Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Self-Adaptive Federated Authorisation Infrastructures

390 views

Published on

Slides from a talk given at our weekly lab seminar at NII, Tokyo. The talk is mostly based on Christopher Bailey et al's paper on "Self-Adaptive Federated Authorization Infrastructures", as well as related work I was involved with.

Published in: Software
  • I like this service ⇒ www.WritePaper.info ⇐ from Academic Writers. I don't have enough time write it by myself.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Self-Adaptive Federated Authorisation Infrastructures

  1. 1. Self-Adaptive Federated Authorisation Infrastructures Lionel Montrieux
  2. 2. C. Bailey, D. Chadwick, R. de Lemos, Self-adaptive federated authorization infrastructures. JCSS, 2014
  3. 3. C. Bailey, L. Montrieux, R. de Lemos, Y. Yu, M. Wermelinger, Run-time generation, transformation, and verification of access control models for self-protection. SEAMS’14
  4. 4. L. Montrieux, C. Bailey, R. de Lemos, A. Bandara, Engineering self-adaptive authorisation infrastructures. Draft.
  5. 5. Part 1
  6. 6. I am Arthur, king of the Britons
  7. 7. None shall pass.
  8. 8. It’s just a scratch.
  9. 9. Just a flesh wound.
  10. 10. I’m invincible!!!
  11. 11. Let’s just call it a draw then.
  12. 12. Come on, Patsy.
  13. 13. –Sinclair et al, 2007 “We have been cited examples in which 50-90% of the individuals with access to particular data store also have legacy access to information that they no longer need.”
  14. 14. Self-Adaptive Authorisation
  15. 15. –Cheng et al., 2009 “Self-adaptive systems are systems that are able to modify their behaviour and/ or structure in response changes that occur to the system itself, its environment, or even its goals.”
  16. 16. –Montrieux et al, draft “Self-adaptive authorisation infrastructures refer to the run-time adaptation of the collection of authorisation policies and their enforcement.”
  17. 17. –Bailey et al, 2014 “Federated authorisation infrastructures […] build upon existing authorisation models […]. [They] provide the method through which large scale distributed access can be granted.”
  18. 18. Part 2
  19. 19. Overview
  20. 20. Target System
  21. 21. Target System Identity Provider Credential Issuing Policy User Attribute Repository Attributes Identity Provider Credential Validation Service Credential Validation Policy Credentials Service Provider Policy Decision Point Access Control Policy Valid Attributes
  22. 22. Adaptive Layer
  23. 23. Adaptive Layer Target System ProbesEffectors Monitor Triggers SAAF Controller Analyser SolutionsPlanner Executor Authorisation Infrastructure Model Behaviour Model
  24. 24. Architecture
  25. 25. Component
  26. 26. Component Sub-component
  27. 27. Identity Provider Server Identity Provider Server Authorisation Server Identity Provider Server Service Provider Server Roles/ Attributes Role/Attribute Adaptations SAML Assertion Subject Authentication Access Decision Access Request Subject Access Request
  28. 28. LDAP (Attribute Repository) SimpleSAMLPHP: Identity ProviderAttributes Identity Provider Server
  29. 29. Authorisation Server CVS PDP PERMIS Standalone SAAF Controller Access Events Policy Adaptations
  30. 30. ResourcesResources Policy Enforcement Point SimpleSAMLPHP: Service Provider Resources Service Provider Server
  31. 31. Planner Analyser Behaviour Model Authorisation Infrastructure Model Executor Asset Monitor Behaviour Gauges Identity Provider Authorisation Service Rules & Attributes Tailored Solutions Plan Get Behaviour Set BehaviourRBAC/ABAC Constructs Get Attributes Active Policies Access Requests/Decisions Attribute Assignment New Policies
  32. 32. Authorisation Model?
  33. 33. Attr3 Attr2 Attr1 Sub1 Sub2 Sub3 Sub4 IdP1 IdP2 Tgt1 Tgt2 Tgt3 Tgt4 Tgt5 Tgt6 Act1 Act2 Act3 Act4 Act5 Credential Validation Constraints Access Control Constraints Subject Attribute Assignments
  34. 34. Part 3
  35. 35. Initial Configuration
  36. 36. PERMIS AZ Policy <RoleAssignment ID="ContractorIdPAssignment"> <SubjectDomain ID="Contractor"/> <RoleList> <Role Type="permisRole" Value="Contractor"/> </RoleList> <Delegate Depth="0"/> <SOA ID="ContractIdP"/> <Validity/> </RoleAssignment> <TargetAccess ID="ContractPayroll"> <RoleList> <Role type="permisRole" Value="Contractor"/> </RoleList> <TargetList> <TargetDomain ID="PayrollSystem"/> <AllowedAction ID="getEmpPayslip"/> <AllowedAction ID="runPayroll"/> </TargetList> </TargetAccess>
  37. 37. SAAF Behaviour<BehaviourPolicy> <BaseTrigger ID="bt1"> <Subject/> <Provider/> <Attribute type="permisRole">Contractor</Attribute> <Target>PayrollSystem</Target> <Action>getEmpPayslip</Action> <Rate> <Threshold>5</Threshold> <Interval>1</Interval> <TimeScale>min</TimeScale> </Rate> </BaseTrigger> <CompositeTrigger ID="ct1"> <BasedTriggerID>bt1</BasedTriggerID> <Rate> <Threshold>4</Threshold> <Interval>1</Interval> <TimeScale>day</TimeScale> </Rate> </CompositeTrigger> </BehaviourPolicy>
  38. 38. SAAF Solutions (1) <SolutionPolicy> <Solution> <Action> <Operation>removeSubjectAttribute</Operation> </Action> <TriggerID>bt1</TriggerID> <TriggerID>ct1</TriggerID> </Solution> <Solution> <Action> <Operation>removeAttributePermission</Operation> </Action> <Action> <Operation>buildPolicy</Operation> </Action> <Action> <Operation>activatePolicy</Operation> </Action> <TriggerID>ct1</TriggerID> </Solution>
  39. 39. SAAF Solutions (2) <Solution> <Action> <Operation>removeAttributeAssignment</Operation> </Action> <Action> <Operation>buildPolicyFile</Operation> </Action> <Action> <Operation>activatePolicy</Operation> </Action> <TriggerID>ct1</TriggerID> </Solution> <Solution> <Action> <Operation>deactivatePolicy</Operation> </Action> <TriggerID>ct1</TriggerID> </Solution> </SolutionPolicy>
  40. 40. Runtime Adaptation
  41. 41. bt1 ct1 AnalyserPlanner Executor Monitor Target System bt1 S1 S1 S1 ct1 S1,S2,S3,S4 S2 S2
  42. 42. LDAP directory
  43. 43. PERMIS AZ Policy <RoleAssignment ID="ContractorIdPAssignment"> <SubjectDomain ID="Contractor"/> <RoleList> <Role Type="permisRole" Value="Contractor"/> </RoleList> <Delegate Depth="0"/> <SOA ID="ContractIdP"/> <Validity/> </RoleAssignment> Before adaptation (excerpt)
  44. 44. PERMIS AZ Policy <RoleAssignment ID="ContractorIdPAssignment"> <SubjectDomain ID="Contractor"/> <RoleList/> <Delegate Depth="0"/> <SOA ID="ContractIdP"/> <Validity/> </RoleAssignment> After adaptation (excerpt)
  45. 45. Part 4
  46. 46. Validating Solutions Verification Analysis Planning SAAF ControllerRBAC1 RBAC2 RBAC3 RBAC1 RBAC2 RBAC S1, S2, S3 RBAC1 isVerified
  47. 47. Model Validation LDAP PERMIS RBAC CONSTRAINTS RBACDSML
  48. 48. rbacDSML MM
  49. 49. Constraint Verification (OCL) constraint rbacDSML::Granted inv: self.rbacRole −>closure(parent).permission −>union (self.rbacRole.permission) −> includesAll(self.resource.permission)
  50. 50. Part 5
  51. 51. Planner Analyser Behaviour Model Authorisation Infrastructure Model Executor Asset Monitor Behaviour Gauges Identity Provider Authorisation Service Rules & Attributes Tailored Solutions Plan Get Behaviour Set BehaviourRBAC/ABAC Constructs Get Attributes Active Policies Access Requests/Decisions Attribute Assignment New Policies
  52. 52. Model Repair Verification and repair Analysis Planning SAAF ControllerRBAC1 RBAC2 RBAC3 RBAC1_r RBAC2 RBAC S1, S2, S3 RBAC1_r RBAC1_r RBAC2
  53. 53. Model Repair LDAP PERMIS RBAC CONSTRAINTS RBACDSML
  54. 54. Just One More Thing…
  55. 55. https://saaf- resource.kent.ac.uk/ game/index.php
  56. 56. Thank You
  57. 57. References • C. Bailey, D. W. Chadwick, and R. de Lemos, “Self-adaptive federated authorization infrastructures,” Journal of Computer and System Sciences, vol. 80, no. 5, pp. 935–952, Aug. 2014. • C. Bailey, L. Montrieux, R. de Lemos, Y. Yu, and M. Wermelinger, “Run- time generation, transformation, and verification of access control models for self-protection,” in SEAMS’14: 9th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, Hyderabad, India, 2014. • B. H. C. Cheng, R. de Lemos, H. Giese, P. Inverardi, J. Magee, J. Andersson, B. Becker, N. Bencomo, Y. Brun, B. Cukic, G. D. M. Serugendo, S. Dustdar, A. Finkelstein, C. Gacek, K. Geihs, V. Grassi, G. Karsai, H. M. Kienle, J. Kramer, M. Litoiu, S. Malek, R. Mirandola, H. A. Müller, S. Park, M. Shaw, M. Tichy, M. Tivoli, D. Weyns, and J. Whittle, “Software Engineering for Self-Adaptive Systems: A Research Roadmap,” in Software Engineering for Self-Adaptive Systems, B. H. C. Cheng, R. de Lemos, H. Giese, P. Inverardi, and J. Magee, Eds. Springer Berlin Heidelberg, 2009, pp. 1–26 • S. Sinclair, S. W. Smith, S. Trudeau, M. E. Johnson, and A. Portera, “Information Risk in Financial Institutions: Field Study and Research Roadmap,” in Enterprise Applications and Services in the Finance Industry, D. J. Veit, D. Kundisch, T. Weitzel, C. Weinhardt, F. A. Rabhi, and F. Rajola, Eds. Springer Berlin Heidelberg, 2007, pp. 165– 180.
  58. 58. Image Credits • All screen captures are from the film “Monthy Python and the Holy Grail” (1975) • Snakes and Ladders, Len Matthews, CC by-nd 2.0 https://goo.gl/3j3KF4

×