networking Project
Social Networking ProjectSocial Networking Project
Social Networking Projectjessduff44
 
Social Networking Project (website) full documentation
Social Networking Project (website) full documentation Social Networking Project (website) full documentation
Social Networking Project (website) full documentation Tenzin Tendar
 
Operating system.ppt (1)
Operating system.ppt (1)Operating system.ppt (1)
Operating system.ppt (1)Vaibhav Bajaj
 

Viewers also liked (11)

Configuracion de un access point
Configuracion de un access pointConfiguracion de un access point
Configuracion de un access point
 
Configuracion del access point wireless
Configuracion del access point wirelessConfiguracion del access point wireless
Configuracion del access point wireless
 
Objetivos y conclusiones de Access 2010
Objetivos y conclusiones de Access 2010Objetivos y conclusiones de Access 2010
Objetivos y conclusiones de Access 2010
 
Social networking
Social networkingSocial networking
Social networking
 
Agile Data Warehouse Design for Big Data Presentation
Agile Data Warehouse Design for Big Data PresentationAgile Data Warehouse Design for Big Data Presentation
Agile Data Warehouse Design for Big Data Presentation
 
Social Networking Project
Social Networking ProjectSocial Networking Project
Social Networking Project
 
TRABAJO FINAL DE ACCESS 2010
TRABAJO FINAL DE ACCESS 2010TRABAJO FINAL DE ACCESS 2010
TRABAJO FINAL DE ACCESS 2010
 
Oracle: DW Design
Oracle: DW DesignOracle: DW Design
Oracle: DW Design
 
Microsoft Access
Microsoft AccessMicrosoft Access
Microsoft Access
 
Social Networking Project (website) full documentation
Social Networking Project (website) full documentation Social Networking Project (website) full documentation
Social Networking Project (website) full documentation
 
Operating system.ppt (1)
Operating system.ppt (1)Operating system.ppt (1)
Operating system.ppt (1)
 

Similar to multiparty access control

Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
 
How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...
How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...
How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...Prolifics
 
LTE Asia 2013 - Policy Control & Abstraction
LTE Asia 2013 - Policy Control & AbstractionLTE Asia 2013 - Policy Control & Abstraction
LTE Asia 2013 - Policy Control & AbstractionPatrick Nijsters
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesPLUMgrid
 
Taking IT Analytics to the Next Level
Taking IT Analytics to the Next LevelTaking IT Analytics to the Next Level
Taking IT Analytics to the Next LevelCA Technologies
 
Troubleshooting for Intent-based Networking
Troubleshooting for Intent-based NetworkingTroubleshooting for Intent-based Networking
Troubleshooting for Intent-based NetworkingOpen Networking Summit
 
Cloud-Scale BGP and NetFlow Analysis
Cloud-Scale BGP and NetFlow AnalysisCloud-Scale BGP and NetFlow Analysis
Cloud-Scale BGP and NetFlow AnalysisAlex Henthorn-Iwane
 
Openstack Group-Based Policy
Openstack Group-Based PolicyOpenstack Group-Based Policy
Openstack Group-Based PolicyVinod Borole
 
Service Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - KloudlearnService Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - KloudlearnKloudLearn
 
Measure Twice, Alert Once (or Less)
Measure Twice, Alert Once (or Less)Measure Twice, Alert Once (or Less)
Measure Twice, Alert Once (or Less)DevOps.com
 
Propagating Data Policies - A User Study
Propagating Data Policies - A User StudyPropagating Data Policies - A User Study
Propagating Data Policies - A User StudyEnrico Daga
 
Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014GBX Summits
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systemsDevOps Indonesia
 
Overwhelmed by Operating Systems?
Overwhelmed by Operating Systems?Overwhelmed by Operating Systems?
Overwhelmed by Operating Systems?HelpSystems
 
IT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterIT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterGary Pennington
 
Cloud Native Bern 05.2023 — Zero Trust Visibility
Cloud Native Bern 05.2023 — Zero Trust VisibilityCloud Native Bern 05.2023 — Zero Trust Visibility
Cloud Native Bern 05.2023 — Zero Trust VisibilityRaphaël PINSON
 
Policy Guided Fulfillmentof Murano Applications
Policy Guided Fulfillmentof Murano ApplicationsPolicy Guided Fulfillmentof Murano Applications
Policy Guided Fulfillmentof Murano Applicationsrpospisil
 
Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meetingfcleary
 
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...apidays
 

Similar to multiparty access control (20)

Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWs
 
How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...
How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...
How to Leverage IBM Technology and Custom Portal Dashboards to Monitor the He...
 
LTE Asia 2013 - Policy Control & Abstraction
LTE Asia 2013 - Policy Control & AbstractionLTE Asia 2013 - Policy Control & Abstraction
LTE Asia 2013 - Policy Control & Abstraction
 
Design and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use CasesDesign and Deploy Secure Clouds for Financial Services Use Cases
Design and Deploy Secure Clouds for Financial Services Use Cases
 
Taking IT Analytics to the Next Level
Taking IT Analytics to the Next LevelTaking IT Analytics to the Next Level
Taking IT Analytics to the Next Level
 
Troubleshooting for Intent-based Networking
Troubleshooting for Intent-based NetworkingTroubleshooting for Intent-based Networking
Troubleshooting for Intent-based Networking
 
Cloud-Scale BGP and NetFlow Analysis
Cloud-Scale BGP and NetFlow AnalysisCloud-Scale BGP and NetFlow Analysis
Cloud-Scale BGP and NetFlow Analysis
 
Openstack Group-Based Policy
Openstack Group-Based PolicyOpenstack Group-Based Policy
Openstack Group-Based Policy
 
Service Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - KloudlearnService Organizational Control (SOC 2) Compliance - Kloudlearn
Service Organizational Control (SOC 2) Compliance - Kloudlearn
 
Measure Twice, Alert Once (or Less)
Measure Twice, Alert Once (or Less)Measure Twice, Alert Once (or Less)
Measure Twice, Alert Once (or Less)
 
Propagating Data Policies - A User Study
Propagating Data Policies - A User StudyPropagating Data Policies - A User Study
Propagating Data Policies - A User Study
 
Review_2013
Review_2013Review_2013
Review_2013
 
Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014Qumas Collaboration to Innovation Quality QMS PIMS 2014
Qumas Collaboration to Innovation Quality QMS PIMS 2014
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systems
 
Overwhelmed by Operating Systems?
Overwhelmed by Operating Systems?Overwhelmed by Operating Systems?
Overwhelmed by Operating Systems?
 
IT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit CenterIT Compliance: Shifting from Cost Center to Profit Center
IT Compliance: Shifting from Cost Center to Profit Center
 
Cloud Native Bern 05.2023 — Zero Trust Visibility
Cloud Native Bern 05.2023 — Zero Trust VisibilityCloud Native Bern 05.2023 — Zero Trust Visibility
Cloud Native Bern 05.2023 — Zero Trust Visibility
 
Policy Guided Fulfillmentof Murano Applications
Policy Guided Fulfillmentof Murano ApplicationsPolicy Guided Fulfillmentof Murano Applications
Policy Guided Fulfillmentof Murano Applications
 
Endorse cluster meeting
Endorse cluster meetingEndorse cluster meeting
Endorse cluster meeting
 
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
apidays LIVE New York 2021 - Microservice Authorization with Open Policy Agen...
 

Recently uploaded

The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college projectTonystark477637
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesPrabhanshu Chaturvedi
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdfKamal Acharya
 

Recently uploaded (20)

The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and Properties
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdf
 

multiparty access control

  • 2. INTRODUCTION  ONLINE social networks (OSNs).  Virtual space and web pages.  User have no control over data residing outside their spaces.  Each user has a different privacy concerns about the data related to them. 15-04-2015COET DEPT CSE 2
  • 3.  Each user can make a reference to his/her friends. Reporting to OSNs only allows us to either keep or delete the content. MPAC allows collaborative management of shared data. Effectiveness and Flexibility of MPAC. 15-04-2015COET DEPT CSE 3
  • 4. LITERATURE REVIEW  Representing and Reasoning about Web Access Control Policies: Gail- Joon Ahn • Specifies access control policies for applications-mainly-cloud Moving Beyond Untagging Photo Privacy in a Tagged World: Andrew Besmer • Defines a set of rules A Collaborative Framework for Privacy Protection in Online Social Networks: Huaixi Wang • Provide encrypted data to server • Each user make use of public, private keys 15-04-2015COET DEPT CSE 4
  • 5. MAJOR SCENARIOS Profile sharing. Content sharing. Relationship sharing. 15-04-2015COET DEPT CSE 5
  • 6. MPAC MODEL • OSN can be represented by a relationship network , a set of user groups ,a collection of user data . • Existing access control schemes. • Single access control scheme. • Concept of Multiple controllers. 15-04-2015COET DEPT CSE 6
  • 7. • Major controllers • Owner • Contributor • Stakeholder • Disseminator 15-04-2015COET DEPT CSE 7
  • 9. ACCESSOR • Accessors are a set of users who are granted to access the shared data • sensitivity levels (SL) for conflict resolution. • SL are multi dimensional with varying degree of sensitivity. 15-04-2015COET DEPT CSE 9
  • 10. MPAC POLICY A MPAC policy is a 5-tuple Controller Ctype Accessor Data Effect 15-04-2015COET DEPT CSE 10
  • 11. EXAMPLE P = <controller; ctype; accessor; data; effect> Data is specified as a tuple p1 = (Alice,OW, {<friendOf,RN>},<status01, 0:50>, permit) 15-04-2015COET DEPT CSE 11
  • 12. Multiparty policy evaluation process 15-04-2015COET DEPT CSE 12
  • 13. • Different privacy concerns leads to conflicts • Naïve solution  Allow common users. Drawback  Too Restrictive • Need for Effective Conflict resolution strategy  Maintain privacy and flexibility 15-04-2015COET DEPT CSE 13
  • 14. MULTIPARTY POLICY EVALUATION 1. Voting scheme for decision making. • Decision from each controller has an effect on final decision • DV = 0 if evaluation of policy = Deny 1 if Evaluation of policy =Permit • DVag=( DVow+DVcb+ 𝑖€𝑠𝑠 𝐷𝑉𝑠𝑡 ) × 1 𝑚 where m is the no of controllers. 15-04-2015COET DEPT CSE 14
  • 15. • Sensitivity voting. Each controller assigns an SL to the shared data item to reflect her/his privacy concern. • A sensitivity score (SC) (in the range from 0.00 to 1.00) • SC=( SLow+SLcb+ 𝑖€𝑠𝑠 𝑆𝐿𝑠𝑡 ) × 1 𝑚 15-04-2015COET DEPT CSE 15
  • 16. 2.Threshold-Based Conflict Resolution • If the Sc is higher, the final decision has a high chance to deny access • Otherwise allow access • Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝑖𝑓 𝐷𝑉 𝑎𝑔 > 𝑆𝑐 𝐷𝑒𝑛𝑦 𝑖𝑓 𝐷𝑉 𝑎𝑔 ≤ 𝑆𝑐 • If any controller changes her/his policy or SL for the shared data item, the DV ag and Sc will be recomputed,and the final decision may be changed accordingly 15-04-2015COET DEPT CSE 16
  • 17. 3. STRATEGY-BASED CONFLICT RESOLUTION WITH PRIVACY RECOMMENDATION • Major strategies  Owner-overrides Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝐷𝑉𝑎𝑔 = 1 𝐷𝑒𝑛𝑦 𝐷𝑉𝑎𝑔 = 0  Full-consensus-permit Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝐷𝑉𝑎𝑔 = 1 𝐷𝑒𝑛𝑦 𝑜𝑡ℎ𝑒𝑟𝑤𝑖𝑠𝑒 15-04-2015COET DEPT CSE 17
  • 18.  Majority-permit Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝐷𝑉𝑎𝑔 ≥ 1/2 𝐷𝑒𝑛𝑦 𝐷𝑉𝑎𝑔 < 1/2  Super-majority-permit Decision= 𝑃𝑒𝑟𝑚𝑖𝑡 𝐷𝑉𝑎𝑔 ≥ 1/3 𝐷𝑒𝑛𝑦 𝐷𝑉𝑎𝑔 < 1/3 15-04-2015COET DEPT CSE 18
  • 19. 4.CONFLICT RESOLUTION FOR DISSEMINATION CONTROL • Disseminator can specify his policy concerns • Weaker policy problems • Deny Overrides strategy • Logical AND operation 15-04-2015COET DEPT CSE 19
  • 22. FUTURE SCOPE Auto-tagging Encrypted Data Sharing Advertisement policy specification 15-04-2015COET DEPT CSE 22
  • 23. CONCLUSION Multiparty policy specification Mcontroller Flexible selection of strategies 15-04-2015COET DEPT CSE 23
  • 24. REFERENCES  G. Ahn and H. Hu, “Towards Realizing a Formal RBAC Model in Real Systems,” Proc. 12th ACM Symp. Access Control Models and Technologies, pp. 215-224, 2007.  G. Ahn, H. Hu, J. Lee, and Y. Meng, “Representing and Reasoning about Web Access Control Policies,” Proc. IEEE 34th Ann. Computer Software and Applications Conf. (COMPSAC), pp. 137-146, 2010.  Besmer and H.R. Lipford, “Moving beyond Untagging: Photo Privacy in a Tagged World,” Proc. 28th Int’l Conf. Human Factors in Computing Systems, pp. 1563-1572, 2010.  L. Bilge, T. Strufe, D. Balzarotti, and E. Kirda, “All Your Contacts Are Belong to Us: Automated Identity theft Attacks on Social Networks,” Proc. 18th Int’l Conf. World Wide Web, pp. 551-560, 2009.  B. Carminati and E. Ferrari, “Collaborative Access Control in On- Line Social Networks,” Proc. Seventh Int’l Conf. Collaborative Computing: Networking, Applications and Worksharing (Collaborate- Com), pp. 231-240, 2011. 15-04-2015COET DEPT CSE 24