Successfully reported this slideshow.
Your SlideShare is downloading. ×

Capturing policies for fine-grained access control on mobile devices

Ad

Capturing policies for fine
grained access control
on mobile devices
PRAJIT KUMAR DAS, ANUPAM JOSHI, TIM FININ
UMBC ebiqui...

Ad

We present MITHRIL, a framework for
capturing user access control policies that
are fine-grained, context-sensitive and ar...

Ad

Related Work
• Policy Engineering: Requires substantial technical knowledge,
understanding of access control issues (Feltu...

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Check these out next

1 of 21 Ad
1 of 21 Ad

Capturing policies for fine-grained access control on mobile devices

Download to read offline

As of 2016, there are more mobile devices than humans on earth. Today, mobile devices are a critical part of our lives and often hold sensitive corporate and personal data. As a result, they are a lucrative target for attackers, and managing data privacy and security on mobile devices has become a vital issue. Existing access control mechanisms in most devices are restrictive and inadequate. They do not take into account the context of a device and its user when making decisions. In many cases, the access granted to a subject should change based on context of a device. Such fine-grained, context-sensitive access control policies have to be personalized too. In this paper, we present the MITHRIL system, that uses policies represented in Semantic Web technologies and captured using user feedback, to handle access control on mobile devices. We present an iterative feedback process to capture user specific policy. We also present a policy violation metric that allows us to decide when the capture process is complete.

As of 2016, there are more mobile devices than humans on earth. Today, mobile devices are a critical part of our lives and often hold sensitive corporate and personal data. As a result, they are a lucrative target for attackers, and managing data privacy and security on mobile devices has become a vital issue. Existing access control mechanisms in most devices are restrictive and inadequate. They do not take into account the context of a device and its user when making decisions. In many cases, the access granted to a subject should change based on context of a device. Such fine-grained, context-sensitive access control policies have to be personalized too. In this paper, we present the MITHRIL system, that uses policies represented in Semantic Web technologies and captured using user feedback, to handle access control on mobile devices. We present an iterative feedback process to capture user specific policy. We also present a policy violation metric that allows us to decide when the capture process is complete.

Advertisement
Advertisement

More Related Content

Advertisement

Capturing policies for fine-grained access control on mobile devices

  1. 1. Capturing policies for fine grained access control on mobile devices PRAJIT KUMAR DAS, ANUPAM JOSHI, TIM FININ UMBC ebiquity lab
  2. 2. We present MITHRIL, a framework for capturing user access control policies that are fine-grained, context-sensitive and are represented using Semantic Web technologies and thereby manages access control decisions for user data on mobile devices. Motivation Android image source courtesy: Aha-Soft 2
  3. 3. Related Work • Policy Engineering: Requires substantial technical knowledge, understanding of access control issues (Feltus’08) • Most people are ‘Privacy Pragmatists’ (Kumaraguru’05) • Convergence of Enterprise usage and personal usage due to BYOD adoption (Kodeswaran, Chakraborty et. al.’13) • Users unsure of policy (Benisch, Sadeh’11) • Privacy profiles used for user preferences (Liu et. al.’14) 3
  4. 4. Image courtesy: Android App Market 4
  5. 5. Image courtesy: Android App Market 5
  6. 6. Image courtesy: Android App Market 6
  7. 7. Contributions MITHRIL has three key contributions • Policy representation • Expressing policy rules: extensible & expressive semantic model • RDF/OWL allows easy reuse/integration with concepts from DBpedia, Linked Data, schema.org,etc. • User-preferred & specific policy capture • Policy enforcement 7
  8. 8. System overview Observer mode 8
  9. 9. System overview Enforcer mode 9
  10. 10. System overview Enforcer mode 10
  11. 11. • Semantic Web Rule Language • antecedent => consequent • Attribute-Based Access Control model • Context pieces as attributes Rule representation 11
  12. 12. Rule representation A1: RequesterInfo = Facebook & A2: UserActivity = Work & A3: UserLocation = Office & A4: UserTime = Working hours on Week day & A5: ProtectedResource = Location -> C1: Prohibit When at work Professors do not share their location in FB Image courtesy: www.phdcomics.com 12
  13. 13. Image courtesy: www.phdcomics.comGeneric Rule: Professors do not share their location on FB During lunch Professor Smith shares location This is Prof. Smith. He likes to check in to FB during lunch. 13 Rule learning
  14. 14. When out to lunch Professor Smith shares location with students if he has lunch scheduled with them and he is in town 14 Rule Learning – User Feedback Capture
  15. 15. Image courtesy: www.phdcomics.com 15 This is Prof. Smith. Good policy The system either knows all his policies or it does not! Violation Metric
  16. 16. Image courtesy: www.phdcomics.com 16 Bad policy The system either knows all his policies or it does not! Violation Metric
  17. 17. False violation: Use cases • Rule requires • Deletion • Antecedent generalization • Antecedent specialization • Delete conditions • Add conditions 17
  18. 18. Experimental Results 18 Consistent feedback
  19. 19. Emulating XPrivacy 19 Source: http://www.xprivacy.eu/ License: GNU General Public License version 3
  20. 20. Future Work • More experiments validating violation metric • Finer granularity capture of policy violation • Possible predictive model for policy generation • Using machine learning to generate policies • Inducing policy using logic programming 20
  21. 21. Conclusion We presented MITHRIL • Framework for capturing ABAC access control policies • User-preferred & specific policy capture • Fine-grained, context-sensitive • Uses Semantic Web technologies • Policy enforcement 21 UMBC ebiquity lab

Editor's Notes

  • Most people are ‘Privacy Pragmatists’ who, while concerned about privacy, will sometimes trade it off for other benefits”

    Since the late 1970’s Dr. Alan Westin has conducted over 30 privacy surveys. For each of his surveys, Westin has created one or more Privacy Indexes to summarize his results and to show trends in privacy concerns. One such survey conducted in 2003 concluded that people would trade off privacy when they get other benefits.
    As per Westin/Harris Privacy Segmentation Model basic privacy groups are
    * fundamentalist: very high privacy concern. Passionate about what they [see] as business threats to their consumer privacy, and [favor] active government regulation of business and information practices
    * pragmatist: middle group with balanced privacy attitudes. Ask what benefits they get as consumers in sharing their personal information to balance against risks to their privacy interests, and they usually favor a mixture of government and private solutions.
    * unconcerned: little to no concern about consumer privacy issues.
  • Why should we care?
    Apps collect user data
    Emails, Messages, Documents, Sensor data – Highly Personal Data
    Can’t App permissions handle privacy and security of data?
    App permissions – “Take it or leave it”
    Is user okay with sharing location in public place not private place, no way to control that
    Use Privacy and Security module to implement context-dependent Rules
  • Why should we care?
    Apps collect user data
    Emails, Messages, Documents, Sensor data – Highly Personal Data
    Can’t App permissions handle privacy and security of data?
    App permissions – “Take it or leave it”
    Is user okay with sharing location in public place not private place, no way to control that
    Use Privacy and Security module to implement context-dependent Rules
  • Why should we care?
    Apps collect user data
    Emails, Messages, Documents, Sensor data – Highly Personal Data
    Can’t App permissions handle privacy and security of data?
    App permissions – “Take it or leave it”
    Is user okay with sharing location in public place not private place, no way to control that
    Use Privacy and Security module to implement context-dependent Rules
  • A key idea is expressing policy rules in an extensible and expressive  semantic model and RDF/OWL is a good standard to support this
    Using RDF/OWL allows easy reuse/integration with concepts from common semantic models, including DBpedia, Linked Data, schema.org, etc.

    An access-control policy representation technique using an ontology to model high-level semantic context on a mobile device.
    A framework for policy capture and using our VM metric to determine transitional state for MITHRIL.
    Access control decision handling and policy enforcement.
  • Graduate students have a policy P for lunch hour
    If location not school don’t share lunch location with people from school
    Dan is a graduate student at UMBC
    Dan frequently has lunches with professors and students from school
    He modifies the policy rule that applies to lunch hours to lunch location shareable if in presence of people from school
    Thus we learn the specific policy P′ of Dan (who belongs to Graduate Student Group)
  • We use an ontology to provide users with contextual options for choosing the conditions of a rule
    User feedback app uses feedback algorithm for rule refinement. Choices are to generalize or specialize rules.
  • VM = TV / (FV + TV)
    Transitional marker
  • VM = TV / (FV + TV)
    Transitional marker
  • VM = TV / (FV + TV)
    Transitional marker
  • The plan is to extend XPrivacy to be able to handle rules defined by us and have an API mechanism to allow such an execution.
    Mention that the solutions do not have contextual policies which you will bring in.

    Extend system to incorporate rule firing API
    Ensure contextual rule firing
    Ensure energy-efficient rule firing
  • Norman Sadeh and his group from CMU have done substantial work with capturing user preferences. They captured location preferences of the user and used various learning techniques to boost their results. They observed that once some user feedback has been obtained, learning algorithms were better at predicting what the user’s rules would be. They also observed that user’s keep on switching between their preferences of sharing and not-sharing. Essentially concluding user’s were bad at predicting their own rules. We intend to use an ontology driven approach at capturing user feedback. We want to show that the when presented with fine-grained context-dependent rules and observed rule violations, users will be able to better predict their preferences.
  • Other learning techniques have also been adopted in predicting the user’s intended choices which include decision trees to assist in predicting meeting timings in a calendar application, inductive logic programming to predict user behavior and carry our probabilistic rule learning. Inductive logic programming was used by corapi in an attempt to learn user behavior and later for rule learning in a planning scenario. He shows how one might be able to induce rules for user behavior. In the planning work he uses probabilities for rules and a knowledge base to minimize the error between target probability and entailed probability. Although his work started with a claim of learning privacy rules he did not complete his implementation for the domain due to the complexity and scalability issues of his method. In another work done by Tom Mitchell, decision trees were used in creating a smart assistant who predicts the meeting preferences of the user but required significant user input at times. In a third work Joseph Halpern used First order logic to reason about policies. However, he acknowledged that when using first-order logic we reach a point where the problem becomes intractable as because we have to prove validity of a first-order formula which is an undecidable problem. They also do not discuss any kind of performance or accuracy measure.

×