Download to read offline
Uploaded byPrajit Kumar Das
Capturing policies for fine-grained access control on mobile devices
The document introduces Mithril, a framework developed for fine-grained, context-sensitive access control policies on mobile devices, utilizing semantic web technologies. It highlights the importance of user-preferred policy capture and policy enforcement, as well as various rule representations and learning mechanisms. Future work includes validating violation metrics and exploring machine learning for policy generation.
Capturing policies for fine-grained access control on mobile devices
- 1. Capturing policies forfine grained access control on mobile devices PRAJIT KUMAR DAS, ANUPAM JOSHI, TIM FININ UMBC ebiquity lab
- 2. We present MITHRIL,a framework for capturing user access control policies that are fine-grained, context-sensitive and are represented using Semantic Web technologies and thereby manages access control decisions for user data on mobile devices. Motivation Android image source courtesy: Aha-Soft 2
- 3. Related Work • PolicyEngineering: Requires substantial technical knowledge, understanding of access control issues (Feltus’08) • Most people are ‘Privacy Pragmatists’ (Kumaraguru’05) • Convergence of Enterprise usage and personal usage due to BYOD adoption (Kodeswaran, Chakraborty et. al.’13) • Users unsure of policy (Benisch, Sadeh’11) • Privacy profiles used for user preferences (Liu et. al.’14) 3
- 4. Image courtesy: AndroidApp Market 4
- 5. Image courtesy: AndroidApp Market 5
- 6. Image courtesy: AndroidApp Market 6
- 7. Contributions MITHRIL has threekey contributions • Policy representation • Expressing policy rules: extensible & expressive semantic model • RDF/OWL allows easy reuse/integration with concepts from DBpedia, Linked Data, schema.org,etc. • User-preferred & specific policy capture • Policy enforcement 7
- 8.
- 9.
- 10.
- 11. • Semantic WebRule Language • antecedent => consequent • Attribute-Based Access Control model • Context pieces as attributes Rule representation 11
- 12. Rule representation A1: RequesterInfo= Facebook & A2: UserActivity = Work & A3: UserLocation = Office & A4: UserTime = Working hours on Week day & A5: ProtectedResource = Location -> C1: Prohibit When at work Professors do not share their location in FB Image courtesy: www.phdcomics.com 12
- 13. Image courtesy: www.phdcomics.comGenericRule: Professors do not share their location on FB During lunch Professor Smith shares location This is Prof. Smith. He likes to check in to FB during lunch. 13 Rule learning
- 14. When out tolunch Professor Smith shares location with students if he has lunch scheduled with them and he is in town 14 Rule Learning – User Feedback Capture
- 15. Image courtesy: www.phdcomics.com 15 Thisis Prof. Smith. Good policy The system either knows all his policies or it does not! Violation Metric
- 16. Image courtesy: www.phdcomics.com 16 Badpolicy The system either knows all his policies or it does not! Violation Metric
- 17. False violation: Usecases • Rule requires • Deletion • Antecedent generalization • Antecedent specialization • Delete conditions • Add conditions 17
- 18.
- 19. Emulating XPrivacy 19 Source: http://www.xprivacy.eu/ License:GNU General Public License version 3
- 20. Future Work • Moreexperiments validating violation metric • Finer granularity capture of policy violation • Possible predictive model for policy generation • Using machine learning to generate policies • Inducing policy using logic programming 20
- 21. Conclusion We presented MITHRIL •Framework for capturing ABAC access control policies • User-preferred & specific policy capture • Fine-grained, context-sensitive • Uses Semantic Web technologies • Policy enforcement 21 UMBC ebiquity lab
Editor's Notes
- #4 Most people are ‘Privacy Pragmatists’ who, while concerned about privacy, will sometimes trade it off for other benefits” Since the late 1970’s Dr. Alan Westin has conducted over 30 privacy surveys. For each of his surveys, Westin has created one or more Privacy Indexes to summarize his results and to show trends in privacy concerns. One such survey conducted in 2003 concluded that people would trade off privacy when they get other benefits. As per Westin/Harris Privacy Segmentation Model basic privacy groups are * fundamentalist: very high privacy concern. Passionate about what they [see] as business threats to their consumer privacy, and [favor] active government regulation of business and information practices * pragmatist: middle group with balanced privacy attitudes. Ask what benefits they get as consumers in sharing their personal information to balance against risks to their privacy interests, and they usually favor a mixture of government and private solutions. * unconcerned: little to no concern about consumer privacy issues.
- #5 Why should we care? Apps collect user data Emails, Messages, Documents, Sensor data – Highly Personal Data Can’t App permissions handle privacy and security of data? App permissions – “Take it or leave it” Is user okay with sharing location in public place not private place, no way to control that Use Privacy and Security module to implement context-dependent Rules
- #6 Why should we care? Apps collect user data Emails, Messages, Documents, Sensor data – Highly Personal Data Can’t App permissions handle privacy and security of data? App permissions – “Take it or leave it” Is user okay with sharing location in public place not private place, no way to control that Use Privacy and Security module to implement context-dependent Rules
- #7 Why should we care? Apps collect user data Emails, Messages, Documents, Sensor data – Highly Personal Data Can’t App permissions handle privacy and security of data? App permissions – “Take it or leave it” Is user okay with sharing location in public place not private place, no way to control that Use Privacy and Security module to implement context-dependent Rules
- #8 A key idea is expressing policy rules in an extensible and expressive semantic model and RDF/OWL is a good standard to support this Using RDF/OWL allows easy reuse/integration with concepts from common semantic models, including DBpedia, Linked Data, schema.org, etc. An access-control policy representation technique using an ontology to model high-level semantic context on a mobile device. A framework for policy capture and using our VM metric to determine transitional state for MITHRIL. Access control decision handling and policy enforcement.
- #14 Graduate students have a policy P for lunch hour If location not school don’t share lunch location with people from school Dan is a graduate student at UMBC Dan frequently has lunches with professors and students from school He modifies the policy rule that applies to lunch hours to lunch location shareable if in presence of people from school Thus we learn the specific policy P′ of Dan (who belongs to Graduate Student Group)
- #15 We use an ontology to provide users with contextual options for choosing the conditions of a rule User feedback app uses feedback algorithm for rule refinement. Choices are to generalize or specialize rules.
- #16 VM = TV / (FV + TV) Transitional marker
- #17 VM = TV / (FV + TV) Transitional marker
- #18 VM = TV / (FV + TV) Transitional marker
- #20 The plan is to extend XPrivacy to be able to handle rules defined by us and have an API mechanism to allow such an execution. Mention that the solutions do not have contextual policies which you will bring in. Extend system to incorporate rule firing API Ensure contextual rule firing Ensure energy-efficient rule firing
- #23 Norman Sadeh and his group from CMU have done substantial work with capturing user preferences. They captured location preferences of the user and used various learning techniques to boost their results. They observed that once some user feedback has been obtained, learning algorithms were better at predicting what the user’s rules would be. They also observed that user’s keep on switching between their preferences of sharing and not-sharing. Essentially concluding user’s were bad at predicting their own rules. We intend to use an ontology driven approach at capturing user feedback. We want to show that the when presented with fine-grained context-dependent rules and observed rule violations, users will be able to better predict their preferences.
- #24 Other learning techniques have also been adopted in predicting the user’s intended choices which include decision trees to assist in predicting meeting timings in a calendar application, inductive logic programming to predict user behavior and carry our probabilistic rule learning. Inductive logic programming was used by corapi in an attempt to learn user behavior and later for rule learning in a planning scenario. He shows how one might be able to induce rules for user behavior. In the planning work he uses probabilities for rules and a knowledge base to minimize the error between target probability and entailed probability. Although his work started with a claim of learning privacy rules he did not complete his implementation for the domain due to the complexity and scalability issues of his method. In another work done by Tom Mitchell, decision trees were used in creating a smart assistant who predicts the meeting preferences of the user but required significant user input at times. In a third work Joseph Halpern used First order logic to reason about policies. However, he acknowledged that when using first-order logic we reach a point where the problem becomes intractable as because we have to prove validity of a first-order formula which is an undecidable problem. They also do not discuss any kind of performance or accuracy measure.