Uploaded bychugreev777
PDF, PPTX22 views

Role-­‐Based Access Control - Basic RBAC Illustrated

RBAC System and Administra?ve Func?onal Specifica?on • Three categories of features/func?ons: – Administra8ve func8ons: create, delete, maintain RBAC elements and rela?ons – Suppor8ng system func8ons: session management, access control decisions – Review func8ons: query opera?ons on RBAC elements and rela?ons • Four components: Core RBAC, Hierarchical RBAC, Sta?c and Dynamic Separa?on of Duty (SSD, DSD)

Embed presentation

Download as PDF, PPTX
Role-­‐Based  Access  Control   CS461/ECE422   Spring  2012  
Reading  Material   • Chapter  4,  sec?ons  4.5  and  4.6   • [SFK00]  
DAC  vs  RBAC   • DAC   – Users,  Groups  à  Permissions   • RBAC   – Roles  à  Permissions   – Users  à  Roles   – Many-­‐to-­‐many  rela?ons   • Difference  between  groups  and  roles?   – Groups:  collec?on  of  users   – Roles:   • collec?on  of  permissions  and/or  users,  and  possibly  other   roles  [S96]   • job  func?on  within  an  organiza?on  [text]  
Basic  RBAC  Illustrated   Role  1   Role  2   Role  3   Users   Roles   Permissions   (Objects)   Rela8ons:   User   Assignment  (UA)   Permission   Assignment  (PA)  
Access  Matrix  Representa?on   (Users,  Roles)   (Roles,  Objects)   -­‐  Similar  to  DAC  ACM   -­‐  Roles  can  be   Objects  
RBAC  Reference  Models  [SCFY96]   • RBAC0   – Minimum  func?onality   • RBAC1   – RBAC0  +  Role  hierarchies   • RBAC2   – RBAC0  +  Constraints   • RBAC3   – RBAC0  +  RBAC1  +  RBAC2  
RBAC0  –  Base   • Users:  individuals  with  access  to  the  system   • Role:  named  job  func?on  within  the  org   • Permission:  approval  of  a  par?cular  mode  of  access  to  objects   • Session:  mapping  between  a  user  and  a  subset  of  roles  
RBAC1  –  Role  Hierarchies   • Reflect  hierarchical  structure  of  roles  in  org   • Mathema?cally,  par?al  order  (reflexive,   transi?ve,  an?-­‐symmetric)   Example  of  Role  Hierarchy   Limi?ng  the  scope  of  inheritance:   Role  Hierarchy  with  private  roles  
RBAC2  –  Constraints   • Reflect  higher-­‐level  organiza?onal  policy   • Mutually  exclusive  roles  (U  à  R  and  R  à  P)   • Cardinality  –  maximum  number  with  respect   to  role   • Prerequisite  –  can  assign  role  only  if  already   assigned  prerequisite  role   – Remember,  no  hierarchies  in  RBAC2  
RBAC3  –  Consolidated  Model  
NIST  RBAC  Model  [SFK00]   • RBAC  System  and  Administra?ve  Func?onal   Specifica?on   • Three  categories  of  features/func?ons:   – Administra8ve  func8ons:  create,  delete,  maintain   RBAC  elements  and  rela?ons   – Suppor8ng  system  func8ons:  session  management,   access  control  decisions   – Review  func8ons:  query  opera?ons  on  RBAC   elements  and  rela?ons   • Four  components:  Core  RBAC,  Hierarchical  RBAC,   Sta?c  and  Dynamic  Separa?on  of  Duty  (SSD,  DSD)  
Core  RBAC   • Same  as  RBAC0  (users,  roles,  permissions,  sessions)   – Object:  any  resource   – Opera?on:  executable  image  of  a  program   – Permission:  approval  to  perform  an   opera/on  on  object(s)     • Administra8ve  func8ons:  add/delete  users  and  roles,  create/delete  user-­‐ to-­‐role  and  permission-­‐to-­‐role  assignments   • Suppor8ng  system  func8ons:  session  ß  create,  add/delete  role,  check   permission   • Review  func8ons:  enable  admin.  to  view  en?re  model  
Hierarchical  RBAC   • Similar  to  RBAC1   • r1  is  a  descendant  of  r2  if:   – r1  includes  all  permissions  from  r2   – All  users  assigned  to  r1  are  also  assigned  to  r2   • General  role  hierarchies   – Arbitrary  par?al  order,  mul?ple  inheritance   • Limited  role  hierarchies   – Tree  structure,  single  descendant  allowed     • Administra8ve  func8ons:  add/delete  immediate  inheritance  rela?onship,   create  new  role  and  add  it  as  ascendant  or  descendant   • Review  func8ons:  enable  admin.  to  view  users/permissions  directly  or  by   inheritance.  
Sta?c  Separa?on  of  Duty  (SSD)   • Prevents  conflict  of  interest   • Cardinality  constraint  on  a  set  of  roles   – SSD  :=  (role  set,  n)  where  no  user  is  assigned  to  n   or  more  roles  from  the  role  set   • Mutual  exclusive  roles  as  a  special  case:   – SSD  :=  ({r1,  r2},  2)     • Administra8ve  func8ons:  create/delete  role  sets,  add/delete  role   members   • Review  func8ons:  view  proper?es  of  SSD  sets  
Dynamic  Separa?on  of  Duty  (DSD)   • Similar  to  SSD,  but  ac?vated  within  sessions   • Typically  for  temporal  conflicts  of  interest   • Defini?on   – DSD  :=  (role  set,  n)  (n≥2)  no  user  session  may   ac?vate  ≥n  roles  from  role  set   • Example:  Author  and  PC  member  (conference)   • Administra?ve  and  review  func?ons:  similar  to  SSD  
Unspecified  by  NIST  RBAC   • Scalability   • Authen?ca?on   • Nega?ve  permissions   • Nature  of  permissions   • Discre?onary  role  ac?va?on   • Role  engineering   • Constraints   • RBAC  administra?on   • Role  revoca?on  
NIST  Model  Revisited  
Role  Engineering  (RE)   • Defini?on  of  roles  can  be  difficult;  essen?ally  a   requirements  engineering  process   • RE  is  required  to  implement  an  abstract  model   • Basic  process  [C96]   • Role  predic?on  [Z+11]   – Use  sta?s?cal  models  to  analyze  audit  logs   – Predict  roles,  detect  anomalies   – Refine  roles  (generalize  or  split)   collect   ac?vi?es   group  into   clusters   name   clusters   describe   remove   duplicates   iden?fy  minimal  set   of  permissions   simulate   ac?vi?es   role   candidates  
Case  Study:  RBAC  for  a  Bank  [SMJ01]   • Prior  to  1990  used  local  access  control  files   – manually  administered  for  each  user,  applica?on,   and  host  à  administra?ve  overhead,  error-­‐prone   • Implemented  RBAC  scheme  (Authoriza?on)   • Applica?ons  no  longer  make  AC  decisions;   query  Authoriza?on  for  a  security  profile   instead   • Role  :=  (official  posi?on,  job  func?on)   – (different  from  NIST  RBAC)  
Architecture   Authoriza8on  
Role  Administra?on  
Numbers   • 65  official  posi?ons,  368  job  func?ons   • 50,659  employees   • 1300  roles  (poten?ally  23,920)   – Agrees  with  es?mate  –  #roles  is  3-­‐4%  of  #users   • 42,000  security  profiles  distributed  daily  
Key  Points   • Roles  are  collec?ons  of  permissions,  users,   and  possibly  other  roles  (many-­‐to-­‐many)   • Role  hierarchies  simplify  RBAC  management   and  can  be  derived  from  org  structure   • Constraints  prevent  conflict  of  interest   • RBAC  implementa?ons  simplify  access  control   but  may  require  role  engineering  
References   • [SCFY96]  Sandhu,  R.,  et  al.  “Role-­‐Based  Access  Control  Models.”  Computer,   1994.   • [S96]  Sandhu,  R.  Roles  versus  groups.  In  Proceedings  of  the  first  ACM   Workshop  on  Role-­‐based  access  control  (RBAC  '95)   • [SFK00]  Sandhu,  R.,  Ferraiolo,  D.F.  and  Kuhn,  D.R.  (July  2000).   "The  NIST  Model  for  Role  Based  Access  Control:  Toward  a  Unified  Standard".   5th  ACM  Workshop  Role-­‐Based  Access  Control  (RBAC  ‘00)   • [C96]  Coyne,  E.  Role  engineering.  In  Proceedings  of  the  first  ACM  Workshop  on   Role-­‐based  access  control  (RBAC  '95)   • [Z+11]  Role  Predic?on  using  Electronic  Medical  Record  System  Audits   Wen  Zhang,  Carl  A.  Gunter,  David  Liebovitz,  Jian  Tian,  and  Bradley  Malin   AMIA  2011  Annual  Symposium,  Washington,  DC,  October  2011   • [SMJ01]  Andreas  Schaad,  Jonathan  Moffey,  and  Jeremy  Jacob.  2001.   The  role-­‐based  access  control  system  of  a  European  bank:  a  case  study  and   discussion.  In  Proceedings  of  the  sixth  ACM  symposium  on  Access  control   models  and  technologies  (SACMAT  '01)  

More Related Content

PDF
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
byOECD Directorate for Financial and Enterprise Affairs
 
PDF
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
bySocialHRCamp
 
PDF
Storytelling For The Web: Integrate Storytelling in your Design Process
byChiara Aliotta
 
PDF
2024 State of Marketing Report – by Hubspot
byMarius Sescu
 
PDF
2024 Trend Updates: What Really Works In SEO & Content Marketing
bySearch Engine Journal
 
PDF
Everything You Need To Know About ChatGPT
byExpeed Software
 
PDF
Product Design Trends in 2024 | Teenage Engineerings
byPixeldarts
 
PDF
How Race, Age and Gender Shape Attitudes Towards Mental Health
byThinkNow
 
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
byOECD Directorate for Financial and Enterprise Affairs
 
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
bySocialHRCamp
 
Storytelling For The Web: Integrate Storytelling in your Design Process
byChiara Aliotta
 
2024 State of Marketing Report – by Hubspot
byMarius Sescu
 
2024 Trend Updates: What Really Works In SEO & Content Marketing
bySearch Engine Journal
 
Everything You Need To Know About ChatGPT
byExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
byPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
byThinkNow
 

Featured

PDF
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
bymarketingartwork
 
PDF
Skeleton Culture Code
bySkeleton Technologies
 
PDF
PEPSICO Presentation to CAGNY Conference Feb 2024
byNeil Kimberley
 
PDF
Content Methodology: A Best Practices Report (Webinar)
bycontently
 
PPTX
How to Prepare For a Successful Job Search for 2024
byAlbert Qian
 
PDF
Social Media Marketing Trends 2024 // The Global Indie Insights
byKurio // The Social Media Age(ncy)
 
PDF
Trends In Paid Search: Navigating The Digital Landscape In 2024
bySearch Engine Journal
 
PDF
5 Public speaking tips from TED - Visualized summary
bySpeakerHub
 
PDF
ChatGPT and the Future of Work - Clark Boyd
byClark Boyd
 
PDF
Getting into the tech field. what next
byTessa Mero
 
PDF
Google's Just Not That Into You: Understanding Core Updates & Search Intent
byLily Ray
 
PDF
How to have difficult conversations
byRajiv Jayarajah, MAppComm, ACC
 
PDF
Introduction to Data Science
byChristy Abraham Joy
 
PDF
Time Management & Productivity - Best Practices
byVit Horky
 
PDF
The six step guide to practical project management
byMindGenius
 
PDF
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
byRachelPearson36
 
PDF
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
byApplitools
 
PDF
12 Ways to Increase Your Influence at Work
byGetSmarter
 
PDF
ChatGPT webinar slides
byAlireza Esmikhani
 
PDF
More than Just Lines on a Map: Best Practices for U.S Bike Routes
byProject for Public Spaces & National Center for Biking and Walking
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
bymarketingartwork
 
Skeleton Culture Code
bySkeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
byNeil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
bycontently
 
How to Prepare For a Successful Job Search for 2024
byAlbert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
byKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
bySearch Engine Journal
 
5 Public speaking tips from TED - Visualized summary
bySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
byClark Boyd
 
Getting into the tech field. what next
byTessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
byLily Ray
 
How to have difficult conversations
byRajiv Jayarajah, MAppComm, ACC
 
Introduction to Data Science
byChristy Abraham Joy
 
Time Management & Productivity - Best Practices
byVit Horky
 
The six step guide to practical project management
byMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
byRachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
byApplitools
 
12 Ways to Increase Your Influence at Work
byGetSmarter
 
ChatGPT webinar slides
byAlireza Esmikhani
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
byProject for Public Spaces & National Center for Biking and Walking
 

Role-­‐Based Access Control - Basic RBAC Illustrated

  • 1.
    Role-­‐Based  Access  Control   CS461/ECE422   Spring  2012  
  • 2.
    Reading  Material   •Chapter  4,  sec?ons  4.5  and  4.6   • [SFK00]  
  • 3.
    DAC  vs  RBAC   • DAC   – Users,  Groups  à  Permissions   • RBAC   – Roles  à  Permissions   – Users  à  Roles   – Many-­‐to-­‐many  rela?ons   • Difference  between  groups  and  roles?   – Groups:  collec?on  of  users   – Roles:   • collec?on  of  permissions  and/or  users,  and  possibly  other   roles  [S96]   • job  func?on  within  an  organiza?on  [text]  
  • 4.
    Basic  RBAC  Illustrated   Role  1   Role  2   Role  3   Users   Roles   Permissions   (Objects)   Rela8ons:   User   Assignment  (UA)   Permission   Assignment  (PA)  
  • 5.
    Access  Matrix  Representa?on   (Users,  Roles)   (Roles,  Objects)   -­‐  Similar  to  DAC  ACM   -­‐  Roles  can  be   Objects  
  • 6.
    RBAC  Reference  Models  [SCFY96]   • RBAC0   – Minimum  func?onality   • RBAC1   – RBAC0  +  Role  hierarchies   • RBAC2   – RBAC0  +  Constraints   • RBAC3   – RBAC0  +  RBAC1  +  RBAC2  
  • 7.
    RBAC0  –  Base   • Users:  individuals  with  access  to  the  system   • Role:  named  job  func?on  within  the  org   • Permission:  approval  of  a  par?cular  mode  of  access  to  objects   • Session:  mapping  between  a  user  and  a  subset  of  roles  
  • 8.
    RBAC1  –  Role  Hierarchies   • Reflect  hierarchical  structure  of  roles  in  org   • Mathema?cally,  par?al  order  (reflexive,   transi?ve,  an?-­‐symmetric)   Example  of  Role  Hierarchy   Limi?ng  the  scope  of  inheritance:   Role  Hierarchy  with  private  roles  
  • 9.
    RBAC2  –  Constraints   • Reflect  higher-­‐level  organiza?onal  policy   • Mutually  exclusive  roles  (U  à  R  and  R  à  P)   • Cardinality  –  maximum  number  with  respect   to  role   • Prerequisite  –  can  assign  role  only  if  already   assigned  prerequisite  role   – Remember,  no  hierarchies  in  RBAC2  
  • 10.
  • 11.
    NIST  RBAC  Model  [SFK00]   • RBAC  System  and  Administra?ve  Func?onal   Specifica?on   • Three  categories  of  features/func?ons:   – Administra8ve  func8ons:  create,  delete,  maintain   RBAC  elements  and  rela?ons   – Suppor8ng  system  func8ons:  session  management,   access  control  decisions   – Review  func8ons:  query  opera?ons  on  RBAC   elements  and  rela?ons   • Four  components:  Core  RBAC,  Hierarchical  RBAC,   Sta?c  and  Dynamic  Separa?on  of  Duty  (SSD,  DSD)  
  • 12.
    Core  RBAC   •Same  as  RBAC0  (users,  roles,  permissions,  sessions)   – Object:  any  resource   – Opera?on:  executable  image  of  a  program   – Permission:  approval  to  perform  an   opera/on  on  object(s)     • Administra8ve  func8ons:  add/delete  users  and  roles,  create/delete  user-­‐ to-­‐role  and  permission-­‐to-­‐role  assignments   • Suppor8ng  system  func8ons:  session  ß  create,  add/delete  role,  check   permission   • Review  func8ons:  enable  admin.  to  view  en?re  model  
  • 13.
    Hierarchical  RBAC   •Similar  to  RBAC1   • r1  is  a  descendant  of  r2  if:   – r1  includes  all  permissions  from  r2   – All  users  assigned  to  r1  are  also  assigned  to  r2   • General  role  hierarchies   – Arbitrary  par?al  order,  mul?ple  inheritance   • Limited  role  hierarchies   – Tree  structure,  single  descendant  allowed     • Administra8ve  func8ons:  add/delete  immediate  inheritance  rela?onship,   create  new  role  and  add  it  as  ascendant  or  descendant   • Review  func8ons:  enable  admin.  to  view  users/permissions  directly  or  by   inheritance.  
  • 14.
    Sta?c  Separa?on  of  Duty  (SSD)   • Prevents  conflict  of  interest   • Cardinality  constraint  on  a  set  of  roles   – SSD  :=  (role  set,  n)  where  no  user  is  assigned  to  n   or  more  roles  from  the  role  set   • Mutual  exclusive  roles  as  a  special  case:   – SSD  :=  ({r1,  r2},  2)     • Administra8ve  func8ons:  create/delete  role  sets,  add/delete  role   members   • Review  func8ons:  view  proper?es  of  SSD  sets  
  • 15.
    Dynamic  Separa?on  of  Duty  (DSD)   • Similar  to  SSD,  but  ac?vated  within  sessions   • Typically  for  temporal  conflicts  of  interest   • Defini?on   – DSD  :=  (role  set,  n)  (n≥2)  no  user  session  may   ac?vate  ≥n  roles  from  role  set   • Example:  Author  and  PC  member  (conference)   • Administra?ve  and  review  func?ons:  similar  to  SSD  
  • 16.
    Unspecified  by  NIST  RBAC   • Scalability   • Authen?ca?on   • Nega?ve  permissions   • Nature  of  permissions   • Discre?onary  role  ac?va?on   • Role  engineering   • Constraints   • RBAC  administra?on   • Role  revoca?on  
  • 17.
  • 18.
    Role  Engineering  (RE)   • Defini?on  of  roles  can  be  difficult;  essen?ally  a   requirements  engineering  process   • RE  is  required  to  implement  an  abstract  model   • Basic  process  [C96]   • Role  predic?on  [Z+11]   – Use  sta?s?cal  models  to  analyze  audit  logs   – Predict  roles,  detect  anomalies   – Refine  roles  (generalize  or  split)   collect   ac?vi?es   group  into   clusters   name   clusters   describe   remove   duplicates   iden?fy  minimal  set   of  permissions   simulate   ac?vi?es   role   candidates  
  • 19.
    Case  Study:  RBAC  for  a  Bank  [SMJ01]   • Prior  to  1990  used  local  access  control  files   – manually  administered  for  each  user,  applica?on,   and  host  à  administra?ve  overhead,  error-­‐prone   • Implemented  RBAC  scheme  (Authoriza?on)   • Applica?ons  no  longer  make  AC  decisions;   query  Authoriza?on  for  a  security  profile   instead   • Role  :=  (official  posi?on,  job  func?on)   – (different  from  NIST  RBAC)  
  • 21.
  • 22.
  • 23.
    Numbers   • 65  official  posi?ons,  368  job  func?ons   • 50,659  employees   • 1300  roles  (poten?ally  23,920)   – Agrees  with  es?mate  –  #roles  is  3-­‐4%  of  #users   • 42,000  security  profiles  distributed  daily  
  • 24.
    Key  Points   •Roles  are  collec?ons  of  permissions,  users,   and  possibly  other  roles  (many-­‐to-­‐many)   • Role  hierarchies  simplify  RBAC  management   and  can  be  derived  from  org  structure   • Constraints  prevent  conflict  of  interest   • RBAC  implementa?ons  simplify  access  control   but  may  require  role  engineering  
  • 25.
    References   • [SCFY96]  Sandhu,  R.,  et  al.  “Role-­‐Based  Access  Control  Models.”  Computer,   1994.   • [S96]  Sandhu,  R.  Roles  versus  groups.  In  Proceedings  of  the  first  ACM   Workshop  on  Role-­‐based  access  control  (RBAC  '95)   • [SFK00]  Sandhu,  R.,  Ferraiolo,  D.F.  and  Kuhn,  D.R.  (July  2000).   "The  NIST  Model  for  Role  Based  Access  Control:  Toward  a  Unified  Standard".   5th  ACM  Workshop  Role-­‐Based  Access  Control  (RBAC  ‘00)   • [C96]  Coyne,  E.  Role  engineering.  In  Proceedings  of  the  first  ACM  Workshop  on   Role-­‐based  access  control  (RBAC  '95)   • [Z+11]  Role  Predic?on  using  Electronic  Medical  Record  System  Audits   Wen  Zhang,  Carl  A.  Gunter,  David  Liebovitz,  Jian  Tian,  and  Bradley  Malin   AMIA  2011  Annual  Symposium,  Washington,  DC,  October  2011   • [SMJ01]  Andreas  Schaad,  Jonathan  Moffey,  and  Jeremy  Jacob.  2001.   The  role-­‐based  access  control  system  of  a  European  bank:  a  case  study  and   discussion.  In  Proceedings  of  the  sixth  ACM  symposium  on  Access  control   models  and  technologies  (SACMAT  '01)